Go basic Learning Record-write Web application-Web development Input Validation (i)

Reproduced
Go basic Learning Record-write Web application-Web development Input Validation (i)
The previous article share part of the function can be used normally, this sharing analysis--input verification

In order to keep the project can be learned, I will be here to share the code accumulated under, on GitHub, want to learn as soon as possible, you can directly clone my code, write code does not get started, are equal to the useless, light to see, for me, I am not able to learn.

Project Address

https://github.com/durban89/wiki_blogtag: 1.0.1

Some students may not understand, how to only give these, completely do not understand AH. I'm going to have to use the command, and follow the operation, it should be solved.

git clone https://github.com/durban89/wiki_blog /local/pathcd /local/pathgit fetch origingit checkout 1.0.1

I think that's clear enough. Ok!

Continue to share the logic of input validation.

One of the most important principles in web development is that you cannot trust any content in a client user form.
You must validate all incoming data before you use it.
Many websites are affected by this problem, which is both simple and critical.
There are two ways to validate commonly used form data.
The first is the front-end JavaScript authentication, the second is the backend server authentication.
This session only shares server-side validation in web development.

Required Fields

Sometimes we ask the user to enter some fields, but they cannot complete the field. You can use the Len function to get the length of a field to make sure that the user has entered some content. Add the following code to the Articlesave method

if len(r.Form["author"][0]) == 0 {    fmt.Println("author is empty")    http.Redirect(w, r, "/view/"+title, http.StatusFound)}

When submitted, we do not assign a value to author, then click Submit, you will see the output of the following content

author: []author is empty

R.form treats different form element types when blank.
For empty text boxes, text areas and file uploads, it returns an empty string;
For radio buttons and check boxes, it does not even create the corresponding items.
Conversely, if you try to access it, you will receive an error.
Therefore, use R. Form.get () Gets the field value safe because if it does not exist, it will always return null.
On the other hand, r.form.get () can only get one field value at a time, so you need to use R. form to get a mapping of the values. Let's change the code below just now

if len(r.Form.Get("author")) == 0 {    fmt.Println("author is empty")    http.Redirect(w, r, "/view/"+title, http.StatusFound)}

When submitted, we do not assign a value to author, then click Submit, you will see the output of the following content

author: []author is empty

The results are consistent with the previous section of the code.

Digital

Sometimes we need to submit data that is a number instead of a field value and other text.
For example, suppose we only need the user age in integer form, that is, 50 or 10, not "old enough" or "young".
If we need a positive number, we can first convert the value to the int type and then process it. Let's add the following code to the Articlesave method:

getint, err := strconv.Atoi(r.Form.Get("author"))if err != nil {    fmt.Println(err)    http.Redirect(w, r, "/view/"+title, http.StatusFound)}fmt.Println("getint:", getint)

When submitted we give author value Durban, and then click Submit Submission, you will see the output of the following content

author: [durban]strconv.Atoi: parsing "durban": invalid syntax

When submitted we give author a value of 10, and then click Submit Submission, you will see the output of the following content

author: [10]getint: 10

Another way is to use regular expressions.
The code below, we will replace the above code snippet as follows

if m, _ := regexp.MatchString("^[0-9]+$", r.Form.Get("author")); !m {    fmt.Println("非整数")    http.Redirect(w, r, "/view/"+title, http.StatusFound)    return}fmt.Println("get author:", r.Form.Get("author"))

When submitted we give author a value of 10, and then click Submit Submission, you will see the output of the following content

author: [10]get author: 10

Regular expressions are inefficient for high-performance purposes, but simple regular expressions are usually fast enough.
If you are familiar with regular expressions, this is a very handy way to validate your data.
Please note that go uses [RE2], so all UTF-8 characters are supported.

**re2 is a fast, secure, and thread-friendly alternative to backtracking regular expression engines, such as those used in Pcre,perl and Python.
It is a C + + library. **

Project Update Address

https://github.com/durban89/typescript_demo.gittag: 1.0.2