Symfony 5 表单通过剥离字符来清理用户文本输入
Symfony 5 form sanitise user text input by stripping chars
我在 symfony 5 中有一个表单:
$builder
->add('name',TextType::class,[
'label'=>'Character Name',
'constraints'=>[
new Regex('/[\w\s]+/')
],
'required'=>false,
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('gender',ChoiceType::class,[
'label'=>'Gender',
'required'=>false,
'choices'=>[
'Any'=>'',
'Male'=>'Male',
'Female'=>'Female',
'Genderless'=>'Genderless',
'Unknown'=>'Unknown'
],
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('status',ChoiceType::class,[
'label'=>'Status',
'required'=>false,
'choices'=>[
'Any'=>'',
'Alive'=>'Alive',
'Dead'=>'Dead',
'Unknown'=>'unknown'
],
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('species',ChoiceType::class,[
'label'=>'Species',
'required'=>false,
'choices'=>[
'Any'=>'',
'Human'=>'Human',
'Alien'=>'Alien'
],
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('submit',SubmitType::class,[
'label'=>'Filter Results',
'attr'=>[
'class'=>'btn btn-primary'
]
]);
如果可能的话,我想做的是在提交后使用正则表达式从“名称”字段中去除特殊字符,这样生成的字段值只包含字母数字和空格,所以我想 运行它:
preg_replace('/[^\w\s]/','',$name);
我能找到的最接近此操作的是模型转换器,但这并不真正适合这种情况,因为它只是一种单向操作。
您可以使用 EventSubscriber,就像 Symfony 在内部对 trim 其 TextType 字段中的值所做的那样(参见 https://github.com/symfony/symfony/blob/9045ad4bf2837e302e7cdbe41c38f1af33cbe854/src/Symfony/Component/Form/Extension/Core/EventListener/TrimListener.php ):
<?php
namespace App\Form\EventListener;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\Form\FormEvent;
use Symfony\Component\Form\FormEvents;
class SanitizeListener implements EventSubscriberInterface
{
public function preSubmit(FormEvent $event)
{
$data = $event->getData();
if (!\is_string($data)) {
return;
}
$event->setData(preg_replace('/[^\w\s]/','',$data));
}
public static function getSubscribedEvents(): array
{
return [FormEvents::PRE_SUBMIT => 'preSubmit'];
}
}
像这样将侦听器附加到您的 name 字段:
$builder->get('name')->addEventSubscriber(new SanitizeListener());
我在 symfony 5 中有一个表单:
$builder
->add('name',TextType::class,[
'label'=>'Character Name',
'constraints'=>[
new Regex('/[\w\s]+/')
],
'required'=>false,
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('gender',ChoiceType::class,[
'label'=>'Gender',
'required'=>false,
'choices'=>[
'Any'=>'',
'Male'=>'Male',
'Female'=>'Female',
'Genderless'=>'Genderless',
'Unknown'=>'Unknown'
],
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('status',ChoiceType::class,[
'label'=>'Status',
'required'=>false,
'choices'=>[
'Any'=>'',
'Alive'=>'Alive',
'Dead'=>'Dead',
'Unknown'=>'unknown'
],
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('species',ChoiceType::class,[
'label'=>'Species',
'required'=>false,
'choices'=>[
'Any'=>'',
'Human'=>'Human',
'Alien'=>'Alien'
],
'attr'=>[
'class'=>'form-control'
],
'label_attr'=>[
'class'=>'form-label'
]
])->add('submit',SubmitType::class,[
'label'=>'Filter Results',
'attr'=>[
'class'=>'btn btn-primary'
]
]);
如果可能的话,我想做的是在提交后使用正则表达式从“名称”字段中去除特殊字符,这样生成的字段值只包含字母数字和空格,所以我想 运行它:
preg_replace('/[^\w\s]/','',$name);
我能找到的最接近此操作的是模型转换器,但这并不真正适合这种情况,因为它只是一种单向操作。
您可以使用 EventSubscriber,就像 Symfony 在内部对 trim 其 TextType 字段中的值所做的那样(参见 https://github.com/symfony/symfony/blob/9045ad4bf2837e302e7cdbe41c38f1af33cbe854/src/Symfony/Component/Form/Extension/Core/EventListener/TrimListener.php ):
<?php
namespace App\Form\EventListener;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\Form\FormEvent;
use Symfony\Component\Form\FormEvents;
class SanitizeListener implements EventSubscriberInterface
{
public function preSubmit(FormEvent $event)
{
$data = $event->getData();
if (!\is_string($data)) {
return;
}
$event->setData(preg_replace('/[^\w\s]/','',$data));
}
public static function getSubscribedEvents(): array
{
return [FormEvents::PRE_SUBMIT => 'preSubmit'];
}
}
像这样将侦听器附加到您的 name 字段:
$builder->get('name')->addEventSubscriber(new SanitizeListener());