浅谈.net的后台校验

1.场景描述

     在开发中,前端的相关模型校验往往不能满足当前开发的需求,也就是并不是十分的安全。于是,很多情况下需要后端进行模型的校验。在.net mvc中,有很多校验的方式(比如:值(1)可以使用内置的标签的校验模式,.net中内置诸如Require/Range/Phone等校验标签,只需在相应的模型字段上打上对应的标签,在相应的Action内使用ModelState.IsVaild便可以进行校验;(2)使用FluentValidation插件(具体的使用查一下文档即可,也比较简单))。本文先抛开这两款校验组件,使用.net 提供的ValidationContext完成自定义的扩展校验。废话不说,直接上代码。

2.代码分享交流

     


 1 public class ValidContext 2  { 3 /// <summary> 4 /// 校验当前模型 5 /// </summary> 6 /// <param name="model"></param> 7 /// <param name="errorMsg"></param> 8 /// <param name="ignores"></param> 9 /// <returns></returns>10 public static bool Check(object model, ref string errorMsg, IEnumerable<string> ignores = null)11  {12 ValidationContext context = new ValidationContext(model);13 List<ValidationResult> results = new List<ValidationResult>();14 bool isVail = Validator.TryValidateObject(model, context, results, true);15 if (isVail)16  {17 errorMsg = "验证通过";18 return true;19  }20 //判断是否有需要忽略的21 if (ignores != null)22 results=results.Where(o =>!ignores.Contains(o.MemberNames.FirstOrDefault())).ToList();23 if (results.Count > 0)24  {25 errorMsg = results.FirstOrDefault().ErrorMessage;26 return false;27  }28 errorMsg = "验证通过";29 return true;30 31  }32 33 34 }

View Code

 1 /// <summary> 2 /// 正则表达式常量(随时可扩展) 3 /// </summary> 4 public class PattarmConst 5  { 6 /// <summary> 7 /// 邮箱 8 /// </summary> 9 public const string IsMail = @"^\w+([-+.]\w+)@\w+([-.]\w+).\w+([-.]\w+)*$";10 /// <summary>11 /// 手机号12 /// </summary>13 public const string IsPhone = @"^1[3|4|5|7|8|9][\d]{9}$";14 /// <summary>15 /// url16 /// </summary>17 public const string IsUrl = @"^((https|http|ftp|rtsp|mms){0,1}(:\/\/){0,1})www\.(([A-Za-z0-9-~]+)\.)+([A-Za-z0-9-~\/])+$";18 /// <summary>19 /// 汉字20 /// </summary>21 public const string IsChinese = @"[\u4e00-\u9fa5]";22 /// <summary>23 /// 15 or 18位的身份证号24 /// </summary>25 public const string IsIDCard = @"^\d{15}|\d{18}";26 /// <summary>27 /// 金额28 /// </summary>29 public const string IsPrice = @"^(([1-9][0-9]*)|(([0]\.\d{1,2}|[1-9][0-9]*\.\d{1,2})))$";30 }

View Code

 1 /// <summary> 2 /// 校验属性自定义扩展 3 /// </summary> 4 public class RequireExt : ValidationAttribute 5  { 6 public RequireType RequireType { get; set; } 7 public override bool IsValid(object value) 8  { 9 if (value == null)10  {11 return false;12  }13 string pattarn = string.Empty;14 switch (RequireType)15  {16 case RequireType.PHONE:17 pattarn = PattarmConst.IsPhone;18 break;19 case RequireType.MAIL:20 pattarn = PattarmConst.IsMail;21 break;22 case RequireType.URL:23 pattarn = PattarmConst.IsUrl;24 break;25 case RequireType.IDCARD:26 pattarn = PattarmConst.IsIDCard;27 break;28 case RequireType.PRICE:29 pattarn = PattarmConst.IsPrice;30 break;31 default:32 throw new AccessViolationException("未定义的枚举类型");33  }34 if (!Regex.IsMatch(value.ToString(), pattarn))35 { return false; }36 return true;37  }38  }39 /// <summary>40 /// 校验枚举类型41 /// </summary>42 public enum RequireType43  {44 [Description("手机号")]45 PHONE = 1,46 [Description("邮箱")]47 MAIL = 2,48 [Description("正规URL")]49 URL=3,50 [Description("身份证号")]51 IDCARD=4,52 [Description("金额")]53 PRICE=554 }

View Code

 

相关文章