Zend - 您可以使用验证器来检查 Zend_Form 中的用户名密码组合吗?
我已经检查了 Zend Framework:Zend_Validate_Db_RecordExists 和 Zend_Validate_Db_NoRecordExists,并观察到您可以检查数据库表中的列以查看表单中的值是否出现在命名列中。
我还观察到,您可以根据同一行中另一列的值排除一行。
是否可以使用这些验证器来验证密码是否与用户名匹配?
到目前为止,在我的表单中,如果用户输入正确的用户名和正确的密码(但不一定是该用户名的密码!),表单就会验证输入。显然,对于登录表单或用户名/令牌激活表单,令牌或密码必须与同一行中的用户名匹配!
谢谢。
$this->addElement('text', 'handle', array(
'label' => 'Username:',
'required' => true,
'filters' => array('StringTrim'),
'validators' => array(
array(
'NotEmpty', true, array('messages' => 'You must enter your username.')
),
array(
'Db_RecordExists',
false,
array (
'member_activation',
'member_username'
)
)
)
));
$this->addElement('text', 'validationCode', array(
'label' => 'Code:',
'required' => true,
'filters' => array('StringTrim'),
'validators' => array(
array(
'NotEmpty', true, array('messages' => 'You must enter your validation code.')
),
array(
'Db_RecordExists',
false,
array (
'member_activation',
'member_validationcode'
)
)
)
));
I have examined Zend Framework: Zend_Validate_Db_RecordExists and
Zend_Validate_Db_NoRecordExists, and observed that you can check columns in a database table to see if the value in your form appears in a named column.
I have also observed that you can exclude a row based on the value of another column in the same row.
Is it possible to validate that a password matches a username using these validators?
So far, in my form, if a user inputs a correct username and a correct password (but not neccessarily the password for this username!) the form validates the input. Obviously for a login form or a username/token activation form, the token or password must match the username in the same row!
Thanks.
$this->addElement('text', 'handle', array(
'label' => 'Username:',
'required' => true,
'filters' => array('StringTrim'),
'validators' => array(
array(
'NotEmpty', true, array('messages' => 'You must enter your username.')
),
array(
'Db_RecordExists',
false,
array (
'member_activation',
'member_username'
)
)
)
));
$this->addElement('text', 'validationCode', array(
'label' => 'Code:',
'required' => true,
'filters' => array('StringTrim'),
'validators' => array(
array(
'NotEmpty', true, array('messages' => 'You must enter your validation code.')
),
array(
'Db_RecordExists',
false,
array (
'member_activation',
'member_validationcode'
)
)
)
));
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
你能将身份验证硬塞到 Zend_Validate 中吗?绝对地?
你应该吗?天哪,不。
如果你这样做,你就会把担忧混为一谈。
Zend_Validate_Db_RecordExists东西实际上是一种边界线,但它很方便。但一旦你沿着你正在考虑的道路走下去,几乎一切都变成了验证,而事实并非如此。您可能会发现自己硬塞了各种各样的东西,比如 ACL 检查等。
验证几乎总是应该关注事物的格式。添加对数据持久性、ACL 系统或其他任何东西的依赖只会增加内聚性。这将使测试、调试或更改代码变得更加困难。
使用 Zend_Validate 进行验证。确保字符串不要太长。确保这些整数 >= 0。确保美国电话号码有十位数字。
但是,如果您需要进行更深入的检查,深入持久层,并且都是关于您的业务逻辑,那么您最好在远离简单表单验证的地方进行检查。
Could you shoehorn authentication into Zend_Validate? Absolutely?
Should you? Hell no.
If you do, you're commingling concerns. The
Zend_Validate_Db_RecordExistsstuff is actually kind of border-line, but it's convenient.But once you go down the road you're considering, almost everything becomes validation, when it really isn't. You could find yourself shoehorning all sorts of things, like ACL checks, etc.
Validation should be concerned, almost always, with the format of things. Adding dependencies on data-persistence, and ACL system, or anything else, is just going to increase cohesion. That will make it harder to test, debug, or change your code.
Use Zend_Validate for validation stuff. Make sure strings aren't too long. Make sure these ints are >= 0. Make sure that a US phone number has ten digits.
But if you need to do deeper checks, that dig into your persistence layer, and are all about your business logic, you're better off doing that somewhere far away from simple form validation.
如果您在
Zend_Form中坚持验证,那么您将使其依赖于您的底层框架,这(从领域驱动设计的角度来看)并不是一件好事,因为您将部分领域逻辑耦合到您的应用程序的外部资源。If you stick validation in your
Zend_Formyou are making it dependant on your underlying Framework which (from a Domain Driven Design point of view) is not a good thing since you are coupling part of your domain logic to an external resource of your application.