Preface
Data verification is a task that almost every application needs to do. The data entered by the user is sent to the server. God knows whether the data entered by the user is legal and whether it is malicious. Therefore, a robust application system must verify the user's input, block illegal inputs outside the application, and prevent these illegal inputs from entering the system, thereby ensuring the stability and security of the system.
We all know that for a better user experience and higher efficiency, current web applications have the following two data verifications:
Client data verification is mainly done through JavaScript code; server-side data verification is the last line of defense for the entire application to block illegal data, and is mainly implemented through programming in the application.
In order to reduce the workload of developers and improve work efficiency, the Struts2 framework has also put a lot of effort into data verification. So how does Struts2 complete data verification? (Since the client verification capability of the Struts2 framework is weak, it will not be summarized. This article mainly summarizes the server-side data verification function of the Struts2 framework)
Write verification rules files
We all know that data verification is all cumbersome code. In order to get out of these cumbersome codes, the Struts2 framework provides data verification based on configuration files. It only requires writing a verification rule file. The verification rule file specifies what rules should each form field meet.
Let’s talk about input verification of Struts2 framework through a demo example.
Front Desk Page:
<body> <form action="login" method="post"> Username: <input type="text" name="name" /><s:fielderror fieldName="name" /><br> Password: <input type="password" name="password" /><s:fielderror fieldName="password" /><br> Age: <input type="text" name="age" /><s:fielderror fieldName="age" /><br> Birthday: <input type="text" name="birthday" /><s:fielderror fieldName="birthday" /><br> <input type="submit" value="submit" /> </form></body>
Background Action Processing Code:
public class LoginAction extends ActionSupport{ private String name; private String password; private int age; private Date birthday; private String tip; public void setName(String name) { this.name = name; } public String getName() { return name; } public void setPassword(String password) { this.password = password; } public String getPassword() { return password; } public void setAge(int age) { this.age = age; } public int getAge() { return age; } public void setBirthday(Date birthday) { this.birthday = birthday; } public Date getBirthday() { return birthday; } public void setTip(String tip) { this.tip = tip; } public String getTip() { return tip; } public String execute() throws Exception { // The operation is simplified here. return SUCCESS; }}Through the above Action code, we can see that I did not add any field verification code, but we only need to write a verification file, as follows:
<?xml version="1.0" encoding="UTF-8"?><!-- Specify the DTD information of the verification configuration file--><!DOCTYPE validators PUBLIC "-//Apache Struts//XWork Validator 1.0.2//EN" "http://struts.apache.org/dtds/xwork-validator-1.0.2.dtd"><!-- Verify the root element of the verification file--><validators> <!-- Verify the name attribute of the verification configuration file--> <field name="name"> <!-- Specify the name attribute must meet the required rules--> <field-validator type="requiredstring"> <param name="trim">true</param> <message>Name must be filled in</message> </field-validator> <!-- The specified name attribute must match the regular expression --> <field-validator type="regex"> <param name="regexExpression"><![CDATA[(/w{4,25})]]></param> <message> The username you enter can only be letters and numbers, and the length must be between 4 and 25</message> </field-validator> </field> <!-- Verify the password attribute of the Action--> <field name="password"> <field-validator type="requiredstring"> <param name="trim">true</param> <message> Password must be entered</message> </field-validator> <field-validator type="regex"> <param name="regexExpression"><![CDATA[(/w{4,25})]]]></param> <message> The username you enter can only be letters and numbers, and the length must be between 4 and 25</message> </field-validator> </field> <!-- Verify the age attribute of the Action--> <field name="age"> <field-validator type="int"> <param name="min">1</param> <param name="max">150</param> <message>Age must be between 1 and 150</message> </field-validator> </field> <!-- Verify the birthday property of the Action--> <field name="birthday"> <field-validator type="date"> <param name="min">1900-01-01</param> <param name="max">2050-02-21</param> <message>Birthday must be between ${min} and ${max}</message> </field-validator> </field></validators>The verification file rules of Struts2 are different from the verification file design method of Struts1. Each Action in Struts2 has a verification file, so the file name of the verification file should comply with the following rules:
<Action Name>-validation.xml
The previous Action name can be changed, the subsequent -validation.xml part is always fixed, and the verification file should be saved in the same path as the Action class file.
Similar to type conversion failure, when the input verification fails, Struts2 also automatically returns a Result named "input", so it is necessary to configure a Result named "input" in the struts.xml file.
Internationalization prompt information
In case of verification failure, the user needs to be prompted for error messages. So now a problem arises. In a multi-language environment, how to correctly prompt the corresponding language prompt information? It is not possible to write it directly in the verification file like above. For the internationalization prompt information, specify the key attribute for the message element, which specifies the key corresponding to the internationalization prompt information.
For example, the above verification file can be roughly written like this:
<!-- Verify the name attribute of the Action--><field name="name"> <!-- The specified name attribute must meet the required rules--> <field-validator type="requiredstring"> <param name="trim">true</param> <message key="name.required"/> </field-validator> <!-- The specified name attribute must match the regular expression--> <field-validator type="regex"> <param name="regexExpression"><![CDATA[(/w{4,25})]]></param> <message key="name.regex"/> </field-validator></field>Built-in checker
In the verification file above, you can see such a statement:
<field-validator type="requiredstring"><field-validator type="regex">...
The type attribute value here is the checker. There are a large number of built-in verification devices provided within the Struts2 framework. These built-in verification devices can meet the verification needs of most applications. We only need to use these verification devices.
We can use the decompression tool to open the xwork-core-2.3.24.1.jar file. Under the xwork-core-2.3.24.1.jar/com/opensymphony/xwork2/validator/validators path, we can find a default.xml file. This file is the default verification device registration file for Struts2, and the content is as follows:
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE validators PUBLIC "-//Apache Struts//XWork Validator Definition 1.0//EN" "http://struts.apache.org/dtds/xwork-validator-definition-1.0.dtd"><!-- START SNIPPET: validators-default --><validators> <!-- Required Verifier--> <validator name="required"/> <validator name="required"/> <!-- Integer Verifier --> <validator name="int"/> <!-- Long Integer Verifier --> <validator name="long"/> <!-- Short Integer Verifier --> <validator name="short"/> <!-- Double Floating Point Verifier --> <validator name="double"/> <!-- Date Verifier --> <validator name="date"/> <!-- Expression Verifier --> <validator name="expression"/> <!-- Field Expression Verifier --> <validator name="fieldexpression"/> <!-- Email Verifier --> <validator name="email"/> <!-- URL Verifier --> <validator name="url"/> <validator name="visitor"/> <validator name="visitor"/> <validator name="conversion"/> <validator name="conversion"/> <validator name="stringlength"/> <validator name="regex"/> <validator name="conditionalvisitor"/></validators><!-- END SNIPPET: validators-default -->
Regarding the specific use of these verification devices, I will not give examples here.
Summarize
This article briefly summarizes the verification devices in the Struts2 framework. The basics for the verification devices mentioned here are how to use them. The most important thing is to master the idea of Struts2 verification devices and complete them through configuration. This method is worth learning from. In our learning of other frameworks, we will also encounter this method. Study, pain and happiness.
Okay, the above is the entire content of this article. I hope that the content of this article has certain reference value for everyone's study or work. If you have any questions, you can leave a message to communicate. Thank you for your support to Wulin.com.