Shulou(Shulou.com)06/03 Report--

This article mainly explains the "ThinkPHP3.1 form submission field legitimacy detection usage", the article explains the content is simple and clear, easy to learn and understand, now please follow the editor's train of thought slowly in depth, together to study and learn "ThinkPHP3.1 form submission field legitimacy detection usage" bar!

The ThinkPHP3.1 version adds the legitimacy detection of the field submitted by the form, which can better protect the security of the data. This feature is an important part of 3.1 security features.

Form field validity detection takes effect only when a data object is created using the create method. There are two ways:

I. attribute definition

You can configure insertFields and updateFields properties for the model to add and edit form settings. When you use the create method to create a data object, properties that are not within the defined scope will be discarded directly to prevent the form from submitting illegal data.

The insertFields and updateFields properties are set as strings (commas split multiple fields) or arrays, such as:

Class UserModel extends Model {protected $insertFields = array ('account','password','nickname','email'); protected $updateFields = array (' nickname','email');}

The field you set should be the actual Datasheet field, unaffected by the field mapping.

When we use it, when we call the create method, we automatically identify the insertFields and updateFields properties based on the submission type:

D ('User')-> create ()

When you use the create method to create a data object, when you add user data, fields other than 'account','password','nickname','email'' are masked, and fields outside 'nickname','email'' are blocked when editing.

The following is defined by a string, which is equally valid:

Class UserModel extends Model {protected $insertFields = 'account,password,nickname,email'; protected $updateFields =' nickname,email';}

Method invocation

If you don't want to define the insertFields and updateFields properties, or if you want to call them dynamically, you can call the field method directly before calling the create method, for example, to achieve the same effect as the example above:

When adding user data, use:

$User = M ('User'); $User- > field (' account,password,nickname,email')-> create (); $User- > add ()

When updating user data, use:

$User = M ('User'); $User- > field (' nickname,email')-> create (); $User- > where ($map)-> save ()

The fields here are also the actual datasheet fields. The field method can also be used as an array.

Thank you for your reading, the above is the "ThinkPHP3.1 form submitted field legitimacy detection usage" of the content, after the study of this article, I believe you on the ThinkPHP3.1 form submitted field legitimacy detection of the use of this problem has a deeper understanding, the specific use also needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.