我正在使用 David Powers 的验证类(来自《PHP 面向对象的解决方案》一书)来过滤输入数据。下面是过滤单个电子邮件地址的函数。如何修改此函数以过滤电子邮件地址数组? (我有一个动态表单,其中可能包含可变数量的电子邮件地址和与之相关的一些其他数据:两个数组的长度相同,这些过滤器不应从数组中删除值,只是为了报告是否有任何值无效.)
/**
* Checks whether the input conforms to the format of an email address.
*
* It does not check whether the address is genuine. Multiple addresses are
* rejected, guarding against email header injection attacks.
*
* @param string $fieldName Name of submitted value to be checked.
*/
public function isEmail($fieldName)
{
// Check that another validation test has not been applied to the same input
$this->checkDuplicateFilter($fieldName);
// Set the filter options
$this->_filterArgs[$fieldName] = FILTER_VALIDATE_EMAIL;
}
这是验证整数的函数。要使该函数接受整数数组需要什么? (我注释掉了函数中的 min、max 选项。它们在此数组验证器中不是强制性的。但请随意以某种方式提供帮助...)
public function isInt($fieldName/*, $min = null, $max = null*/)
{
// Check that another validation test has not been applied to the same input
$this->checkDuplicateFilter($fieldName);
// Set the filter options
$this->_filterArgs[$fieldName] = array('filter' => FILTER_VALIDATE_INT);
// Add filter options to test for integers within a specified range
//if (is_int($min)) {
// $this->_filterArgs[$fieldName]['options']['min_range'] = $min;
//}
//if (is_int($max)) {
// $this->_filterArgs[$fieldName]['options']['max_range'] = $max;
//}
}
这是验证类的两个公共(public)方法。请告诉我是否应该附加类构造函数或实际执行验证的公共(public)函数。现在我猜你不需要看到它们,但我的 OOP 技能很差。非常感谢任何帮助。
更新:添加了构造函数
/**
* Constructs a validator object for $_POST or $_GET input.
*
* The constructor checks the availability of the PHP filter functions for which it
* acts as a wrapper. If the optional first argument (an array of required fields) is
* supplied, it checks that each one contains at least some input. Any missing items are
* stored as an array in the $missing property.
*
* By default, the constructor sets the input type to "post". To create a validator for
* the $_GET array, set the optional second argument to "get".
*
* @param array $required Optional array containing the names of required fields or URL variables.
* @param string $inputType Type of input; valid options: "post" and "get" (case-insensitive); defaults to "post"
* @return Pos_Validator object
*/
public function __construct($required = array(), $inputType = 'post')
{
if (!function_exists('filter_list')) {
throw new Exception('The Pos_Validator class requires the Filter Functions in >= PHP 5.2 or PECL.');
}
if (!is_null($required) && !is_array($required)) {
throw new Exception('The names of required fields must be an array, even if only one field is required.');
}
$this->_required = $required;
$this->setInputType($inputType);
if ($this->_required) {
$this->checkRequired();
}
$this->_filterArgs = array();
$this->_errors = array();
$this->_booleans = array();
}
更新2:我意识到过滤后任何无效的数组值都被标记为bool(false)。因此,下面的函数可以工作,但它不会像单值过滤器函数那样生成验证错误。
public function isIntArray($fieldName)
{
// Check that another validation test has not been applied to the same input
$this->checkDuplicateFilter($fieldName);
// Set the filter options
$this->_filterArgs[$fieldName]['filter'] = FILTER_VALIDATE_INT;
$this->_filterArgs[$fieldName]['flags'] = FILTER_REQUIRE_ARRAY;
//is is possible to mark the whole array to false or
//somehow break the whole script?
}
如果不采取其他预防措施,上面的函数会去除无效值,并且数据库单元格将填充空白。我想我会在过滤后检查经过验证的数组(使用 foreach 循环),如果任何数组值为 false,我会以某种方式破坏脚本。 (在数据库中插入空值是没有意义的,因为它们被认为是有效的电子邮件地址或整数。)这个解决方案目前有效,但我敢打赌有一种更优雅和更有效的方法来做到这一点。感谢您的帮助和建议。我仍然对新想法持开放态度。
-朱尼
最佳答案
您可以多次调用 isInt 函数,并将循环放在函数外部。构造函数是什么样的?
如果你真的想这样做,你可以将函数更改为如下所示:
public function isInt( $my_array ) {
foreach( $my_array as $element ) {
$this->checkDuplicateFilter( $element );
$this->_filterArgs[$element] = array('filter' => FILTER_VALIDATE_INT);
}
}
如果您愿意,请将构造函数发布到此处,我们可以向您展示如何实例化它并以这种方式验证您的输入。
更新(现在构造函数已发布)
类(class)名称是什么?我们假设它的名称为 Validator(更改为实际名称)
$validator = new Validator( /* Add your optional arguments here */ );
/* change $inputs to the name of the array containing all your inputs */
foreach( $inputs as $input ) {
// validate each input
if( $validator->isInt( $input ) ) {
// int is valid, do something
} else {
// int isn't valid, do something else
}
}
然后对您的电子邮件输入的 isEmail 执行类似的操作。
关于电子邮件数组上的 PHP OOP 过滤器验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9375887/