浅谈.net的后台校验
1.场景描述
在开发中,前端的相关模型校验往往不能满足当前开发的需求,也就是并不是十分的安全。于是,很多情况下需要后端进行模型的校验。在.net mvc中,有很多校验的方式(比如:值(1)可以使用内置的标签的校验模式,.net中内置诸如Require/Range/Phone等校验标签,只需在相应的模型字段上打上对应的标签,在相应的Action内使用ModelState.IsVaild便可以进行校验;(2)使用FluentValidation插件(具体的使用查一下文档即可,也比较简单))。本文先抛开这两款校验组件,使用.net 提供的ValidationContext完成自定义的扩展校验。废话不说,直接上代码。
2.代码分享交流
1 public class ValidContext 2 { 3 /// <summary> 4 /// 校验当前模型 5 /// </summary> 6 /// <param name="model"></param> 7 /// <param name="errorMsg"></param> 8 /// <param name="ignores"></param> 9 /// <returns></returns> 10 public static bool Check(object model, ref string errorMsg, IEnumerable<string> ignores = null) 11 { 12 ValidationContext context = new ValidationContext(model); 13 List<ValidationResult> results = new List<ValidationResult>(); 14 bool isVail = Validator.TryValidateObject(model, context, results, true); 15 if (isVail) 16 { 17 errorMsg = "验证通过"; 18 return true; 19 } 20 //判断是否有需要忽略的 21 if (ignores != null) 22 results=results.Where(o =>!ignores.Contains(o.MemberNames.FirstOrDefault())).ToList(); 23 if (results.Count > 0) 24 { 25 errorMsg = results.FirstOrDefault().ErrorMessage; 26 return false; 27 } 28 errorMsg = "验证通过"; 29 return true; 30 31 } 32 33 34 }
1 /// <summary> 2 /// 正则表达式常量(随时可扩展) 3 /// </summary> 4 public class PattarmConst 5 { 6 /// <summary> 7 /// 邮箱 8 /// </summary> 9 public const string IsMail = @"^\w+([-+.]\w+)@\w+([-.]\w+).\w+([-.]\w+)*$"; 10 /// <summary> 11 /// 手机号 12 /// </summary> 13 public const string IsPhone = @"^1[3|4|5|7|8|9][\d]{9}$"; 14 /// <summary> 15 /// url 16 /// </summary> 17 public const string IsUrl = @"^((https|http|ftp|rtsp|mms){0,1}(:\/\/){0,1})www\.(([A-Za-z0-9-~]+)\.)+([A-Za-z0-9-~\/])+$"; 18 /// <summary> 19 /// 汉字 20 /// </summary> 21 public const string IsChinese = @"[\u4e00-\u9fa5]"; 22 /// <summary> 23 /// 15 or 18位的身份证号 24 /// </summary> 25 public const string IsIDCard = @"^\d{15}|\d{18}"; 26 /// <summary> 27 /// 金额 28 /// </summary> 29 public const string IsPrice = @"^(([1-9][0-9]*)|(([0]\.\d{1,2}|[1-9][0-9]*\.\d{1,2})))$"; 30 }
1 /// <summary> 2 /// 校验属性自定义扩展 3 /// </summary> 4 public class RequireExt : ValidationAttribute 5 { 6 public RequireType RequireType { get; set; } 7 public override bool IsValid(object value) 8 { 9 if (value == null) 10 { 11 return false; 12 } 13 string pattarn = string.Empty; 14 switch (RequireType) 15 { 16 case RequireType.PHONE: 17 pattarn = PattarmConst.IsPhone; 18 break; 19 case RequireType.MAIL: 20 pattarn = PattarmConst.IsMail; 21 break; 22 case RequireType.URL: 23 pattarn = PattarmConst.IsUrl; 24 break; 25 case RequireType.IDCARD: 26 pattarn = PattarmConst.IsIDCard; 27 break; 28 case RequireType.PRICE: 29 pattarn = PattarmConst.IsPrice; 30 break; 31 default: 32 throw new AccessViolationException("未定义的枚举类型"); 33 } 34 if (!Regex.IsMatch(value.ToString(), pattarn)) 35 { return false; } 36 return true; 37 } 38 } 39 /// <summary> 40 /// 校验枚举类型 41 /// </summary> 42 public enum RequireType 43 { 44 [Description("手机号")] 45 PHONE = 1, 46 [Description("邮箱")] 47 MAIL = 2, 48 [Description("正规URL")] 49 URL=3, 50 [Description("身份证号")] 51 IDCARD=4, 52 [Description("金额")] 53 PRICE=5 54 }
力争写最通俗易懂的文章,不添加任何防腐剂~~~