colleague / study-project · Commits

Commit 46c419eed2b0661f35981f7d6cb6fba32a4bb12e

Authored by luoyanshou
1 parent 37d6de1b

【留言板】发表留言相关 数据验证实现

Inline Side-by-side
Showing 3 changed files with 72 additions and 10 deletions
trunk/Message/Api/Controller/Message/MessInputController.class.php
  View file @46c419e
@@ -8,7 +8,7 @@ @@ -8,7 +8,7 @@
8 8
9 namespace Api\Controller\Message; 9 namespace Api\Controller\Message;
10 10
11 -use Common\Model\RightModel; 11 +use Common\Model\MessagesModel;
12 12
13 class MessInputController extends \Api\Controller\AbstractController 13 class MessInputController extends \Api\Controller\AbstractController
14 { 14 {
@@ -20,20 +20,55 @@ class MessInputController extends \Api\Controller\AbstractController @@ -20,20 +20,55 @@ class MessInputController extends \Api\Controller\AbstractController
20 protected $_require_login = false; 20 protected $_require_login = false;
21 21
22 22
23 - public function Index_get() 23 + public function Index_post()
24 { 24 {
25 - $this->_result = "您已留言成功,请等待审核。"; 25 +
  26 + session_start();
  27 +
  28 + $data = $this->checkFields( I('post.') );
  29 +
  30 + if( !$data ){
  31 + $this->_result = "数据验证失败";
  32 + die;
  33 + }
  34 +
  35 + $messagesModel = new MessagesModel();
  36 +
  37 + $messagesModel->m_uid = $_SESSION['userid'];
  38 + $messagesModel->m_title = $data['title'];
  39 + $messagesModel->m_content = $data['message'];
  40 + $messagesModel->m_ip = $_SERVER['REMOTE_ADDR'];
  41 +
  42 + //$this->_result = "您已留言成功,请等待审核。";
26 43
27 } 44 }
28 45
29 /** 46 /**
30 * 验证提交参数字段合法性 47 * 验证提交参数字段合法性
31 * 48 *
32 - * @param array $post 49 + * @param array $postData
33 * @return bool 50 * @return bool
34 */ 51 */
35 - private function checkFields($post = []) 52 + private function checkFields($postData = [])
36 { 53 {
37 - return true; 54 + $parrent = "/\ |\/|\~|\!|\@|\#|\\$|\%|\^|\&|\*|\(|\)|\_|\+|\{|\}|\:|\<|\>|\?|\[|\]|\,|\.|\/|\;|\\' | \`|\-|\=|\\\|\|/";
  55 + $data = [];
  56 +
  57 + if( empty($postData['title']) || strlen($postData['title'])>80 ){
  58 + $this->_result = "标题不能为空且标题长度必须小于80。";
  59 + return false;
  60 +
  61 + }else{
  62 + $data['title'] = preg_replace( $parrent, "", $postData['title']);
  63 + }
  64 +
  65 + if( empty($postData['message']) || strlen($postData['message'])>500 ){
  66 + $this->_result = "留言内容不能为空且长度必须小于500。";
  67 + return false;
  68 + }else{
  69 + $data['message'] = preg_replace( $parrent, "", $postData['message'] );
  70 + }
  71 +
  72 + return $data;
38 } 73 }
39 } 74 }
trunk/www/apidocassets/javascript/mess_front.js
  View file @46c419e
@@ -10,7 +10,31 @@ @@ -10,7 +10,31 @@
10 function inputCheck( src ) 10 function inputCheck( src )
11 { 11 {
12 // 发表留言场景 12 // 发表留言场景
13 - if( src == 'mess' ){} 13 + if( src == 'mess' ){
  14 + var title = $('#txtTitle').val();
  15 + var content = $('#txtCon').val();
  16 +
  17 + if( title == '' || title.length >80){
  18 + return false;
  19 + }
  20 +
  21 + if( content !='' && content.length <=500){
  22 + var pattern = new RegExp("[`~!@#$^&*()=|{}':;',\\[\\].<>/?~!@#¥……&*()——|{}【】‘;:”“'。,、?]");
  23 + var message = "";
  24 + for(var i=0;i<content.length;i++)
  25 + {
  26 + message += content.substr(i, 1).replace(pattern, '');
  27 + }
  28 +
  29 + $("#message").val( message );
  30 +
  31 + }else{
  32 + return false;
  33 + }
  34 +
  35 + return true;
  36 + }
  37 +
14 38
15 // 登录场景 39 // 登录场景
16 if( src == 'login' ){ 40 if( src == 'login' ){
@@ -35,6 +59,8 @@ function jumpSubmit() @@ -35,6 +59,8 @@ function jumpSubmit()
35 return false; 59 return false;
36 } 60 }
37 61
  62 + $("#frm_input").submit();
  63 +
38 } 64 }
39 65
40 /** 66 /**
trunk/www/mess_front/input.PHP
  View file @46c419e
@@ -20,7 +20,7 @@ @@ -20,7 +20,7 @@
20 </head> 20 </head>
21 <body> 21 <body>
22 <div class="con"> 22 <div class="con">
23 - <form action="http://lys.com/wx5019b9c455ea9c81/Message/Api/Message/MessInput" method="post" id="frm_input"> 23 + <form action="http://lys.com/wx5019b9c455ea9c81/Message/Api/Message/MessInput/Index" method="post" id="frm_input">
24 <table> 24 <table>
25 <caption><h2>发表留言</h2></caption> 25 <caption><h2>发表留言</h2></caption>
26 <!--<tr> 26 <!--<tr>
@@ -32,13 +32,14 @@ @@ -32,13 +32,14 @@
32 <tr> 32 <tr>
33 <td>标题:</td> 33 <td>标题:</td>
34 <td> 34 <td>
35 - <input name="txtTitle" id="txtTitle" type="text" maxlength="80" > 35 + <input name="title" id="txtTitle" type="text" maxlength="80" >
36 </td> 36 </td>
37 </tr> 37 </tr>
38 <tr> 38 <tr>
39 <td>留言内容:</td> 39 <td>留言内容:</td>
40 <td> 40 <td>
41 - <textarea rows="8" cols="40" name="txtCon" id="txtCon" ></textarea> 41 + <textarea rows="8" cols="40" name="content" id="txtCon" ></textarea>
  42 + <input type="hidden" value="" name="message" id="message" >
42 </td> 43 </td>
43 </tr> 44 </tr>
44 <tr> 45 <tr>