在 MVC 网站中验证和处理表单提交的位置 [英] Where to validate and process form submission in MVC website
问题描述
我正在开发基于 PHP 的模型-视图-控制器结构化网站.我知道模型应该处理业务逻辑,视图向用户呈现 HTML(或其他),而控制器则促进了这一点.我遇到的问题是表格.我在控制器中放置了多少处理,我在模型中放置了多少?
I'm working on a PHP based Model-View-Controller structured website. I understand that the Models should deal with business logic, views present HTML (or whatever) to the user, and the controllers facilitate this. Where I'm running stuck is with forms. How much processing do I put in the controller, and how much do I put the my model?
假设我正在尝试更新用户的第一个 &姓.我想要做的是使用 AJAX 向我的控制器之一提交表单.我希望数据(再次)在服务器端进行验证,如果有效则将其保存到数据库中,然后将 JSON 响应返回给视图,无论是成功还是错误.
Assume that I'm trying to update a user's first & last name. What I want to do is submit a form using AJAX to one of my controllers. I want the data to be validated (again) server side, and if valid save it to the database, and then return a JSON response back to the view, as either a success or error.
我应该在控制器中创建我的用户模型的实例,还是应该让控制器中继到模型中的静态方法?这里有两个例子来说明它是如何工作的:
Should I create an instance of my user model in the controller, or should I just have the controller relay to a static method in my model? Here is two examples of how this could work:
选项 #1:在模型中处理 POST
<form action="/user/edit-user-form-submit/" method="post">
<input type="text" name="firstname">
<input type="text" name="lastname">
<button type="submit">Save</button>
</form>
<?php
class user
{
public function __construct($id){} // load user from database
public function set_firstname(){} // validate and set first name
public function set_lastname(){} // validate and set last name
public function save_to_database(){} // save object fields to database
public static function save_data_from_post()
{
// Load the user
$user = new user($_POST['id']);
// Was the record found in the db?
if($user->exists)
{
// Try to set these fields
if(
$user->set_firstname($_POST['firstname'])
and
$user->set_lastname($_POST['lastname'])
)
{
// No errors, save to the dabase
$user->save_to_database();
// Return success to view
echo json_encode(array('success' => true));
}
else
{
// Error, data not valid!
echo json_encode(array('success' => false));
}
}
else
{
// Error, user not found!
echo json_encode(array('success' => false));
}
}
}
class user_controller extends controller
{
public function edit_user_form()
{
$view = new view('edit_user_form.php');
}
public function edit_user_form_submit()
{
user::save_data_from_post();
}
}
?>
选项 #1:在模型中处理 POST
<form action="/user/edit-user-form-submit/" method="post">
<input type="text" name="firstname">
<input type="text" name="lastname">
<button type="submit">Save</button>
</form>
<?php
class user
{
public function __construct($id){} // load user from database
public function set_firstname(){} // validate and set first name
public function set_lastname(){} // validate and set last name
public function save_to_database(){} // save object fields to database
}
class user_controller extends controller
{
public function edit_user_form()
{
$view = new view('edit_user_form.php');
}
public function edit_user_form_submit()
{
// Load the user
$user = new user($_POST['id']);
// Was the record found in the db?
if($user->exists)
{
// Try to set these fields
if(
$user->set_firstname($_POST['firstname'])
and
$user->set_lastname($_POST['lastname'])
)
{
// No errors, save to the dabase
$user->save_to_database();
// Return success to view
echo json_encode(array('success' => true));
}
else
{
// Error, data not valid!
echo json_encode(array('success' => false));
}
}
else
{
// Error, user not found!
echo json_encode(array('success' => false));
}
}
}
?>
这两个例子做了完全相同的事情,我意识到这一点.但是这样做有对错之分吗?我已经阅读了很多关于瘦控制器和胖模型的文章,其中选项 #1 来自哪里.你怎么处理这个?谢谢,很抱歉问这么长的问题!
The two examples do the exact same thing, I realize that. But is there a right and wrong way of doing this? I've read a lot about skinny controllers and fat models, where is where option #1 came from. How are you handling this? Thanks, and sorry for the long question!
推荐答案
简而言之,您可以使用这两种方法中的任何一种 - 但您应该稍微改变它们.
Put shortly, you can use either of these approaches - but you should change them a bit.
考虑一下:模型并不真正了解"post、get 和诸如此类的东西.他们应该只知道他们是什么业务相关的东西 - 在你的情况下是用户.
Consider this: The models don't really "know" about post, get and whatnot. They should only know about whatever business-related thing they are - in your case a user.
因此,虽然可以使用方法 #1,但您应该不要直接从模型访问后期变量.相反,让函数采用一组参数,然后用于创建用户.
So while approach #1 can be used, you should not access post variables directly from the model. Instead, make the function take an array of parameters which are then used to create the user.
通过这种方式,您可以轻松地重用代码,比如在 shell 脚本或其他任何地方,没有 $_POST 之类的东西.
This way you can easily reuse the code, say in a shell script or whatever, where there is no such thing as $_POST.
虽然第二种方法在控制器中更加冗长,但您也可以这样做.然而,也许更好的风格方法是使用服务类".该服务将有一个方法,比如说createUserFromArray",它接受一个数组并返回一个用户.同样,您可以将此方法作为参数传递给 $_POST - 类似于您应该如何将它们传递给修改后的 #1 中的函数.
While the second approach is more verbose in the controller, it's something you could do too. However, perhaps a bit better approach in the style is to use a "service class". The service would have a method, let's say "createUserFromArray", which takes an array and returns a user. Again, you would pass this method the $_POST as parameters - similar to how you should pass them into the function in modified #1.
只有控制器应该直接处理输入.这是因为控制器处理请求,因此它可以知道 post.
Only the controller should deal with inputs directly. This is because the controller handles the request, and thus it can know about post.
tl;dr 你的模型不应该直接使用像 $_POST 这样的超全局变量.
tl;dr your models should never use superglobals like $_POST directly.
这篇关于在 MVC 网站中验证和处理表单提交的位置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
