what can cause $model->attributes to not get correct values in Yii?

Question

I have these lines in my actionCreate:

if (isset($_POST['DpcioCbn'])) {
  print_r($_POST['DpcioCbn']);
  $model->attributes = $_POST['DpcioCbn'];
  print_r($model->attributes);
  die();
  ...
}

which return this:

Array
(
    [code] => 34324
    [bn_fa] => dfsf
    [bn_en] => sdf
    [cbn_fa] => sdfds
    [cbn_en] => f
    [description] => dsfsdfsdf
    [update_at] => 1391-03-16
    [active] => 1
)
Array
(
    [active] => 1
    [code] => 34324
    [bn_fa] => dfsf
    [bn_en] => sdf
    [cbn_fa] => sdfds
    [cbn_en] => f
    [update_at] => 1391-03-16
    [id] => 
    [description] => 
)

what happens for description field? is there any thing about this assignment is Yii?

Answer 1

I found that there is a term in yii around this type of assignments: Massive Assignment .So I should explicitly define validation for each fields to make Massive Assignment.

public function rules() {
  return array(
      ...
      array('description', 'safe'),
      ...
  );
}

http://www.yiiframework.com/wiki/161/understanding-safe-validation-rules/#hh2

For some fields, there's nothing to validate, right?

Wrong: by only assigning field values that the user has explicitly said are eligible for copying into $model, this limits shenanigans of a bad guy trying to pollute a model.

Even if a field has no particular data-format validations, we still have to tell Yii we want the attribute copied during Massive Assignment. This is done with the 'safe' validator.

Answer 2

Wrong: by only assigning field values that the user has explicitly said are eligible for copying into $model, this limits shenanigans of a bad guy trying to pollute a model.

Even if a field has no particular data-format validations, we still have to tell Yii we want the attribute copied during Massive Assignment. This is done with the 'safe' validator. http://www.jili.ir