我有一个简单的注册表格和完整的模型验证。
public function add() {
// Has any form data been POSTed?
if ($this->request->is('post')) {
$this->User->set($this->request->data); //echo '<pre>'; print_r($this->data);exit;
if($this->User->validates()){
if ($this->User->save($this->request->data)) {
// Set a session flash message and redirect.
$this->Session->setFlash('User Saved!');
return $this->redirect('/users');
}
}
}
}
模态验证代码如下
class User extends AppModel {
public $validate = array(
'username' => array(
'alphaNumeric' => array(
'rule' => 'alphaNumeric',
'required' => true,
'message' => 'Alphabets and numbers only'
),
'between' => array(
'rule' => array('between', 5, 15),
'message' => 'Between 5 to 15 characters'
)
),
'password' => array(
'rule' => array('minLength', '8'),
'message' => 'Minimum 8 characters long'
),
'email' => 'email',
'born' => array(
'rule' => 'date',
'message' => 'Enter a valid date',
'allowEmpty' => true
)
);
}
问题在于,当我使用firebug删除html字段并提交表单时,它会使用空白条目保存数据。我认为这是我面临的一个大问题,因为保存空白条目不是一个好习惯,我想阻止它被黑客或任何人阻止。 请帮忙。
答案 0 :(得分:0)
为数据库中不应为空白条目的所有字段添加验证规则'notEmpty'。
参考:cookbook
答案 1 :(得分:0)
我同意semmelbroesel13
请使用 notEmpty 规则:
<强> 'rule' => array('notempty')
<强>更新
请尝试下面的代码并检查查询是否正确
public function add() {
// Has any form data been POSTed?
if ($this->request->is('post')) {
$this->User->set($this->request->data); //echo '<pre>'; print_r($this->data);exit;
if($this->User->validates()){
if ($this->User->save($this->request->data)) {
$log=$this->User->getDataSource()->getLog(false, false);
echo "<pre>";print_r($log);exit;
// Set a session flash message and redirect.
$this->Session->setFlash('User Saved!');
return $this->redirect('/users');
}
}
}
}