@@ -198,6 +198,7 @@ Validation factory consist of different validators and filters used to validate
198198* ` reverse ` , reverses the value (string or number) (UTF-8)
199199* ` coalesce(...) ` , if the value is nil, returns first non-nil value passed as arguments
200200* ` email() ` , validates that the value is email address
201+ * ` call(function) ` , validates / filters the value against custom inline validator / filter
201202* ` optional([default]) ` , stops validation if the value is empty string ` "" ` or ` nil ` and returns ` true ` , and either, ` default ` or ` value `
202203
203204#### Conditional Validation Factory Validators
@@ -299,6 +300,20 @@ function()
299300end
300301```
301302
303+ ### Custom (Inline) Validators and Filters
304+
305+ Sometimes you may just have one-off validators / filters that you are not using elsewhere, or that you just
306+ want to supply quickly an additional validator / filter for a specific case. To make that easy and straight
307+ forward, we introduced ` call ` factory method with ` lua-resty-validation ` 2.4. Here is an example:
308+
309+ ``` lua
310+ validation :call (function (value )
311+ -- now validate / filter the value, and return the results
312+ -- here we just return false (aka making validation to fail)
313+ return false
314+ end )(" Check this value"
315+ ```
316+
302317### Built-in Validator Extensions
303318
304319Currently ` lua-resty-validation ` has support for two extensions or plugins that you can enable:
@@ -307,7 +322,6 @@ Currently `lua-resty-validation` has support for two extensions or plugins that
307322* ` resty.validation.tz `
308323* ` resty.validation.utf8 `
309324
310-
311325These are something you can look at if you want to build your own validator extension. If you do
312326so, and think that it would be usable for others as well, mind you to send your extension as a pull-request
313327for inclusion in this project, thank you very much, ;-).
@@ -471,6 +485,31 @@ local validation = require "resty.validation"
471485local valid , ts = validation :utf8category (" LETTER_UPPERCASE" " TEST"
472486```
473487
488+ #### resty.validation.injection extension
489+
490+ This set of validators and filters is based on the great [ ` libinjection ` ] ( https://github.com/client9/libinjection )
491+ library by Nick Galbreath - a SQL / SQLI / XSS tokenizer parser analyzer. It needs my LuaJIT FFI wrapper
492+ [ ` lua-resty-injection ` ] ( https://github.com/bungle/lua-resty-injection ) to work. When the mentioned requirements
493+ are installed, the rest is easy. To use this extension, all you need to do is:
494+
495+ ``` lua
496+ require " resty.validation.injection"
497+ ```
498+
499+ It will monkey patch the adapters that it will provide in ` resty.validation ` , and those are currently:
500+
501+ * ` sqli ` , returns ` false ` if SQL injection was detected, otherwise returns ` true `
502+ * ` xss ` , returns ` false ` if Cross-Site Scripting injection was detected, otherwise returns ` true `
503+
504+ ##### Example
505+
506+ ``` lua
507+ require " resty.validation.injection"
508+ local validation = require " resty.validation"
509+ local valid , ts = validation .sqli (" test'; DELETE FROM users;"
510+ local valid , ts = validation .xss (" test <script>alert('XSS');</script>"
511+ ```
512+
474513## API
475514
476515I'm not going here for details for all the different validators and filters there is because they all follow the
0 commit comments