fix: only validate data from POST request body

[miguel-rn]

With the current data validation checks in the controllers, an empty POST request with valid GET parameters will cause the validation to pass. Since this data is always later fetched from the POST request body, it will be null and errors will be thrown.

[kenjis]

Thank you. You're correct. Using $this->validate() is not a good practice.

[datamweb]

@miguel-rn Thank you!

[miguel-rn]

I noticed a related issue in the docs, I will make a pull request to update.

[sammyskills]

This is good, but I have to ask.

Is it possible for a $_GET request to pass through a route defined as $_POST, i.e., $route->post() ?

[lonnieezell]

Not that I'm aware of. The only way I could see anything like that happening is if the route was defined with add() instead of specifying an HTTP method.

[kenjis]

$_GET is not related to GET request. It just stores Query String (?foo=bar) in the URI.
So yes, you can POST a request and set $_GET values.

[lonnieezell]

Sorry, I misread that. You're correct.

[sammyskills]

Maybe I didn't explain properly, I was actually talking about the GET request, in respect to the route definitions:

$routes->get();
$routes->post();

For a route defined explicitly as $route->post(), can $this->request->getGet() pass through it?

[sammyskills]

My main concern is, for example, there is a route definition for the loginAction() method like so:

$routes->post('login', 'LoginController::loginAction');

Is it possible that GET parameters will pass the validation using $this->validate() method?

[kenjis]

For a route defined explicitly as $route->post(), can $this->request->getGet() pass through it?

Yes. Because $this->request->getGet() returns $_GET values.

Is it possible that GET parameters will pass the validation using $this->validate() method?

Yes. Because $this->validate() maybe validates $request->getVar() data.
See the Warning: https://codeigniter4.github.io/CodeIgniter4/incoming/controllers.html#this-validate

[sammyskills]

Thank you @kenjis.