驗證（Validation） · Phalcon中文文檔2.0.6

# 驗證（Validation） # 驗證（Validation） Phalcon\\Validation對Phalcon來說是一個相對獨立的組件，它可以對任意的數據進行驗證。當然也可以用來對非模型內的數據進行驗證。下面的例子展示了一些基本的使用方法： ``` <pre class="calibre14">``` <?php use Phalcon\Validation; use Phalcon\Validation\Validator\Email; use Phalcon\Validation\Validator\PresenceOf; $validation = new Validation(); $validation->add( 'name', new PresenceOf( array( 'message' => 'The name is required' ) ) ); $validation->add( 'email', new PresenceOf( array( 'message' => 'The e-mail is required' ) ) ); $validation->add( 'email', new Email( array( 'message' => 'The e-mail is not valid' ) ) ); $messages = $validation->validate($_POST); if (count($messages)) { foreach ($messages as $message) { echo $message, '<br>'; } } ``` ``` 由于此模型是松耦合設計的，故此我們也可以使用自己書寫的驗證工具： ### 初始化驗證（Initializing Validation）我們可以直接在Phalcon\\Validation初始化時添加驗證鏈。我們可以把驗證器放在一個單獨的文件中以提高代碼的重用率及可組織性： ``` <pre class="calibre14">``` <?php use Phalcon\Validation; use Phalcon\Validation\Validator\Email; use Phalcon\Validation\Validator\PresenceOf; class MyValidation extends Validation { public function initialize() { $this->add( 'name', new PresenceOf( array( 'message' => 'The name is required' ) ) ); $this->add( 'email', new PresenceOf( array( 'message' => 'The e-mail is required' ) ) ); $this->add( 'email', new Email( array( 'message' => 'The e-mail is not valid' ) ) ); } } ``` ``` Then initialize and use your own validator: ``` <pre class="calibre14">``` <?php $validation = new MyValidation(); $messages = $validation->validate($_POST); if (count($messages)) { foreach ($messages as $message) { echo $message, '<br>'; } } ``` ``` ### 驗證器（Validators） Phalcon的驗證組件中內置了一些驗證器：下面的例子中展示了如何創建自定義的驗證器： ``` <pre class="calibre14">``` <?php use Phalcon\Validation\Message; use Phalcon\Validation\Validator; use Phalcon\Validation\ValidatorInterface; class IpValidator extends Validator implements ValidatorInterface { /** * 執行驗證 * * @param Phalcon\Validation $validator * @param string $attribute * @return boolean */ public function validate($validator, $attribute) { $value = $validator->getValue($attribute); if (!filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6)) { $message = $this->getOption('message'); if (!$message) { $message = 'The IP is not valid'; } $validator->appendMessage(new Message($message, $attribute, 'Ip')); return false; } return true; } } ``` ``` 最重要的一點即是難證器要返回一個布爾值以標識驗證是否成功： ### 驗證信息（Validation Messages） [*Phalcon\\Validation*](#) 內置了一個消息子系統，這提供了一個非常好的驗證消息回傳機制，以便在驗證結束后取得驗證信息，比如失敗原因等。每個消息由一個 [*Phalcon\\Validation\\Message*](#) 類的實例構成。驗證過程產生的消息可以使用getMessages()方法取得。每條消息都有一些擴展的信息組成比如產生錯誤的屬性或消息的類型等： ``` <pre class="calibre14">``` <?php $messages = $validation->validate(); if (count($messages)) { foreach ($validation->getMessages() as $message) { echo "Message: ", $message->getMessage(), "\n"; echo "Field: ", $message->getField(), "\n"; echo "Type: ", $message->getType(), "\n"; } } ``` ``` 當然這里我們也可以對getMessages()方法進行重寫，以取得我們想要的信息： ``` <pre class="calibre14">``` <?php use Phalcon\Validation; class MyValidation extends Validation { public function initialize() { // ... } public function getMessages() { $messages = array(); foreach (parent::getMessages() as $message) { switch ($message->getType()) { case 'PresenceOf': $messages[] = 'The field ' . $message->getField() . ' is mandatory'; break; } } return $messages; } } ``` ``` 或我們也可以傳送一個message參數以覆蓋驗證器中默認的信息： ``` <pre class="calibre14">``` <?php use Phalcon\Validation\Validator\Email; $validation->add( 'email', new Email( array( 'message' => 'The e-mail is not valid' ) ) ); ``` ``` 默認，getMessages()方法會返回在驗證過程中所產生的信息。我們可以使用filter()方法來過濾我們感興趣的消息： ``` <pre class="calibre14">``` <?php $messages = $validation->validate(); if (count($messages)) { // Filter only the messages generated for the field 'name' foreach ($validation->getMessages()->filter('name') as $message) { echo $message; } } ``` ``` ### 過濾數據（Filtering of Data）我們可以在數據被驗證之前對其先進行過濾，以確保那些惡意的或不正確的數據不被驗證。 ``` <pre class="calibre14">``` <?php use Phalcon\Validation; $validation = new Validation(); $validation ->add('name', new PresenceOf(array( 'message' => 'The name is required' ))) ->add('email', new PresenceOf(array( 'message' => 'The email is required' ))); // Filter any extra space $validation->setFilters('name', 'trim'); $validation->setFilters('email', 'trim'); ``` ``` 這里我們使用 [*filter*](#): 組件進行過濾。我們還可以使用自定義的或內置的過濾器。 ### 驗證事件（Validation Events）當在類中執行驗證時，我們可以在beforeValidation或afterValidation方法（事件）中執行額外的檢查，過濾，清理等工作。如果beforeValidation方法返回了false則驗證會被中止： ``` <pre class="calibre14">``` <?php use Phalcon\Validation; class LoginValidation extends Validation { public function initialize() { // ... } /** * 驗證執行之前執行 * * @param array $data * @param object $entity * @param Phalcon\Validation\Message\Group $messages * @return bool */ public function beforeValidation($data, $entity, $messages) { if ($this->request->getHttpHost() != 'admin.mydomain.com') { $messages->appendMessage(new Message('Only users can log on in the administration domain')); return false; } return true; } /** * 驗證之后執行 * * @param array $data * @param object $entity * @param Phalcon\Validation\Message\Group $messages */ public function afterValidation($data, $entity, $messages) { // ... Add additional messages or perform more validations } } ``` ``` # 取消驗證（Cancelling Validations）默認所有的驗證器都會被執行，不管驗證成功與否。我們可以通過設置 cancelOnFail 參數為 true 來指定某個驗證器驗證失敗時中止以后的所有驗證： ``` <pre class="calibre14">``` <?php use Phalcon\Validation; use Phalcon\Validation\Validator\Regex; use Phalcon\Validation\Validator\PresenceOf; $validation = new Validation(); $validation ->add('telephone', new PresenceOf(array( 'message' => 'The telephone is required', 'cancelOnFail' => true ))) ->add('telephone', new Regex(array( 'message' => 'The telephone is required', 'pattern' => '/\+44 [0-9]+/' ))) ->add('telephone', new StringLength(array( 'messageMinimum' => 'The telephone is too short', 'min' => 2 ))); ``` ``` 第一個驗證器中 cancelOnFail 參數設置為 true 則表示如果此驗證器驗證失敗則驗證鏈中接下的驗證不會被執行。我們可以在自定義的驗證器中設置 cancelOnFail 為 true 來停止驗證鏈： ``` <pre class="calibre14">``` <?php use Phalcon\Validation; use Phalcon\Validation\Message; use Phalcon\Validation\Validator; use Phalcon\Validation\ValidatorInterface; class MyValidator extends Validator implements ValidatorInterface { /** * 執行驗證 * * @param Phalcon\Validation $validator * @param string $attribute * @return boolean */ public function validate(Validation $validator, $attribute) { // If the attribute value is name we must stop the chain if ($attribute == 'name') { $validator->setOption('cancelOnFail', true); } // ... } } ``` ``` # Avoid validate empty values You can pass the option ‘allowEmpty' to all the built-in validators to avoid thevalidation to be performed if an empty value is passed: ``` <pre class="calibre14">``` <?php use Phalcon\Validation; use Phalcon\Validation\Validator\Regex; $validation = new Validation(); $validation ->add('telephone', new Regex(array( 'message' => 'The telephone is required', 'pattern' => '/\+44 [0-9]+/', 'allowEmpty' => true ))); ``` ``` | - [索引](# "總目錄") - [下一頁](# "表單（Forms）") | - [上一頁](# "上下文編碼（Contextual Escaping）") |