?
?
【Struts2】★☆之struts2对Action提交方法进行验证
?
?
????在实际的开发项目中,我们通常采用的是js对我们输入的值进行验证,例如,用户名的长度,密码长度,等等。但是这样做,不好之处就是我们可以通过人为的将开发者的验证js注掉,这样就导致验证失败,对后台安全性是一个很大的威胁,在采用struts2进行开发时,我们可以采用框架内置的校验器,对我们的Action进行校验。本文所讲诉的就是如何使用重写struts2中的ActionSupport里面的validate方法对输入值进行校验。
?
????ok,看下面代码!
?
1、搭建struts2开发环境-struts2开发环境
?
2、编写我们的Action方法
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75monospace !important; vertical-align: baseline !important; background-image: none; float: none !important; font-weight: bold !important; color: #006699 !important; font-style: normal !important; text-align: left !important; margin: 0px; line-height: 1.1em !important; width: auto !important; border-top-left-radius: 0px; border-top-right-radius: 0px; border-bottom-right-radius: 0px; border-bottom-left-radius: 0px; border: 0px; padding: 0px !important;" class="java keyword">package
?csg.struts2.action;
?
import
?java.util.regex.Pattern;
?
import
?com.opensymphony.xwork2.ActionContext;
import
?com.opensymphony.xwork2.ActionSupport;
?
/**
?
*?
?
*?@author?小夜的传说
?
*?@2014-7-20
?
*?@validate
?
*?@csg.struts2.action
?
*?@StrutsAction
?
*?@2014-7-20下午7:21:26
?
*/
public
?class
?StrutsAction?
extends
?ActionSupport?{
????
private
?static
?final
?long
?serialVersionUID?=?1L;
????
private
?String?username;
????
private
?String?mobile;
????
public
?String?getUsername()?{
????????
return
?username;
????
}
????
public
?void
?setUsername(String?username)?{
????????
this
.username?=?username;
????
}
????
public
?String?getMobile()?{
????????
return
?mobile;
????
}
????
public
?void
?setMobile(String?mobile)?{
????????
this
.mobile?=?mobile;
????
}
????
?
????
public
?String?update(){
????????
ActionContext.getContext().put(
"message"
,?
"更新成功"
);
????????
return
?"success"
;
????
}
????
public
?String?save(){
????????
ActionContext.getContext().put(
"message"
,?
"保存成功"
);
????????
return
?"success"
;
????
}
????
/**
?????
*?全局方法进行验证
?????
*/
????
/*@Override
????
public?void?validate()?{
????????
if(this.username==null||"".equals(this.username.trim())){
????????????
this.addFieldError("username",?"用户名不能为空");
????????
}
????????
if(this.mobile==null||"".equals(this.mobile.trim())){
????????????
this.addFieldError("mobile",?"手机号不能为空");
????????
}else{
????????????
if(!Pattern.compile("^1[358]\\d{9}$").matcher(this.mobile).matches()){
????????????????
this.addFieldError("mobile",?"手机号格式不正确");
????????????
}
????????
}
????????
super.validate();
????
}*/
????
/**
?????
*?单个方法进行验证
?????
*/
????
public
?void
?validateSave()?{
????????
if
(
this
.username==
null
||
""
.equals(
this
.username.trim())){
????????????
this
.addFieldError(
"username"
,?
"用户名不能为空"
);
????????
}
????????
if
(
this
.mobile==
null
||
""
.equals(
this
.mobile.trim())){
????????????
this
.addFieldError(
"mobile"
,?
"手机号不能为空"
);
????????
}
else
{
????????????
if
(!Pattern.compile(
"^1[358]\\d{9}$"
).matcher(
this
.mobile).matches()){
????????????????
this
.addFieldError(
"mobile"
,?
"手机号格式不正确"
);
????????????
}
????????
}
????????
super
.validate();
????
}
}
?
????在这里讲解一下,我们的validate()方法会对我们Action里面的所有方法进行验证,但是比如说我们的get,list方法是不需要验证的所以通过validateXxx这样就可以对我们单个方法进行验证(validateXxx注意我们需要被验证的方法名首字母一定要大写)
?
ok,
?
3、编写我们的jsp提交页面(index.jsp)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24<%@?page?language="java"?import="java.util.*"?pageEncoding="utf-8"%>
<%@taglib?prefix="s"?uri="/struts-tags"?%>
<!DOCTYPE?HTML?PUBLIC?"-//W3C//DTD?HTML?4.01?Transitional//EN">
<
html
>
??
<
head
>
????
<
title
>后台验证表单提交</
title
>
????
<
meta
?http-equiv
=
"pragma"
?content
=
"no-cache"
>
????
<
meta
?http-equiv
=
"cache-control"
?content
=
"no-cache"
>
????
<
meta
?http-equiv
=
"expires"
?content
=
"0"
>????
????
<
meta
?http-equiv
=
"keywords"
?content
=
"keyword1,keyword2,keyword3"
>
????
<
meta
?http-equiv
=
"description"
?content
=
"This?is?my?page"
>
????
<!--
????
<link?rel="stylesheet"?type="text/css"?href="styles.css">
????
-->
??
</
head
>
??
<
s:fielderror
/>
<!--获取验证失败之后的提示信息-->
??
<
body
>
????
<
form
?action
=
"/validate/test/list_save"
?method
=
"post"
>
????????
用户名:<
input
?type
=
"text"
?name
=
"username"
/>不能为空<
br
/>
????????
手机号:<
input
?type
=
"text"
?name
=
"mobile"
/>不能为空符合手机号格式<
br
/>
????
<
input
?type
=
"submit"
?value
=
"提交"
/>
????
</
form
>
??
</
body
>
</
html
>
?
大家注意了,当我们验证成功之后,我的提示信息通过ActionContext.getContext()直接放在request范围里面,那么我们的验证失败之后的信息呢?这个就是放在ActionSupport里面这个属性中(看一下源码就知道了),ActionSupport里面有如下这段代码!
?
1 2 3?
public
?void
?addFieldError(String?fieldName,?String?errorMessage)?{
????????
validationAware.addFieldError(fieldName,?errorMessage);
????
}
?
但是当我们验证失败之后,ActionSupport默认返回的是return "input"视图,所以我们需要在struts.xml中配置一项视图,如下
?
1 2 3 4 5 6 7 8 9 10 11 12 13<?
xml
?version
=
"1.0"
?encoding
=
"UTF-8"
??>
<!DOCTYPE?struts?PUBLIC
????
"-//Apache?Software?Foundation//DTD?Struts?Configuration?2.3//EN"
????
"http://struts.apache.org/dtds/struts-2.3.dtd">
?
<
struts
>
????
<
package
?name
=
"struts"
?namespace
=
"/test"
?extends
=
"struts-default"
>
????????
<
action
?name
=
"list_*"
?class
=
"csg.struts2.action.StrutsAction"
?method
=
"{1}"
>
????????????
<
result
?name
=
"success"
>/WEB-INF/page/success.jsp</
result
>
????????????
<
result
?name
=
"input"
>/index.jsp</
result
>
????????
</
action
>
????
</
package
>
</
struts
>
?
那么在index.jsp中我们就可以直接通过struts标签来取到
this.addFieldError里面的值。
?
ok,我们验证成功之后,直接转发到success.jsp页面,里面直接通过el表达式,${message}取到值
?
源码下载:通过struts2中的validate()方法进行Action验证-源码
?
?
?