提交者
Karson
Karson
!94 在生成CURD时,增加一个配置参数,来屏蔽前台提交过来的某些数据.
Merge pull request !94 from Ackleys/master
正在显示
2 个修改的文件
包含
36 行增加
和
0 行删除
| @@ -6,6 +6,31 @@ trait Backend | @@ -6,6 +6,31 @@ trait Backend | ||
| 6 | { | 6 | { |
| 7 | 7 | ||
| 8 | /** | 8 | /** |
| 9 | + * 排除前台提交过来的字段 | ||
| 10 | + * @param $params | ||
| 11 | + * @return array | ||
| 12 | + */ | ||
| 13 | + private function preExcludeFields($params) | ||
| 14 | + { | ||
| 15 | + if (is_array($this->excludeFields)) { | ||
| 16 | + foreach ($this->excludeFields as $field) { | ||
| 17 | + if (key_exists($field,$params)) | ||
| 18 | + { | ||
| 19 | + unset($params[$field]); | ||
| 20 | + } | ||
| 21 | + } | ||
| 22 | + } else { | ||
| 23 | + | ||
| 24 | + if (key_exists($this->excludeFields,$params)) | ||
| 25 | + { | ||
| 26 | + unset($params[$this->excludeFields]); | ||
| 27 | + } | ||
| 28 | + } | ||
| 29 | + return $params; | ||
| 30 | + } | ||
| 31 | + | ||
| 32 | + | ||
| 33 | + /** | ||
| 9 | * 查看 | 34 | * 查看 |
| 10 | */ | 35 | */ |
| 11 | public function index() | 36 | public function index() |
| @@ -74,6 +99,9 @@ trait Backend | @@ -74,6 +99,9 @@ trait Backend | ||
| 74 | if ($this->request->isPost()) { | 99 | if ($this->request->isPost()) { |
| 75 | $params = $this->request->post("row/a"); | 100 | $params = $this->request->post("row/a"); |
| 76 | if ($params) { | 101 | if ($params) { |
| 102 | + | ||
| 103 | + $params = $this->preExcludeFields($params); | ||
| 104 | + | ||
| 77 | if ($this->dataLimit && $this->dataLimitFieldAutoFill) { | 105 | if ($this->dataLimit && $this->dataLimitFieldAutoFill) { |
| 78 | $params[$this->dataLimitField] = $this->auth->id; | 106 | $params[$this->dataLimitField] = $this->auth->id; |
| 79 | } | 107 | } |
| @@ -118,6 +146,9 @@ trait Backend | @@ -118,6 +146,9 @@ trait Backend | ||
| 118 | if ($this->request->isPost()) { | 146 | if ($this->request->isPost()) { |
| 119 | $params = $this->request->post("row/a"); | 147 | $params = $this->request->post("row/a"); |
| 120 | if ($params) { | 148 | if ($params) { |
| 149 | + | ||
| 150 | + $params = $this->preExcludeFields($params); | ||
| 151 | + | ||
| 121 | try { | 152 | try { |
| 122 | //是否采用模型验证 | 153 | //是否采用模型验证 |
| 123 | if ($this->modelValidate) { | 154 | if ($this->modelValidate) { |
| @@ -94,6 +94,11 @@ class Backend extends Controller | @@ -94,6 +94,11 @@ class Backend extends Controller | ||
| 94 | protected $selectpageFields = '*'; | 94 | protected $selectpageFields = '*'; |
| 95 | 95 | ||
| 96 | /** | 96 | /** |
| 97 | + * 前台提交过来,需要排除的字段数据 | ||
| 98 | + */ | ||
| 99 | + protected $excludeFields = ""; | ||
| 100 | + | ||
| 101 | + /** | ||
| 97 | * 导入文件首行类型 | 102 | * 导入文件首行类型 |
| 98 | * 支持comment/name | 103 | * 支持comment/name |
| 99 | * 表示注释或字段名 | 104 | * 表示注释或字段名 |
-
请 注册 或 登录 后发表评论