Automatic Verification and Application of ThinkPHP forms

Source: Internet
Author: User

Automatic Verification and Application of ThinkPHP forms

Use the TP 3.2 framework

Public function add_post () {// verification rule $ rule = array ('name', 'require ', 'enter name', 1 ), // name must be verified); $ m = M ('user'); // obtain the name, sex, and contact data to the model, and verify if (! $ M-> field ('name, sex, contact ')-> validate ($ rule)-> create ()) $ this-> error ($ m-> getError (); $ result = $ m-> add (); if (! $ Result) $ this-> error ('add failed'); $ this-> success ('added successfully', U ('dir '));}

Verification rules can also be written to the model, but I feel a little troublesome. First, sometimes different page verification methods are used, and second, the code in this add_post event is displayed, it is clear what data to receive and how to verify that the data can be roughly understood at the first glance, so this method is summarized.


Thinkphp automatically verifies the error message: _ TOKEN_ERROR _ what does it mean?

The new version of ThinkPHP provides the form token verification function, which effectively prevents security protection such as remote submission of forms.

Configuration parameters related to form TOKEN verification include: 'token _ on' => true, // whether to enable TOKEN verification 'token _ name' => '_ hash __', // The hidden field name of the form for TOKEN verification is 'token _ type' => 'md5'. // The hash verification rule for the TOKEN is md5 by default. If the form TOKEN verification function is enabled, the system automatically generates a hidden field named TOKEN_NAME in the template file with a form. The value is a hash string generated in TOKEN_TYPE mode, which is used for automatic token verification of the form. The automatically generated hidden fields are located before the Form end flag. If you want to manually control the position of the hidden fields, you can manually add the identifiers on the Form page. The system will automatically replace the hidden fields when outputting the template. If you do not need to use the token verification function for individual forms when form token verification is enabled, you can add {__ NOTOKEN __} on the form page. The system will ignore the token verification of the current form. If multiple forms exist on the page, we recommend that you add an identifier and ensure that only one form requires token verification. The model class automatically performs form token verification when creating a data object. If you do not use the create method to create a data object, you need to manually call the autoCheckToken method of the model for form token verification. If false is returned, the form token verification is incorrect. Example: $ User = M ("User"); // instantiate the User object // manually verify the token if (! $ User-> autoCheckToken ($ _ POST) {// token verification error

Automatic Verification of thinkphp

Let me show you an example:
// Form Verification
Protected $ _ validate = array (
// Array ('verification field', 'verification rule', 'error message', verification criteria, additional rules, verification time)
Array ('uname', 'require ', 'user name must be verified! ', 1, 'regex', 3 ),
// Array ('username', '', 'username already exists ', 1, 'unique', 1 ),
Array ('pwd', 'require ', 'password is required! '),

Array ('pwd', 'checkpwd', 'password length not less than 6 bits, 1, 'callback '),
);

Function checkPwd (){
$ Password = $ _ POST ['pwd'];
If (strlen ($ password)> = 6 ){
Return true;
} Else {
Return false;
}
}
// Form ing
Protected $ _ map = array (
'Uname' => 'username ',
'Pwd' => 'Password ',
);
// Automatic completion
Protected $ _ auto = array (
// Array (fill field, fill content, fill condition, add rule) Fill condition: 1, insert 2, Update 3, all
Array ('reg _ date', 'getdate', 1, 'callback '),
Array ('Password', 'md5', 3, 'function '),
);
Function getDate (){
Return date ('Y-m-d H: I: s ');
}

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.