Server-side data validation in Meteor
Question
I have a form and a submit function in my client file:
function submitme () {
var message = $('#daform').serializeJSON();
message.owner = Meteor.user().username;
if(!message.description || !message.location.lat || !message.location.lng || !message.mysex || !message.yoursex) {
return;
}
else
{
lists.insert(message);
console.log("Submitted!");
$('#daform')[0].reset();
}
}
That works pretty well although - it's CLIENT side validation => not secure.
How do I implement a "back-up" validation check in my server file? ( + bonus question : how do I set a timer so that once you've submitted you need to wait X seconds before you re-submit? )
1 answers
solution1
2 ACCPTED 2013-03-10 17:30:26
You can use http://docs.meteor.com/#deny (You can use allow but it might be easier to put validation stuff in a seperate deny) as deny will override allow in the event it shouldn't be inserted:
It works just as a backup method on the server just before its inserted.
With your message collection
Server Js
message.deny({
insert: function (userId, doc) {
return (!doc.description || !doc.location.lat || !doc.location.lng || !doc.mysex || !doc.yoursex);
},
update: function (userId, docs, fields, modifier) {
return (!doc.description || !doc.location.lat || !doc.location.lng || !doc.mysex || !doc.yoursex);
}
);
Note : Returning false from deny means not to deny. To deny the update, you must return true.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.