使用 php 验证 html 页面上的字段
Validate fields on html page with php
请查找 index.html 和 submit.php 文件的代码。在 loopo 的帮助下,两者都运行良好。我正在努力将验证码放在哪里(在 index.html 文件或 submit.php 文件中)。我在 html 文件中使用 html5 输入类型,但我不知道在 submit.php 文件中确切的验证位置。我有多种形式,我按照建议制作了 validations.php。我也不明白错误消息会在哪里显示?
您能否在 submit.php 文件中建议我应该通过编辑 submit.php 文件来添加这些验证的位置?
电子邮件 ('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/') 的正则表达式
phone (^(?:(?:\+|0{0,2})91(\s*[\-]\s*)?|[0]?)?[789]\d{9}$)
的正则表达式
index.html 文件
<form method="post" action="submit.php">
<div class="box">
<div class="cl"><input type="text" name="name" placeholder="Name" /></div>
<div class="cl"><input type="text" name="city" placeholder="City" /></div>
<div class="cl"><input type="text" name="mobile" placeholder="Mobile" /></div>
<div class="cl"><input type="email" name="email" placeholder="Email" /></div>
<div class="cl"><input type="text" name="sub" placeholder="Want 3 m Free Subscription (Yes/No)?"></textarea></div>
<div class="cl"><input type="text" name="slogan" placeholder="Suggest a slogan for 6 m subscription"></textarea></div>
</div>
<div class="srow">
<div class="cl1">
<ul class="action">
<li><input type="submit" value="Submit" /></li>
</ul>
</div>
</div>
</form>
submit.php 文件
<?php
include 'config.php'; // store your configuration in a seperate file so
// you only need to update it once when your environment changes
$errors = false;
$output = '';
$nl = '<br>'.PHP_EOL;
$redirect_url = 'index.html';
if (!$con = new mysqli(DBHOST,DBUSER,DBPASS,DBNAME)){
$errors = true;
$output .= "ERROR Can't connect to DB".$nl;
};
if (!$errors){
//should validate/clean $_POST before using in query
$name = $con->escape_string($_POST['name']);
$city = $con->escape_string($_POST['city']);
$email = $con->escape_string($_POST['email']);
$mobile = $con->escape_string($_POST['mobile']);
$sub = $con->escape_string($_POST['sub']);
$slogan = $con->escape_string($_POST['slogan']);
$sql="INSERT INTO members
(sName, sCity, sMobile, sEmail, sSub, sSlogan)
VALUES ('$name', '$city', '$mobile', '$email',
'$sub','$slogan')";
if (!$con->query($sql)){ //forgot a parenthesis here earlier
$output .= 'ERROR: DB said: ('.$con->errno.') '.$con->error.$nl;
$output .= 'Query was:'.$sql.$nl;
$errors = true;
}else{
$output .= "1 record added".$nl;
}
}
if (!$errors){
//if there are no errors redirect to index.html;
header('refresh: 2; URL='.$redirect_url);
$output .= '...Redirecting...'.$nl;
}else{
//show the errors and allow display a link to go back/try again
$output .= '<a href="'.$redirect_url.'">Try again</a>'.$nl;
}
echo $output;
?>
loopo 建议的验证,但不知道放置它的确切位置。我制作了一个 validations.php 文件并包含在 submit.php 中,但可能是我的语法错误导致它无法正常工作。
function validate_name($input){
// fairly naive rule:
// upper and lower case latin characters and space
// at least three character long
// you may want to look at allowing other characters such as é ö etc.
$input = trim($input); //get rid of spaces at either end
if (preg_match('/^[a-zA-Z ]{3,}$/',$input) == 1){
return $input;
}else{
return false;
}
}
if (!empty($_POST['name']){
if (!$name = $con->escape_string(validate_name($_POST['name'])){
$error = true;
$output .= 'ERROR: Invalid Name: '.$_POST['name'].$nl;
}
}else{
$error = true;
$output .= 'ERROR: No name specified'.$nl;
}
html 验证可以通过直接向 php 文件发送请求来绕过,因此在服务器端验证信息是一个不错的选择。
我建议你最好使用 php 的内置函数 filter_var,为了干净的代码和 accurate/safe 结果,试试这个:
function validateEmail($email){
if(filter_var($email,FILTER_VALIDATE_EMAIL)){
return true;
}
}
function validatePhonenb($nb){
if(filter_var($nb,FILTER_VALIDATE_REGEXP,array("options"=>array("regexp"=>"/^(?:(?:\+|0{0,2})91(\s*[\-]\s*)?|[0]?)?[789]\d{9}$/"))){
return true;
}
}
并且由于没有对 phone 数字进行验证,我使用了您的正则表达式,顺便说一句,您可以在继续而不是验证之前使用 var_filter sanitizephone 数字它
I have multiple forms and I made validations.php as suggested. I am
also not understanding where will the error messages been shown
错误消息将显示在页面底部,因为它们在代码末尾被回显
echo $output;
?>
如果它们没有被替换,更改回显包含错误的输出的位置并在其后执行 die() 这样脚本将在显示错误后停止执行
请查找 index.html 和 submit.php 文件的代码。在 loopo 的帮助下,两者都运行良好。我正在努力将验证码放在哪里(在 index.html 文件或 submit.php 文件中)。我在 html 文件中使用 html5 输入类型,但我不知道在 submit.php 文件中确切的验证位置。我有多种形式,我按照建议制作了 validations.php。我也不明白错误消息会在哪里显示?
您能否在 submit.php 文件中建议我应该通过编辑 submit.php 文件来添加这些验证的位置?
电子邮件 ('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/') 的正则表达式
phone (^(?:(?:\+|0{0,2})91(\s*[\-]\s*)?|[0]?)?[789]\d{9}$)
index.html 文件
<form method="post" action="submit.php">
<div class="box">
<div class="cl"><input type="text" name="name" placeholder="Name" /></div>
<div class="cl"><input type="text" name="city" placeholder="City" /></div>
<div class="cl"><input type="text" name="mobile" placeholder="Mobile" /></div>
<div class="cl"><input type="email" name="email" placeholder="Email" /></div>
<div class="cl"><input type="text" name="sub" placeholder="Want 3 m Free Subscription (Yes/No)?"></textarea></div>
<div class="cl"><input type="text" name="slogan" placeholder="Suggest a slogan for 6 m subscription"></textarea></div>
</div>
<div class="srow">
<div class="cl1">
<ul class="action">
<li><input type="submit" value="Submit" /></li>
</ul>
</div>
</div>
</form>
submit.php 文件
<?php
include 'config.php'; // store your configuration in a seperate file so
// you only need to update it once when your environment changes
$errors = false;
$output = '';
$nl = '<br>'.PHP_EOL;
$redirect_url = 'index.html';
if (!$con = new mysqli(DBHOST,DBUSER,DBPASS,DBNAME)){
$errors = true;
$output .= "ERROR Can't connect to DB".$nl;
};
if (!$errors){
//should validate/clean $_POST before using in query
$name = $con->escape_string($_POST['name']);
$city = $con->escape_string($_POST['city']);
$email = $con->escape_string($_POST['email']);
$mobile = $con->escape_string($_POST['mobile']);
$sub = $con->escape_string($_POST['sub']);
$slogan = $con->escape_string($_POST['slogan']);
$sql="INSERT INTO members
(sName, sCity, sMobile, sEmail, sSub, sSlogan)
VALUES ('$name', '$city', '$mobile', '$email',
'$sub','$slogan')";
if (!$con->query($sql)){ //forgot a parenthesis here earlier
$output .= 'ERROR: DB said: ('.$con->errno.') '.$con->error.$nl;
$output .= 'Query was:'.$sql.$nl;
$errors = true;
}else{
$output .= "1 record added".$nl;
}
}
if (!$errors){
//if there are no errors redirect to index.html;
header('refresh: 2; URL='.$redirect_url);
$output .= '...Redirecting...'.$nl;
}else{
//show the errors and allow display a link to go back/try again
$output .= '<a href="'.$redirect_url.'">Try again</a>'.$nl;
}
echo $output;
?>
loopo 建议的验证,但不知道放置它的确切位置。我制作了一个 validations.php 文件并包含在 submit.php 中,但可能是我的语法错误导致它无法正常工作。
function validate_name($input){
// fairly naive rule:
// upper and lower case latin characters and space
// at least three character long
// you may want to look at allowing other characters such as é ö etc.
$input = trim($input); //get rid of spaces at either end
if (preg_match('/^[a-zA-Z ]{3,}$/',$input) == 1){
return $input;
}else{
return false;
}
}
if (!empty($_POST['name']){
if (!$name = $con->escape_string(validate_name($_POST['name'])){
$error = true;
$output .= 'ERROR: Invalid Name: '.$_POST['name'].$nl;
}
}else{
$error = true;
$output .= 'ERROR: No name specified'.$nl;
}
html 验证可以通过直接向 php 文件发送请求来绕过,因此在服务器端验证信息是一个不错的选择。
我建议你最好使用 php 的内置函数 filter_var,为了干净的代码和 accurate/safe 结果,试试这个:
function validateEmail($email){
if(filter_var($email,FILTER_VALIDATE_EMAIL)){
return true;
}
}
function validatePhonenb($nb){
if(filter_var($nb,FILTER_VALIDATE_REGEXP,array("options"=>array("regexp"=>"/^(?:(?:\+|0{0,2})91(\s*[\-]\s*)?|[0]?)?[789]\d{9}$/"))){
return true;
}
}
并且由于没有对 phone 数字进行验证,我使用了您的正则表达式,顺便说一句,您可以在继续而不是验证之前使用 var_filter sanitizephone 数字它
I have multiple forms and I made validations.php as suggested. I am also not understanding where will the error messages been shown
错误消息将显示在页面底部,因为它们在代码末尾被回显
echo $output;
?>
如果它们没有被替换,更改回显包含错误的输出的位置并在其后执行 die() 这样脚本将在显示错误后停止执行