ThinkPHP3.1新特性之字段合法性检测详解_php实例
ThinkPHP3.1版增加了表单提交的字段合法性检测,可以更好的保护数据的安全性。这一特性是3.1安全特性中的一个重要部分。
表单字段合法性检测需要使用create方法创建数据对象的时候才能生效,具体有两种方式:
一、属性定义
可以给模型配置insertFields 和 updateFields属性用于新增和编辑表单设置,使用create方法创建数据对象的时候,不在定义范围内的属性将直接丢弃,避免表单提交非法数据。
insertFields 和 updateFields属性的设置采用字符串(逗号分割多个字段)或者数组的方式,例如:
class UserModel extends Model{
protected $insertFields = array('account','password','nickname','email');
protected $updateFields = array('nickname','email');
}
设置的字段应该是实际的数据表字段,而不受字段映射的影响。
在使用的时候,我们调用create方法的时候,会根据提交类型自动识别insertFields和updateFields属性:
D('User')->create();
使用create方法创建数据对象的时候,新增用户数据的时候,就会屏蔽'account','password','nickname','email' 之外的字段,编辑的时候就会屏蔽'nickname','email'之外的字段。
下面是采用字符串定义的方式,同样有效:
class UserModel extends Model{
protected $insertFields = 'account,password,nickname,email';
protected $updateFields = 'nickname,email';
}
二、方法调用
如果不想定义insertFields和updateFields属性,或者希望可以动态调用,可以在调用create方法之前直接调用field方法,例如,实现和上面的例子同样的作用:
在新增用户数据的时候,使用:
$User = M('User');
$User->field('account,password,nickname,email')->create();
$User->add();
而在更新用户数据的时候,使用:
$User = M('User');
$User->field('nickname,email')->create();
$User->where($map)->save();
这里的字段也是实际的数据表字段。field方法也可以使用数组方式。
使用字段合法性检测后,你不再需要担心用户在提交表单的时候注入非法字段数据了。显然第二种方式更加灵活一些,根据需要选择吧!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
PHP 8.3 released: new features at a glance
Nov 27, 2023 pm 12:52 PM
PHP8.3 released: Overview of new features As technology continues to develop and needs change, programming languages are constantly updated and improved. As a scripting language widely used in web development, PHP has been constantly improving to provide developers with more powerful and efficient tools. The recently released PHP 8.3 version brings many long-awaited new features and improvements. Let’s take a look at an overview of these new features. Initialization of non-null properties In past versions of PHP, if a class property was not explicitly assigned a value, its value
A guide to learn the new features of PHP8 and gain an in-depth understanding of the latest technology
Dec 23, 2023 pm 01:16 PM
An in-depth analysis of the new features of PHP8 to help you master the latest technology. As time goes by, the PHP programming language has been constantly evolving and improving. The recently released PHP8 version provides developers with many exciting new features and improvements, bringing more convenience and efficiency to our development work. In this article, we will analyze the new features of PHP8 in depth and provide specific code examples to help you better master these latest technologies. JIT compiler PHP8 introduces JIT (Just-In-Time) compilation
New Redis extension introduced in PHP8.1
Jul 07, 2023 pm 09:41 PM
The new Redis extension introduced in PHP8.1 With the rapid development of the Internet, a large amount of data needs to be stored and processed. In order to improve the efficiency and performance of data processing, caching has become an indispensable part. In PHP development, Redis, as a high-performance key-value storage system, is widely used in caching and data storage scenarios. In order to further improve the experience of using Redis in PHP, PHP8.1 introduces a new Redis extension. This article will introduce the new functions of this extension and provide
Interpretation of new features of Go language: making programming more efficient
Mar 10, 2024 pm 12:27 PM
[Interpretation of new features of Go language: To make programming more efficient, specific code examples are needed] In recent years, Go language has attracted much attention in the field of software development, and its simple and efficient design concept has attracted more and more developers. As a statically typed programming language, Go language continues to introduce new features to improve development efficiency and simplify the code writing process. This article will provide an in-depth explanation of the latest features of the Go language and discuss how to experience the convenience brought by these new features through specific code examples. Modular development (GoModules) Go language from 1
An overview of the new features of CSS3: How to use CSS3 to achieve transition effects
Sep 09, 2023 am 11:27 AM
Overview of the new features of CSS3: How to use CSS3 to achieve transition effects CSS3 is the latest version of CSS. Among the many new features, the most interesting and practical one should be the transition effect. Transition effects can make our pages smoother and more beautiful during interaction, giving users a good visual experience. This article will introduce the basic usage of CSS3 transition effects, with corresponding code examples. transition-property attribute: Specify the CSS property transition effect that needs to be transitioned
What are the new features of php8
Sep 25, 2023 pm 01:34 PM
New features of php8 include JIT compiler, type deduction, named parameters, union types, properties, error handling improvements, asynchronous programming support, new standard library functions and anonymous class extensions. Detailed introduction: 1. JIT compiler, PHP8 introduces the JIT compiler, which is an important performance improvement. The JIT compiler can compile and optimize some high-frequency execution codes in real time, thereby improving the running speed; 2. Type derivation , PHP8 introduces the type inference function, allowing developers to automatically deduce the type of variables when declaring variables, etc.
Interpretation of numpy version updates: new features and improved performance
Jan 19, 2024 am 10:11 AM
With the continuous development of data science and deep learning, Python is one of the mainstream programming languages, and its scientific computing library numpy is also constantly innovating. Recently, numpy has released a new version that contains some new features and performance improvements. In this post, we’ll take a deep dive into the new version of numpy and introduce some of its important features and improvements. Shuffle function improvement Before numpy1.17.0, the shuffle function would reorder the array elements in random order. Ran
jdk8 new features
Aug 11, 2023 am 10:51 AM
New features of jdk8: 1. Lambda expression; 2. Stream API; 3. Functional interface; 4. Default method; 5. Method reference; 6. New date and time API; 7. Concurrency enhancement; 8. Other improvements, etc. wait.
