Javascript校验的局限性
单纯通过js无法满足安全要求,struts2提供了两种表单验证的功能:
1 硬编码方式---易理解,不易维护
2 xml配置方式---易维护,以管理,不侵入源代码
硬编码方式步骤:
1 创建struts2项目
2 编写普通表单
3 在jsp中加入<%@ taglib prefix="s" uri="/struts-tags" %>
4 在表单中加入两种struts2中提供的两种校验级别错误
<s:fielderror cssStyle=" " />
<s:actionerror cssStyle=" " />
通常发生属性级别的校验错误,通常被放入fielderror对象中;如果发生action级别的校验错误,通常
被放入actionerror对象中
5 创建Action类,在struts.xml中配置
一定要配置一个result,name为input,value为校验失败要跳转到的页面
6 Action类中创建校验方法,方法命名规则validate+要验证的方法名(首字母大写)
即使Action中有很多方法,也可以分开校验
7 完善校验方法中具体的判断
错误信息分为两种:FieldError和ActionError
将错误信息放入到Field域中:this.addFeildError("username","username format error");
将错误信息放入到Action域中:this.addActionError("password format error");
实际上会将错误信息放入到struts2默认的map集合中
页面可以通过${errors.username[0]}来获取单独的属性错误信息
action.CheckAction.java
<span style="font-size:18px;">package action;
import java.util.regex.Pattern;
import com.opensymphony.xwork2.ActionSupport;
public class CheckAction extends ActionSupport {
private String username;
private String password;
private String submitPassword;
private int age;
private String email;
private String phone;
@Override
public String execute() throws Exception {
return "success";
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSubmitPassword() {
return submitPassword;
}
public void setSubmitPassword(String submitPassword) {
this.submitPassword = submitPassword;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public void validateExecute(){
if(null==username||username.length()<6||username.length()>11){
this.addFieldError("username", "username error");
}
if(null==password||password.length()<6||password.length()>11){
this.addFieldError("password", "password error");
}
if(null==submitPassword||submitPassword.length()<6||submitPassword.length()>11){
this.addFieldError("submitPassword", "submitPassword error");
}
if(!password.equals(submitPassword)){
this.addFieldError("submitPassword", "submitPassword don't match password");
}
if(age<0||age>150){
this.addFieldError("age", "age is out of range");
}
Pattern emailPattern=Pattern.compile("^([A-Za-z0-9])+@([A-Za-z0-9])+(\\.)([A-Za-z0-9])+$");
if(null==email||!emailPattern.matcher(email).matches()){
this.addFieldError("email", "email format error");
}
Pattern phonePattern=Pattern.compile("^((\\(\\d{3}\\))|(\\d{3}\\-))?13[0-9]\\d{8}|15[89]\\d{8}");
if(phone==null||phonePattern.matcher(phone).matches()){
this.addFieldError("phone", "phone format error");
this.addActionError("phone format error");
}
/*
* 错误信息被默认放到struts2默认Map集合errors
*/
}
}
</span>
struts.xml<span style="font-size:18px;"><?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "http://struts.apache.org/dtds/struts-2.1.dtd">
<struts>
<!--表单校验
要求:
用户名:不为空,大于6位小于11位
密码:不为空,大于6位小于11位,两次输入的密码一致
年龄:不为空 0-150岁
邮箱:不为空,符合邮箱格式
电话:不为空,符合电话号码格式
-->
<package name="action" extends="struts-default">
<action name="checkAction" class="action.CheckAction">
<result name="suceess">/success.jsp</result>
<result name="input">/index.jsp</result>
</action>
</package>
</struts>
</span>
index.jsp
<span style="font-size:18px;"><%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%
request.setCharacterEncoding("utf-8");
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
</head>
<body>
<s:fielderror cssStyle="color:red"/>
<hr>
<s:actionerror cssStyle="color:red"/>
<form method="post" action="<%=path %>/checkAction.action">
username:<input type="text" name="username">${errors.username[0]}<br>
password:<input type="password" name="password">${erros.password[0]}<br>
submitPassword:<input type="password" name="submitPassword">${erros.submitPassword[0]}<br>
age:<input type="text" name="age">${errors.age[0]}<br>
phone:<input type="text" name="phone">${errors.phone[0]}<br>
email:<input type="text" name="email">${errors.email[0]}<br>
<button type="submit">submit</button>
</form>
</body>
</html>
</span>
1 创建struts2项目
2 编写普通表单
3 在jsp中加入<%@ taglib prefix="s" uri="/struts-tags" %>
4 在表单中加入两种struts2中提供的两种校验级别错误
<s:fielderror cssStyle=" " />
<s:actionerror cssStyle=" " />
通常发生属性级别的校验错误,通常被放入fielderror对象中;如果发生action级别的校验错误,通常
被放入actionerror对象中
单属性方式页面错误信息:${errors.username[0]}对象方式页面错误信息:${errors.user["username"][0]}
5 创建Action类,在struts.xml中配置
一定要配置一个result,name为input,value为校验失败要跳转到的页面
6 在action类的同包下创建一个xml配置文件
该文件用于写检验信息
命名规则:Action名-validation.xml
7 编写xml配置文件的校验信息
bean.Users.java
<span style="font-size:18px;">package bean;
public class Users {
private String username;
private String password;
private String submitPassword;
private int age;
private String email;
private String phone;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSubmitPassword() {
return submitPassword;
}
public void setSubmitPassword(String submitPassword) {
this.submitPassword = submitPassword;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
}
</span>
<span style="font-size:18px;">package action;
import com.opensymphony.xwork2.ActionSupport;
import bean.Users;
public class CheckAction extends ActionSupport {
private Users user;
@Override
public String execute() throws Exception {
return "success";
}
public Users getUser() {
return user;
}
public void setUser(Users user) {
this.user = user;
}
}
</span>
bean.CheckAction-validation.xml
<span style="font-size:18px;"><?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE validators>
<validators>
<field name="user.username">
<field-validator type="requiredstring">
<param name="trim">true</param>
<message>用户名不为空</message>
</field-validator>
<!--验证用户名只能是字幕或数字,长度为6-12 -->
<field-validator type="regex">
<param name="expression">
<![CDATA[(\w{6,25})]]>
</param>
<message>输入的用户名必须为6-12个字母或数字</message>
</field-validator>
</field>
<field name="user.password">
<field-validator type="requiredstring">
<param name="trim">true</param>
<message>密码不为空</message>
</field-validator>
<!--验证密码只能是字母或数字,长度为6-12 -->
<field-validator type="stringlength">
<param name="minLength">6</param>
<param name="maxLength">12</param>
<message>输入的密码必须为6-12个字母或数字</message>
</field-validator>
<field-validator type="fieldexression">
<param name="expression">
<![CDATA[(user.submitPassword==user.password)]]>
</param>
<message>两次密码必须一致</message>
</field-validator>
</field>
<field name="user.age">
<field-validator type="int">
<param name="min">0</param>
<param name="max">150</param>
<message>年龄范围不正确</message>
</field-validator>
</field>
<field name="user.email">
<field-validator type="email">
<message>邮箱格式不正确</message>
</field-validator>
</field>
<field name="user.phone">
<field-validator type="regex">
<param name="expression">
<![CDATA[^((\(\d{3}\))|(\d{3}\-))?13[0-9]\d{8}|15[89]\d{8}]]>
</param>
<message>电话号码格式不正确</message>
</field-validator>
</field>
</validators></span>
<span style="font-size:18px;"><?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "http://struts.apache.org/dtds/struts-2.1.dtd">
<struts>
<package name="action" extends="struts-default">
<action name="checkAction" class="action.CheckAction">
<result name="success">/success.jsp</result>
<result name="input">/index.jsp</result>
</action>
</package>
</struts>
</span>
index.jsp
<span style="font-size:18px;"><%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%
request.setCharacterEncoding("utf-8");
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
</head>
<body>
<s:fielderror cssStyle="color:red"/>
<hr>
<s:actionerror cssStyle="color:red"/>
<form method="post" action="<%=path %>/checkAction.action">
username:<input type="text" name="user.username">${errors["user.username"][0]}<br>
password:<input type="password" name="user.password">${erros["user.password"][0]}<br>
submitPassword:<input type="password" name="user.submitPassword">${erros["user.submitPassword"][0]}<br>
age:<input type="text" name="user.age">${errors["user.age"][0]}<br>
phone:<input type="text" name="user.phone">${errors["user.phone"][0]}<br>
email:<input type="text" name="user.email">${errors["user.email"][0]}<br>
<button type="submit">submit</button>
</form>
</body>
</html>
</span>