📄 paramchecker.java~2~
字号:
;
else {
isValid = false;
addMsg("err_need_less_equal", new String[] {fieldDesc, "" + max});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
} else {
String strMax = cond.substring(4, cond.length()).
trim();
try {
int max = Integer.parseInt(strMax);
if (fieldValue < max)
;
else {
isValid = false;
addMsg("err_need_less", new String[] {fieldDesc, "" + max});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
}
} else {
isValid = false;
addMsg("err_format", new String[] {cond});
}
}
}
}
if (!isValid) {
if (onErrorExit) {
throw new CheckErrException(msgs);
}
}
}
public void checkFieldString(String ruleStr) throws CheckErrException {
String fieldName = "";
String[] rule = split(ruleStr);
if (rule == null) {
addMsg("err_format", new String[] {ruleStr});
return;
}
int len = rule.length;
if (len < 4) {
addMsg("err_format", new String[] {ruleStr});
return;
}
fieldName = rule[1];
String value = getFieldValue(fieldName);
checkFieldString(ruleStr, value);
}
public void checkFieldString(String ruleStr, String value) throws CheckErrException {
String fieldName = "";
String type = "";
String fieldDesc = "";
String[] rule = split(ruleStr);
if (rule == null) {
addMsg("err_format", new String[] {ruleStr});
return;
}
int len = rule.length;
if (len < 4) {
addMsg("err_format", new String[] {ruleStr});
return;
}
type = rule[0];
fieldName = rule[1];
fieldDesc = parseFieldDesc(rule[2]);
String NULL = rule[3];
boolean isValid = true;
boolean isReturn = false;
if (value == null) {
isReturn = true;
if (NULL.equalsIgnoreCase("not")) {
addMsg("err_want", new String[] {fieldDesc});
}
else if (NULL.equalsIgnoreCase("empty")) {
value = "";
}
else if (NULL.equalsIgnoreCase("allow")) {
;
}
else if (NULL.equalsIgnoreCase("ip")) {
value = request.getHeader("HTTP_X_FORWARDED_FOR"); // 如果有代理
if (value == null) {
value = StrUtil.getNullStr(request.getRemoteAddr());
}
// 存储field值
Field f = new Field(fieldName, fieldDesc, value, type);
fields.put(fieldName, f);
}
else
value = NULL;
} else {
value = value.trim();
if (value.equals("")) {
isReturn = true;
if (NULL.equalsIgnoreCase("not")) {
addMsg("err_blank", new String[] {fieldDesc});
isValid = false;
}
if (NULL.equalsIgnoreCase("empty")) {
Field f = new Field(fieldName, fieldDesc, value, type);
fields.put(fieldName, f);
return;
}
}
}
// 存储field值
// logger.info("checkFieldString:" + fieldName + " " + fieldDesc + " value=" + value + " type=" + type);
Field f = new Field(fieldName, fieldDesc, value, type);
fields.put(fieldName, f);
if (isReturn)
return;
// 规则部分,以类似email=true的方式
for (int i = 4; i < len; i++) {
String cond = rule[i].trim().toLowerCase();
if (cond.startsWith("email")) {
if (value != null) {
String v = getCondValue(cond);
if (v.equals("true")) {
if (!StrUtil.IsValidEmail(value)) {
isValid = false;
addMsg("err_email", new String[] {fieldDesc});
}
}
}
} else if (cond.startsWith("isnotcn")) {
if (value != null) {
String v = getCondValue(cond);
if (v.equals("true")) {
if (!StrUtil.isNotCN(v)) {
isValid = false;
addMsg("err_cn", new String[] {fieldDesc});
}
}
}
} else if (cond.startsWith("exclude")) {
if (value != null) {
String v = getCondValue(cond);
String[] chars = StrUtil.split(v, "\\|");
int chlen = 0;
if (chars != null)
chlen = chars.length;
for (int k = 0; k < chlen; k++) {
if (value.indexOf(chars[k]) != -1) {
isValid = false;
addMsg("err_except", new String[] {fieldDesc, chars[k]} );
}
}
}
} else if (cond.startsWith("sql")) {
if (value != null) {
String v = getCondValue(cond);
if (v.equals("sqlserver")) {
if (!SecurityUtil.isValidSqlParam(value)) {
isValid = false;
addMsg("err_sql", new String[] {fieldDesc} );
}
}
}
} else if (cond.startsWith("isnum")) {
if (value != null) {
String v = getCondValue(cond);
if (v.equals("true")) {
if (!StrUtil.isNumeric(value)) {
isValid = false;
addMsg("err_not_num", new String[] {fieldDesc});
}
}
}
} else if (cond.startsWith("min")) {
if (value != null) {
int valueLen = value.length();
// 取出符号
char token = cond.charAt(3);
if (token == '>') {
if (cond.charAt(4) == '=') {
String strLen = cond.substring(5, cond.length()).
trim();
try {
int minLen = Integer.parseInt(strLen);
if (valueLen >= minLen)
;
else {
isValid = false;
addMsg("err_len_more_equal", new String[] {fieldDesc, "" + minLen});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
} else {
String strLen = cond.substring(4, cond.length()).
trim();
try {
int minLen = Integer.parseInt(strLen);
if (valueLen > minLen)
;
else {
isValid = false;
addMsg("err_len_more", new String[] {fieldDesc, "" + minLen});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
}
} else if (token == '<') {
// 最小长度,不应出现<符号
addMsg("err_format", new String[] {cond});
} else if (token == '=') {
String strLen = cond.substring(4, cond.length()).trim();
try {
int slen = Integer.parseInt(strLen);
if (valueLen == slen)
;
else {
isValid = false;
addMsg("err_len_equal", new String[] {fieldDesc, "" + slen});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
} else {
isValid = false;
addMsg("err_format", new String[] {cond});
}
}
} else if (cond.startsWith("max")) {
if (value != null) {
int valueLen = value.length();
char token = cond.charAt(3);
// 取出符号
if (token == '<') {
if (cond.charAt(4) == '=') {
String strLen = cond.substring(5, cond.length()).
trim();
try {
int maxLen = Integer.parseInt(strLen);
if (valueLen <= maxLen)
;
else {
isValid = false;
addMsg("err_len_less_equal", new String[] {fieldDesc, "" + maxLen});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
} else {
String strLen = cond.substring(4, cond.length()).
trim();
try {
int maxLen = Integer.parseInt(strLen);
if (valueLen < maxLen)
;
else {
isValid = false;
addMsg("err_len_less", new String[] {fieldDesc, "" +maxLen});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
}
} else if (token == '>') {
// 最小长度,不应出现<符号
isValid = false;
addMsg("err_format", new String[] {cond});
} else if (token == '=') {
String strLen = cond.substring(4, cond.length()).trim();
try {
int slen = Integer.parseInt(strLen);
if (valueLen == slen)
;
else {
isValid = false;
addMsg("err_len_less_equal", new String[] {fieldDesc, "" + slen});
}
} catch (Exception e) {
isValid = false;
addMsg("err_format", new String[] {cond});
}
} else {
isValid = false;
addMsg("err_format", new String[] {cond});
}
}
}
}
if (!isValid) {
if (onErrorExit) {
throw new CheckErrException(msgs);
}
}
}
/**
* 取得表达式中=号后面的值
* @param cond String
* @return String
*/
public String getCondValue(String cond) {
int p = cond.indexOf("=");
if (cond.length() > p + 1)
return cond.substring(p + 1, cond.length()).trim();
else
return "";
}
public void addMsg(String str) {
msgs.addElement(str);
}
public String getMessage(boolean isHtml) {
String str = "";
Iterator ir = msgs.iterator();
while (ir.hasNext()) {
if (str.equals(""))
str = (String) ir.next();
else
str += "\\r" + (String) ir.next();
}
if (isHtml)
str = StrUtil.toHtml(str);
return str;
}
public Vector getMsgs() {
return this.msgs;
}
/**
* 设置当检查出来错误时,是否继续检查其它域
* @param onErrorExit boolean
*/
public void setOnErrorExit(boolean onErrorExit) {
this.onErrorExit = onErrorExit;
}
public boolean getOnError() {
return this.onErrorExit;
}
public void addMsg(String key, String[] ary) {
addMsg(LoadString(key, ary));
}
public String LoadString(String key, String[] ary) {
String str = SkinUtil.LoadString(request, res, key);
return format(str, ary);
}
public String format(String str, String[] ary) {
int len = ary.length;
for (int i=0; i<len; i++) {
str = str.replaceFirst("%s", ary[i]);
}
return str;
}
class Field {
public String name;
public String desc;
public Object value;
public String type;
public Field(String name, String desc, Object value, String type) {
this.name = name;
this.desc = desc;
this.value = value;
this.type = type;
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -