问题描述

我不知道哪个是最好的?您认为在控制器中验证 用户登录表单 或其他表单更好还是定义一个类(例如模型中的安全类")进行验证更好?或定义一些类进行验证?你知道更好的选择或好的技术吗?

I don't know which one is the best? do you think it's better to validate user login form or other forms in controller or it's better to define one class for example 'security class' in model to validation? or define some classes for validation? do you know a better choice or good technique?

<?php
class acontroller{
.
.
.
private function loginformAction()
{
    $this->actionform='loginform';
    $this->errorMsg=array();
    if(isset($post)){
        if(empty($post('aliasName'))){
                       ...
        }else{
           ...
                    }
        if(empty($post('password'))){
                      ...
        }
        if(empty($post('re_password'))){
                      ...   
        }
        if(!empty($post('password')) && isset($post('re_password')) ){
                      ...
        }
    }

    $this->render();
}
  .
  .
  .
 }   

推荐答案

验证是域逻辑的一部分.控制器应该与此无关.它只需要将传入的请求值传递给模型层的适当部分.

Validation is part of the domain logic. Controller should have nothing to do with this. It only has to pass the incoming request values to the proper parts of model layer.

验证本身应该发生在模型层内的域对象中.此外，在某些表格中，您必须担心数据完整性(即注册表中的唯一用户名).在这种情况下，数据完整性检查实际上应该由 数据映射器 处理，本质上，将数据传递给SQL 数据库，执行检查，如果有违规，则触发 DB 抽象异常.

The validation itself should happen in domain objects within the model layer. Also, in some forms you have to worry about data integrity (i.e. unique usernames in registration form). In that case the data integrity checks actually should be handled by data mappers by, essentially, passing data to SQL database, which performs the check and, if there is a violation, it triggers an exception on DB abstraction.

由于您的问题与身份验证/授权有关，您可能会发现这篇文章相关.

Since your problems is dealing with authentication/authorization, you might find this post relevant.

这篇关于在 mvc php 中验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！