Struts 2 请求参数验证(Int 和字符串) [英] Struts 2 Request Parameter Validations (Int and Strings)

问题描述

假设我在这里有这个网址

Let's say I have this URL here

<s:url action ="profile" var ="profile_url">
  <s:param name = "id">${user.userId}</s:param>
</s:url>
<s:a href = "%{profile_url}">My Profile</s:a>

其中参数 id 将只有一个 int 值.所以在我的 Action 类中.

Where the parameter id will only have an int value. So inside my Action class.

public class ViewProfileAction extends ActionSupport{

    public String execute(){
       //someServiceLayer.getUser(id);
       return "success";
    }

    public int getId() {
       return id;
    }

    public void setId(int id) {
       this.id = id;
    }

    private int id;
}

只要用户点击链接，一切似乎都很顺利，所以如果用户点击链接，网址将是这样的

Everything seems to go well as long as the user will click the link, so if the user click the link the url will be something like this

localhost:8090/HelloStruts2/profile?id=1

但如果用户直接操作 URL 会怎样?他在浏览器中手动输入了一个字母或字符?像这样

but what if the user manipulated the URL directly? he manually typed in his browser a letter or a character? like this

localhost:8090/HelloStruts2/profile?id=b

如果用户这样做了，我肯定会出现异常或错误.

if the user did that I am sure there will be an exception or an error will occur.

我的问题是如何验证 URL 参数?或者如果用户做了这样的事情(在参数 id 中输入了一个字母或负数)，我会将他重定向到另一个页面.

My question how would I then validate the URL parameter? or if the user did such thing (entered a letter or a negative number in the parameter id) I would redirect him to another page.

推荐答案

您有一个参数字段为 int，但您已在 URL 中将其设置为 String.为了消除这种错误，您需要在 params 拦截器之前(或之后)放置一些拦截器来检查该值.例如你把 validation 拦截器.

You have a parameter field as int but you have set it as String in the URL. To eliminate the errors of that kind you need to put some interceptor before (or after it doesn't matter) the params interceptor to check that value. For example you put the validation interceptor.

@Action(value = "youraction", results = {
  @Result(location = "/path/to/page.jsp"),
}, interceptorRefs = {@InterceptorRef("validation"), @InterceptorRef("basicStack")})

那么你需要在你的操作中实现 validate() 方法

then you need implement validate() method in your action

public void validate() {}

最后加上会处理错误的方法，也效果不错，所以OGNL不会抱怨

and finally add the method that will handle wrong and also good results, so OGNL will not complain

public void setId(String id) {
    try {
      this.id = Integer.parseInt(id);
    } catch (NumberFormatException nfe){}
} 

就是这样，您不再有任何例外，并且在 setter 中检查了 String 类型的参数.

that's all, you have no exception anymore and parameter of type String is checked in the setter.

对于您的问题:如果您的参数未正确解析，您将在 execute() 方法中获得 0 的值.因此，您决定返回什么结果.如果 validation 拦截器放置在 params 拦截器之后进行解析或 GenericValidator.isInt，您还可以检查 validate() 方法中的值 之后 setFieldError() 并在 JSP 中显示或在验证后立即重定向.

To your question: if you parameter didn't parsed correctly you will have value of 0 in the execute() method. So, you decide what result to return. You can also check the value in the validate() method if the validation interceptor placed after params interceptor do parse or GenericValidator.isInt after that setFieldError() and show it in the JSP or redirect right after validation.

这篇关于Struts 2 请求参数验证(Int 和字符串)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！