Rails:为什么要“格式化"(正则表达式)验证失败? [英] Rails: Why "format" (regex) validation fails?
问题描述
我对产品价格有以下验证:
I have the following validation of product's price:
class Product < ActiveRecord::Base
...
PRICE_REGEX = /^([1-9]\d{0,5}|0)(\.\d{1,2})?$/
validates :price, :presence => true, :format => PRICE_REGEX
...
end
它应该允许价格从 0
到 999999.99
.
It supposed to allow prices from 0
to 999999.99
.
但是,如果我输入hello
,则验证通过,并且0.00
会保存在数据库中.
However, if I enter hello
, the validation passes, and 0.00
is saved in the database.
:presence
验证工作正常.
我在这里遗漏了什么?
推荐答案
price 列是一个浮点数,所以 Rails 会按照 "hello".to_f # = 自动将字符串 "hello" 转换为浮点数>0.0
.然后将其转换回字符串 "0.0"
,它显然与正则表达式匹配.
The price column is a float, and so Rails will automatically convert the string "hello" to float, as per "hello".to_f # => 0.0
. This is then converted back to the string "0.0"
, which obviously matches the regular expression.
一般来说,在非字符串列上使用正则表达式是一个坏主意.相反,使用 validates_numericality_of
.如果您想要与正则表达式相同的限制,请这样做:
In general, it's a bad idea to use regular expressions on non-string columns. Instead, use validates_numericality_of
. If you wanted the same restriction as with the regex, do it like this:
class Product < ActiveRecord::Base
validates_numericality_of :price, :greater_than => 0, :less_than => 1000000
end
它不仅更安全,而且更易于阅读和遵循.请注意,如果价格为空白,它也会自动拒绝.
Not only is it safer, but it's easier to read and follow as well. Note that it'll automatically reject the price if blank as well.
这篇关于Rails:为什么要“格式化"(正则表达式)验证失败?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!