在 Zend Framework中过滤 URL 输入($_GET
容器)的最佳方法是什么?
这是我当前的实现:我有一个BookController
带有,和参数indexAction
的 a 。首先,我获取这些参数并使用.page
order
dir
_getParam()
对于这些参数中的每一个,我在我的服务层中创建一个方法来验证和过滤特定参数。如果输入有效,则返回其过滤后的值,否则返回 FALSE。
在控制器中:
class BookController extends Zend_Controller_Action
{
public function indexAction()
{
// Fetch params and define default values
$page = $this->getParam('page', 1);
$order = $this->getParam('order', 'id');
$dir = $this->getParam('dir', 'asc');
// Instantiate service layer and validate individual parameters
$service = new Service_Book;
$page = $bookService->validatePageFromUrl($page);
$order = $bookService->validateOrderFromUrl($order);
$dir = $bookService->validateDirFromUrl($dir);
if ($page && $order && $dir)
{
// We're okay
}
else
{
// Redirect
}
}
}
在服务层
class Service_Book
{
public function validatePageFromUrl($page)
{
$filters = array(
'page' => array(
'HtmlEntities',
'StripTags',
'StringTrim'
)
);
$validators = array(
'page' => array(
'int'
)
);
$data['page'] = $page;
$input = new Zend_Filter_Input($filters, $validators, $data);
if ($input->isValid())
{
return $input->page;
}
else
{
return FALSE;
}
}
public function validateOrderFromUrl($order)
{
$filters = array(
'order' => array(
'HtmlEntities',
'StripTags',
'StringTrim'
)
);
$validators = array(
'order' => array(
array('InArray', 'haystack' => $this->getColumnNames())
)
);
$data['order'] = $order;
$input = new Zend_Filter_Input($filters, $validators, $data);
if ($input->isValid())
{
return $input->order;
}
else
{
return FALSE;
}
}
public function validateDirFromUrl($dir)
{
$filters = array(
'dir' => array(
'HtmlEntities',
'StripTags',
'StringTrim'
)
);
$validators = array(
'dir' => array(
array('InArray', 'haystack' => array('asc', 'desc'))
)
);
$data['dir'] = $dir;
$input = new Zend_Filter_Input($filters, $validators, $data);
if ($input->isValid())
{
return $input->dir;
}
else
{
return FALSE;
}
}
}