国产1卡二卡3卡四卡乱码视频,а√天堂中文官网在线8 ,98精品国产综合久久久久久欧美

Home

Backend Development

PHP Tutorial

Detailed explanation of php form verification

伊謝爾倫

Apr 21, 2017 pm 02:44 PM

在PHP網(wǎng)站開(kāi)發(fā)建設(shè)中，用戶注冊(cè)、登錄，留言等等是必不可少的一些實(shí)用功能，用戶提交的信息數(shù)據(jù)都是通過(guò)form表單提交，然而提交的數(shù)據(jù)難免會(huì)有這樣或者那樣的錯(cuò)誤，不管是有心還是無(wú)意，為了保證數(shù)據(jù)的完整性、安全性，PHP form表單驗(yàn)證是過(guò)濾數(shù)據(jù)的必不可少的環(huán)節(jié)。

首先我們對(duì)用戶所有提交的數(shù)據(jù)都通過(guò) PHP 的 htmlspecialchars() 函數(shù)處理。把特殊字符轉(zhuǎn)換為 HTML 實(shí)體。這意味著 < 和 > 之類(lèi)的 HTML 字符會(huì)被替換為 < 和 > 。這樣可防止攻擊者通過(guò)在表單中注入 HTML 或 JavaScript 代碼（跨站點(diǎn)腳本攻擊）對(duì)代碼進(jìn)行利用。

當(dāng)用戶提交表單時(shí)，我們將做以下兩件事情，：

使用 PHP trim() 函數(shù)去除用戶輸入數(shù)據(jù)中不必要的字符 (如：空格，tab，換行)。

使用PHP stripslashes()函數(shù)去除用戶輸入數(shù)據(jù)中的反斜杠 (\)

必須字段

字段	驗(yàn)證規(guī)則
Name	必需。必須包含字母和空格。
E-mail	必需。必須包含有效的電子郵件地址（包含 @ 和 .）。
Website	可選。如果選填，則必須包含有效的 URL。
Comment	可選。多行輸入字段（文本框）。

上述字段是必須的，不能為空。

格式匹配

1、匹配姓名

“/^[a-zA-Z ]*$/”?

只允許空格和字母，”^”表示開(kāi)頭，”$”表示結(jié)尾，[a-zA-Z ]表示a-z或者A-Z或者空格中的一個(gè)字符。

其實(shí)例代碼如下：

<?php
$name = test_input($_POST["name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
 $nameErr = "只允許字母和空格！";
}
?>

2、匹配E-mail

“/([\w-]+\@[\w-]+.[\w-]+)/”

“\w”匹配包括下劃線的任何單詞字符。等價(jià)于’[A-Za-z0-9_]’；

+匹配前面的子表達(dá)式一次或多次；

“-“匹配”-“。

3、匹配URL

“/\b(?:(?:https?|ftp):\/\/|www.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i”

保留表單中的值

在用戶點(diǎn)擊提交按鈕后，為確保字段值是否輸入正確，我們?cè)贖TML的input元素中插添加PHP腳本，各字段名為: name, email, 和 website。在評(píng)論的 textarea 字段中，我們將腳本放于和標(biāo)簽之間。 PHP腳本輸出值為： $name, $email, $website, 和 $comment 變量。

例如如下的代碼：

Name: <input type="text" name="name" value="<?php echo $name;?>">
E-mail: <input type="text" name="email" value="<?php echo $email;?>">
Website: <input type="text" name="website" value="<?php echo $website;?>">
Comment: <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea>

來(lái)一個(gè)PHP表單驗(yàn)證完整實(shí)例,其代碼如下：

<!DOCTYPE HTML>
<html>
<head>
  <meta charset="utf-8">
  <title>form</title>
  <style>
    .error {color: #FF0000;}
  </style>
</head>
<body>
<?php
// 定義變量并默認(rèn)設(shè)置為空值
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
  if (empty($_POST["name"]))
  {
    $nameErr = "名字是必需的";
  }
  else
  {
    $name = test_input($_POST["name"]);
    // 檢測(cè)名字是否只包含字母跟空格
    if (!preg_match("/^[a-zA-Z ]*$/",$name))
    {
      $nameErr = "只允許字母和空格";
    }
  }
  if (empty($_POST["email"]))
  {
    $emailErr = "郵箱是必需的";
  }
  else
  {
    $email = test_input($_POST["email"]);
    // 檢測(cè)郵箱是否合法
    if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
    {
      $emailErr = "非法郵箱格式";
    }
  }
  if (empty($_POST["website"]))
  {
    $website = "";
  }
  else
  {
    $website = test_input($_POST["website"]);
    // 檢測(cè) URL 地址是否合法
    if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website))
    {
      $websiteErr = "非法的 URL 的地址";
    }
  }
  if (empty($_POST["comment"]))
  {
    $comment = "";
  }
  else
  {
    $comment = test_input($_POST["comment"]);
  }
  if (empty($_POST["gender"]))
  {
    $genderErr = "性別是必需的";
  }
  else
  {
    $gender = test_input($_POST["gender"]);
  }
}
function test_input($data)
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}
?>
<h2>PHP 表單驗(yàn)證實(shí)例</h2>
<p><span class="error">* 必需字段。</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
  名字: <input type="text" name="name" value="<?php echo $name;?>">
  <span class="error">* <?php echo $nameErr;?></span>
  <br><br>
  E-mail: <input type="text" name="email" value="<?php echo $email;?>">
  <span class="error">* <?php echo $emailErr;?></span>
  <br><br>
  網(wǎng)址: <input type="text" name="website" value="<?php echo $website;?>">
  <span class="error"><?php echo $websiteErr;?></span>
  <br><br>
  備注: <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea>
  <br><br>
  性別:
  <input type="radio" name="gender" <?php if (isset($gender) && $gender=="female") echo "checked";?>  value="female">女
  <input type="radio" name="gender" <?php if (isset($gender) && $gender=="male") echo "checked";?>  value="male">男
  <span class="error">* <?php echo $genderErr;?></span>
  <br><br>
  <input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>您輸入的內(nèi)容是:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
?>
</body>
</html>

以上這些將展示如何安全地處理 PHP 表單。對(duì) HTML 表單數(shù)據(jù)進(jìn)行適當(dāng)?shù)尿?yàn)證對(duì)于防范黑客和垃圾郵件很重要！

The above is the detailed content of Detailed explanation of php form verification. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undress AI Tool

Undress images for free

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Guide: Stellar Blade Save File Location/Save File Lost/Not Saving

4 weeks ago By DDD

Oguri Cap Build Guide | A Pretty Derby Musume

2 weeks ago By Jack chen

Agnes Tachyon Build Guide | A Pretty Derby Musume

2 weeks ago By Jack chen

Dune: Awakening - Advanced Planetologist Quest Walkthrough

4 weeks ago By Jack chen

Date Everything: Dirk And Harper Relationship Guide

4 weeks ago By Jack chen

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

8638

Java Tutorial

1783

CakePHP Tutorial

1728

Laravel Tutorial

1579

PHP Tutorial

1443

Related knowledge

How to get the current session ID in PHP? Jul 13, 2025 am 03:02 AM

The method to get the current session ID in PHP is to use the session_id() function, but you must call session_start() to successfully obtain it. 1. Call session_start() to start the session; 2. Use session_id() to read the session ID and output a string similar to abc123def456ghi789; 3. If the return is empty, check whether session_start() is missing, whether the user accesses for the first time, or whether the session is destroyed; 4. The session ID can be used for logging, security verification and cross-request communication, but security needs to be paid attention to. Make sure that the session is correctly enabled and the ID can be obtained successfully.

PHP get substring from a string Jul 13, 2025 am 02:59 AM

To extract substrings from PHP strings, you can use the substr() function, which is syntax substr(string$string,int$start,?int$length=null), and if the length is not specified, it will be intercepted to the end; when processing multi-byte characters such as Chinese, you should use the mb_substr() function to avoid garbled code; if you need to intercept the string according to a specific separator, you can use exploit() or combine strpos() and substr() to implement it, such as extracting file name extensions or domain names.

How do you perform unit testing for php code? Jul 13, 2025 am 02:54 AM

UnittestinginPHPinvolvesverifyingindividualcodeunitslikefunctionsormethodstocatchbugsearlyandensurereliablerefactoring.1)SetupPHPUnitviaComposer,createatestdirectory,andconfigureautoloadandphpunit.xml.2)Writetestcasesfollowingthearrange-act-assertpat

How to split a string into an array in PHP Jul 13, 2025 am 02:59 AM

In PHP, the most common method is to split the string into an array using the exploit() function. This function divides the string into multiple parts through the specified delimiter and returns an array. The syntax is exploit(separator, string, limit), where separator is the separator, string is the original string, and limit is an optional parameter to control the maximum number of segments. For example $str="apple,banana,orange";$arr=explode(",",$str); The result is ["apple","bana

JavaScript Data Types: Primitive vs Reference Jul 13, 2025 am 02:43 AM

JavaScript data types are divided into primitive types and reference types. Primitive types include string, number, boolean, null, undefined, and symbol. The values are immutable and copies are copied when assigning values, so they do not affect each other; reference types such as objects, arrays and functions store memory addresses, and variables pointing to the same object will affect each other. Typeof and instanceof can be used to determine types, but pay attention to the historical issues of typeofnull. Understanding these two types of differences can help write more stable and reliable code.

Using std::chrono in C Jul 15, 2025 am 01:30 AM

std::chrono is used in C to process time, including obtaining the current time, measuring execution time, operation time point and duration, and formatting analysis time. 1. Use std::chrono::system_clock::now() to obtain the current time, which can be converted into a readable string, but the system clock may not be monotonous; 2. Use std::chrono::steady_clock to measure the execution time to ensure monotony, and convert it into milliseconds, seconds and other units through duration_cast; 3. Time point (time_point) and duration (duration) can be interoperable, but attention should be paid to unit compatibility and clock epoch (epoch)

How to pass a session variable to another page in PHP? Jul 13, 2025 am 02:39 AM

In PHP, to pass a session variable to another page, the key is to start the session correctly and use the same $_SESSION key name. 1. Before using session variables for each page, it must be called session_start() and placed in the front of the script; 2. Set session variables such as $_SESSION['username']='JohnDoe' on the first page; 3. After calling session_start() on another page, access the variables through the same key name; 4. Make sure that session_start() is called on each page, avoid outputting content in advance, and check that the session storage path on the server is writable; 5. Use ses

PHP header location not working after include Jul 13, 2025 am 02:08 AM

When encountering the problem that header('Location:...') does not work, the common reasons and solutions are as follows: 1. There is output in advance, causing the header to fail. The solution is to ensure that there is no output before the jump, including spaces, HTML or echo; 2. There is excess output or UTF-8 BOM characters in the include or require file. The file encoding should be checked and saved as "UTF-8 BOM-free"; 3. It is recommended to use ob_start() to turn on the output buffer before the jump, and cooperate with ob_end_flush() to delay the output; 4. After the jump, be sure to add exit to prevent subsequent code execution; 5. Make sure that the header() function call is before all outputs.

See all articles

国产av日韩一区二区三区精品,成人性爱视频在线观看,国产,欧美,日韩,一区,www.成色av久久成人,2222eeee成人天堂