用户提交数据是需要验证才能保证程序运行安全。
Struts 数据验证简单分为:
- 表单验证
- 业务验证
验证基本过程是:
- 创建消息资源文件
- 修改表单bean的validate()方法,添加验证代码
- 修改struts-config.xml,添加如下属性
- 显示错误消息
- 添加业务验证
# Resources for parameter 'demo.ApplicationResources' # Project strutsprj2 #username.null=用户名不能为空! #userpass.null=密码不能为空! #userpass.len=密码不能小于8位! #username.exist=用户名已被占用! #特殊标记:用于设置消息格式 errors.header=<font color="red"><b> errors.footer=</b></font> username.null=\u7528\u6237\u540d\u4e0d\u80fd\u4e3a\u7a7a! userpass.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a! userpass.len=\u5bc6\u7801\u4e0d\u80fd\u5c0f\u4e8e8\u4f4d! username.exist=\u7528\u6237\u540d\u5df2\u88ab\u5360\u7528!
//.... /** * 表单验证 验证表单数据 * @param mapping * @param request * @return ActionErrors */ public ActionErrors validate(ActionMapping mapping, HttpServletRequest request) { // TODO Auto-generated method stub ActionErrors errors = new ActionErrors(); //验证 用户名是否为空 if (user.getUserName().length() < 1) { ActionMessage msg=new ActionMessage("username.null"); errors.add("username",msg); } //验证 用户密码是否大于 8 位 if (user.getUserPass().length() < 8) { ActionMessage msg=new ActionMessage("userpass.len"); errors.add("userpass",msg); } //返回null或返回空的消息集合,代表验证通过. return errors; } //....
<!-- validate 是否要进行验证 --> <!-- input 验证失败后跳转的页面 --> <action validate="true" input="/index.jsp" attribute="loginForm" name="loginForm" path="/login" scope="request" type="cn.net.royakon.action.LoginAction"> <forward name="result" path="/result.jsp" /> <forward name="fail" path="/index.jsp" /> </action>
<%@ page language="java" pageEncoding="GB2312"%> <%@ taglib uri="http://struts.apache.org/tags-html" prefix="html" %> <form action="login.do" method="post"> USERNAME <input type="text" name="user.userName" /> <!-- 添加显示错误的标签 --> <html:errors property="username"/> </br> USERPASS <input type="text" name="user.userPass" /> <!-- 添加显示错误的标签 --> <html:errors property="userpass"/> </br> <input type="submit" value="登陆" /> </form>
//.... public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) { LoginForm loginForm = (LoginForm) form; // TODO Auto-generated method stub User user = loginForm.getUser(); LoginModel model = new LoginModel(); //业务验证 if (model.isExist(user)) { //生成消息 ActionErrors errors=new ActionErrors(); ActionMessage msg=new ActionMessage("username.exist"); errors.add("username",msg); super.saveErrors(request, errors); return mapping.findForward("fail"); } else { request.setAttribute("result", "Sucess!"); return mapping.findForward("result"); } } //....
Categories: 网页编程