JavaBean 进行数据验证(1)

王朝java/jsp·作者佚名  2006-02-01
窄屏简体版  字體: |||超大  

JavaBean 进行数据验证

用JSP 写程序一般都是在前台用Javascript 进行数据验证,但是懂html原理的人就会利用自己编写的html 页来跳过当前的javascript 验证,而根本的解决办法就是利用javaBean 读取数据进行验证.

首先复习一下什么是JavaBean:

构造器必需是一个零参数的

变量私有

通过get***() /set***() 来设定 /获取值

JSP来调用JavaBean

通过3个xml标签:

<jsp:useBean id=”beanName” class=”package.class”> add with a attribute scope

<jsp:getProperty name=”beanName” property=”propertyName”>

<jsp:setProperty name=”beanName” property=”propertyName”>

eg:

<jsp:useBean id=”book1” class=”moonsoft.Library”/>

equals

<%moonsoft.Library book1=new moonsoft.Library();% >

<jsp:getProperty name=”book1” property=”title” />

equals

<%=book1.getTitle()%>

<jsp:setProperty name=”book1” property=”title” value=”红楼梦” />

equals

<%book1.setTitle(“红楼梦”);%>

a example:

stringBean.jsp

<!--

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<!--

Simple example of jsp:useBean and manipulating properties

with jsp:setProperty and jsp:getProperty and

with explicit Java code in scriptlets and expressions.

Taken from Core Servlets and JavaServer Pages 2nd Edition

from Prentice Hall and Sun Microsystems Press,

http://www.coreservlets.com/.

(C) 2003 Marty Hall; may be freely used or adapted.

-->

<HTML>

<HEAD>

<TITLE>Using JavaBeans with JSP</TITLE>

<LINK REL=STYLESHEET

HREF="JSP-Styles.css"

TYPE="text/css">

</HEAD>

<BODY>

<TABLE BORDER=5 ALIGN="CENTER">

<TR><TH CLASS="TITLE">

Using JavaBeans with JSP</TABLE>

<jsp:useBean id="stringBean1" class="coreservlets.StringBean" />

<OL>

<LI>Initial value (from jsp:getProperty):

<I><jsp:getProperty name="stringBean1"

property="message" /></I>

<LI>Initial value (from JSP expression):

<I><%= stringBean1.getMessage() %></I>

<LI><jsp:setProperty name="stringBean1"

property="message"

value="Best string bean: Fortex" />

Value after setting property with jsp:setProperty:

<I><jsp:getProperty name="stringBean1"

property="message" /></I>

<LI><% stringBean1.setMessage("My favorite: Kentucky Wonder"); %>

Value after setting property with scriptlet:

<I><%= stringBean1.getMessage() %></I>

</OL>

</BODY></HTML> - ->

StringBean.java

package coreservlets;

/** A simple bean that has a single String property

* called message.

* <P>

* Taken from Core Servlets and JavaServer Pages 2nd Edition

* from Prentice Hall and Sun Microsystems Press,

* http://www.coreservlets.com/.

* &copy; 2003 Marty Hall; may be freely used or adapted.

*/

public class StringBean

{

private String message = "No message specified";

public String getMessage() {

return(message);

}

public void setMessage(String message) {

this.message = message;

}

}

更好的设置bean 属性:

example:

//showEntry1-Form.jsp

<!--

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML>

<HEAD>

<TITLE>Invoking SaleEntry1.jsp</TITLE>

<LINK REL=STYLESHEET

HREF="JSP-Styles.css"

TYPE="text/css">

</HEAD>

<BODY>

<CENTER>

<TABLE BORDER=5>

<TR><TH CLASS="TITLE">

Invoking SaleEntry1.jsp</TABLE>

<FORM ACTION="SaleEntry2.jsp">

Item ID: <INPUT TYPE="TEXT" NAME="itemID"><BR>

Number of Items: <INPUT TYPE="TEXT" NAME="numItems"><BR>

Discount Code: <INPUT TYPE="TEXT" NAME="discountCode"><P>

<INPUT TYPE="SUBMIT" VALUE="Show Price">

</FORM>

</CENTER></BODY></HTML>à

//获得/设置bean和显示数据的页面

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<!--

Example of using jsp:setProperty with an explicit value

supplied to the "value" attribute. See SaleEntry2.jsp

and SaleEntry3.jsp for alternatives.

Taken from Core Servlets and JavaServer Pages 2nd Edition

from Prentice Hall and Sun Microsystems Press,

http://www.coreservlets.com/.

(C) 2003 Marty Hall; may be freely used or adapted.

-->

<HTML>

<HEAD>

<TITLE>Using jsp:setProperty</TITLE>

<LINK REL=STYLESHEET

HREF="JSP-Styles.css"

TYPE="text/css">

</HEAD>

<BODY>

<CENTER>

<TABLE BORDER=5>

<TR><TH CLASS="TITLE">

Using jsp:setProperty</TABLE>

<jsp:useBean id="entry" class="coreservlets.SaleEntry" />

<jsp:setProperty

name="entry"

property="itemID"

value='<%= request.getParameter("itemID") %>' />

<%

int numItemsOrdered = 1;

try {

numItemsOrdered =

Integer.parseInt(request.getParameter("numItems"));

} catch(NumberFormatException nfe) {}

%>

<jsp:setProperty

name="entry"

property="numItems"

value="<%= numItemsOrdered %>" />

<%

double discountCode = 1.0;

try {

String discountString =

request.getParameter("discountCode");

discountCode =

Double.parseDouble(discountString);

} catch(NumberFormatException nfe) {}

%>

<jsp:setProperty

name="entry"

property="discountCode"

value="<%= discountCode %>" />

<BR>

<TABLE BORDER=1>

<TR CLASS="COLORED">

<TH>Item ID<TH>Unit Price<TH>Number Ordered<TH>Total Price

<TR ALIGN="RIGHT">

<TD><jsp:getProperty name="entry" property="itemID" />

<TD>$<jsp:getProperty name="entry" property="itemCost" />

<TD><jsp:getProperty name="entry" property="numItems" />

<TD>$<jsp:getProperty name="entry" property="totalCost" />

</TABLE>

</CENTER></BODY></HTML>

//bean 进行数据验证

package coreservlets;

/** Simple bean to illustrate the various forms

* of jsp:setProperty.

* <P>

* Taken from Core Servlets and JavaServer Pages 2nd Edition

* from Prentice Hall and Sun Microsystems Press,

* http://www.coreservlets.com/.

* &copy; 2003 Marty Hall; may be freely used or adapted.

*/

public class SaleEntry {

private String itemID = "unknown";

private double discountCode = 1.0;

private int numItems = 0;

public String getItemID() {

return(itemID);

}

public void setItemID(String itemID) {

if (itemID != null) {

this.itemID = itemID;

} else {

this.itemID = "unknown";

}

}

public double getDiscountCode() {

return(discountCode);

}

public void setDiscountCode(double discountCode) {

this.discountCode = discountCode;

}

public int getNumItems() {

return(numItems);

}

public void setNumItems(int numItems) {

this.numItems = numItems;

}

// In real life, replace this with database lookup.

// See Chapters 17 and 18 for info on accessing databases

// from servlets and JSP pages.

public double getItemCost() {

double cost;

if (itemID.equals("a1234")) {

cost = 12.99*getDiscountCode();

} else {

cost = -9999;

}

return(roundToPennies(cost));

}

private double roundToPennies(double cost) {

return(Math.floor(cost*100)/100.0);

}

public double getTotalCost() {

return(getItemCost() * getNumItems());

}

}

总结:

如果从表单获得的值是string 类型,那么比较好处理,如果不是string 类型,那么需要转换,并且捕捉异常

改进的showEntry2.jsp (设置bean ,并且现实属性的页面)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<!--

Example of using jsp:setProperty and an explicity association

with an input parameter. See SaleEntry1.jsp

and SaleEntry3.jsp for alternatives.

Taken from Core Servlets and JavaServer Pages 2nd Edition

from Prentice Hall and Sun Microsystems Press,

http://www.coreservlets.com/.

(C) 2003 Marty Hall; may be freely used or adapted.

-->

<HTML>

<HEAD>

<TITLE>Using jsp:setProperty</TITLE>

<LINK REL=STYLESHEET

HREF="JSP-Styles.css"

TYPE="text/css">

</HEAD>

<BODY>

<CENTER>

<TABLE BORDER=5>

<TR><TH CLASS="TITLE">

Using jsp:setProperty</TABLE>

<jsp:useBean id="entry" class="coreservlets.SaleEntry" />

<jsp:setProperty

name="entry"

property="itemID"

param="itemID" />

<jsp:setProperty

name="entry"

property="numItems"

param="numItems" />

<jsp:setProperty

name="entry"

property="discountCode"

param="discountCode" />

<BR>

<TABLE BORDER=1>

<TR CLASS="COLORED">

<TH>Item ID<TH>Unit Price<TH>Number Ordered<TH>Total Price

<TR ALIGN="RIGHT">

<TD><jsp:getProperty name="entry" property="itemID" />

<TD>$<jsp:getProperty name="entry" property="itemCost" />

<TD><jsp:getProperty name="entry" property="numItems" />

<TD>$<jsp:getProperty name="entry" property="totalCost" />

</TABLE>

</CENTER></BODY></HTML>

注意:

<jsp:setProperty

name="entry"

property="itemID"

param="itemID" />

<jsp:setProperty

name="entry"

property="numItems"

param="numItems" />

<jsp:setProperty

name="entry"

property="discountCode"

param="discountCode" />

这里来用param 来替换value, 系统会自动匹配类型

还有一个更简单的改进: SaleEntry3.jsp:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<!--

Example of using jsp:setProperty and a general association

with the input parameters. See SaleEntry1.jsp

and SaleEntry2.jsp for alternatives.

Taken from Core Servlets and JavaServer Pages 2nd Edition

from Prentice Hall and Sun Microsystems Press,

http://www.coreservlets.com/.

(C) 2003 Marty Hall; may be freely used or adapted.

-->

<HTML>

<HEAD>

<TITLE>Using jsp:setProperty</TITLE>

<LINK REL=STYLESHEET

HREF="JSP-Styles.css"

TYPE="text/css">

</HEAD>

<BODY>

<CENTER>

<TABLE BORDER=5>

<TR><TH CLASS="TITLE">

Using jsp:setProperty</TABLE>

<jsp:useBean id="entry" class="coreservlets.SaleEntry" />

<jsp:setProperty name="entry" property="*" />

<BR>

<TABLE BORDER=1>

<TR CLASS="COLORED">

<TH>Item ID<TH>Unit Price<TH>Number Ordered<TH>Total Price

<TR ALIGN="RIGHT">

<TD><jsp:getProperty name="entry" property="itemID" />

<TD>$<jsp:getProperty name="entry" property="itemCost" />

<TD><jsp:getProperty name="entry" property="numItems" />

<TD>$<jsp:getProperty name="entry" property="totalCost" />

</TABLE>

</CENTER></BODY></HTML>

<jsp:setProperty name="entry" property="*" />

这里可以自动获得类型并匹配所有参数,这样看起来让人兴奋…….

先别高兴,看看使用这样设置bean 属性的缺点:

1. 输入参数的缺失一般不会为其提供null ,所以我们要给其设置默认的值

2. int, double 自动类型转换不能象手动那样防止非法值

3. bean 对名称和请求参数对大小写敏感//我测试过了,没有这样要求,以后再看好了

设置bean 的范围

<jsp:useBean id=”” class=”” scope=”***”></jsp:useBean>

其中, scope 的范围有:

page(default), request,session, application

这些是共享的java bean 范围,表示设置了java bean 保存的范围.

page ,当前页面

request: 如果第二个页面是jsp:include jsp:forward

RequestDispatcher include/forward 方法所调用,那么数据依然有效

session: 在不关闭当前窗口的情况下有效

application : 即使用户关闭窗口,那么再次访问依然有效.

因此考虑到用scope=”request”在跳转的时候数据依然能够获得,那么,在用户输入的情况不完整的情况下进行跳转,而在跳转的页面可以获得用户输入的值,表明没有输入或不合法的值,然后提示其必需输入便可.

当然还有一种考虑方法,先判断用户输入是否完整,如果不完整,是否部分完成.当然,这样的算法比较麻烦.这种算法来自于书上(core servlet and java server page )利用apache 来反射获得用户输入的属性,而这里,我们用<jsp:setProperty property=”*”> 但此方法有问题,如果用户输入的double 和 int 等非String 类型,那么,就会出现异常.

还没有写完,会继续研究的...

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航