Top 5 Validation Helpers in Active Record

If I learned anything about cybersecurity it had to be the importance of the database. Data is what makes an application. Your program could have the fastest and most efficient algorithms but they will be useless without any data. Now you don’t just want any data entering your database. Invalid data poses a major threat to your application. Take for example the signup process in a web app and assume they have no validations. The end user can easily type in and submit invalid information such as a fake email or just simply leaving it blank. When the application calls on any methods dependent on this data, it will break. Which leads me to validations. Data validation is vital to ensure data is clean, correct, and useful. Active Record provides a wide variety of validation helpers which do all the validation work for you and cannot be bypassed by users. I will be discussing the top 5 most helpful validations. But first let’s talk about what validations are.

What are validations?

Data validation simply refers to the process of making sure that the data entered by the user is of good quality, meaning that it is complete, and meets the criteria for the application to use the data, before persisting it to the database. Validations can be implemented in any level of your application; the front-end, controllers, models, and even database. However model level validations along with some front end should be secure enough to prevent any malicious data from being saved.

1. Confirmation

Imagine if you were creating an account for Facebook and you misspelled your password. You will be granted access to the web app but you would be unable to log in next time. Had there been a confirmation field in that form that would’ve took care of the misspelled password. That is what this helper is for, when you want 2 input fields exactly the same. Confirmation requires another helper, :presence, to work. For the case previously described you would want to do something like:

For your view you can use:

2. Exclusion

This helper is perfect for preventing any duplicate usernames or entering a restricted value. It validates that the values entered are not included in a given set. This set can also be any enumerable object, like an array! Using the same example from above we can incorporate this helper into our model like this:

The :in option will receive a set of values that will not be accepted by the validated attributes. There is also :message option which yields the value from the given set that caused the validation failure. Giving you some dynamic and helpful error messages.

3. Length

This one is my favorite. The length helper checks the number of characters for an attribute value. It has a variety of constraints to specify length requirements in different ways using: :minimum, :maximum, :within (which takes in a range), and :is (length must be equal to). Here is an example using all four constraints:

4. Presence

This helper prevents nil values from entering your database. Presence ensures that the value of the attribute is neither nil or a string of white spaces. Essentially you would want to use :presence on whatever attributes you want required, like so:

This helper also works with associations. If you wanted to make sure one of your associations was present you would have to check if the associated object itself was present, not the foreign key. Like this:

5. Uniqueness

This validation helper ensures that the value entered does not already exist in the database. In a situation where you wanted your program to have unique usernames or emails, which you probably do. You could do something like:

Some similarities can be found between :exclusion and :uniqueness. Where exclusion can do the same job it can also go a bit further by preventing any specific attribute values that you do not want in your database. Uniqueness on the other hand does a SQL query into the model’s table, searching for an existing record with the same value in that attribute and can only compare the value to the values in the table.

Data validation is an essential part of programming. It is necessary to ensure that no invalid data enters your database and what better way to this than with Active Record validations. These are just a few of the validation helpers that I commonly use and so far they have not let me down. This just covered the surface of validations, make sure to read the documentation on these to go into full depth of their functionality.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store