PHP form validation -w3school PHP study notes w3school novice w3school official website w3school tutorial download-PHP Tutorial-php.cn

Home

PHP Tutorial

PHP form validation -w3school PHP study notes w3school novice w3school official website w3school tutorial download

Jul 29, 2016 am 08:53 AM

Note: Please pay attention to data security when processing forms in PHP
It is very necessary to verify the submitted data before processing the HTML form to prevent hacker intrusions and spam harassment.
w3school在线教程,w3school菜鸟教程,w3school手册,w3school下载,w3school离线版,w3school.com.cn,w3school离线手册,w3school教程,w3school手册下载,w3school.chm最新版,html w3school,w3school手册完整版,w3school菜鸟,w3school官网,w3school教程下载
The above html form assumes that the following rules apply:
Fields – Validation Rules
Name – required, must contain letters and spaces
Email – required, must contain a valid email address including @ and .
URL (website) – optional, if filled in, it must be a valid URL
Comment – optional, multi-line input field
Gender – required, select one
The html code is as follows:

<code><span>&lt;/<span>head</span>&gt;</span><span>&lt;<span>body</span>&gt;</span><span>&lt;<span>form</span><span>action</span>=<span>'test.php'</span><span>method</span>=<span>'post'</span>&gt;</span>
        姓名:<span>&lt;<span>input</span><span>type</span>=<span>'text'</span><span>name</span>=<span>'name'</span> /&gt;</span><span>&lt;<span>br</span>/&gt;</span>
        电邮:<span>&lt;<span>input</span><span>type</span>=<span>'text'</span><span>name</span>=<span>'email'</span> /&gt;</span><span>&lt;<span>br</span>/&gt;</span>
        网址:<span>&lt;<span>input</span><span>type</span>=<span>'text'</span><span>name</span>=<span>'website'</span> /&gt;</span><span>&lt;<span>br</span>/&gt;</span>
        评论:<span>&lt;<span>textarea</span><span>name</span>=<span>'comment'</span><span>rows</span>=<span>3</span><span>cols</span>=<span>21</span>&gt;</span><span>&lt;/<span>textarea</span>&gt;</span><span>&lt;<span>br</span>/&gt;</span>
        性别:<span>&lt;<span>input</span><span>type</span>=<span>"radio"</span><span>name</span>=<span>'gender'</span><span>value</span>=<span>0</span><span>checked</span>=<span>'checked'</span>/&gt;</span>女性
        <span>&lt;<span>input</span><span>type</span>=<span>"radio"</span><span>name</span>=<span>'gender'</span><span>value</span>=<span>1</span> /&gt;</span>男性<span>&lt;<span>br</span>/&gt;</span><span>&lt;<span>input</span><span>type</span>=<span>'submit'</span><span>value</span>=<span>'提交'</span> /&gt;</span><span>&lt;/<span>form</span>&gt;</span><span>&lt;/<span>body</span>&gt;</span><span>&lt;/<span>html</span>&gt;</span></code>

Copy after login

This form submits data through the post method
Validate form data via PHP:
Generally, when filtering submitted data, the htmlspecialchars() function is used to process the data, which converts html tag characters into html entities. For example, < and > will be replaced by lt; and g t;. This prevents attackers from exploiting the code by injecting HTML or JS code into the form.
After we use the htmlspecailchars() function, the following code

<code><span>&lt;<span>script</span>&gt;</span><span>location.href(<span>'http://www.hacked.com'</span>)</span><span>&lt;/<span>script</span>&gt;</span></code>

Copy after login

will be escaped to:

<code><span>&amp;</span><span>lt</span>;script<span>&amp;</span><span>gt</span>;location<span>.</span>href(<span>'http://www.hacked.com'</span>)<span>&amp;</span><span>lt</span>;/script<span>&amp;</span><span>gt</span>;</code>

Copy after login

. Now the submitted data is safe and it will not cause damage to the page code.
In addition, in addition to filtering data with the htmlspecialchar() function, we also need to do two things:

Remove unnecessary characters (such as extra spaces, tabs, newlines, etc.) in user input data, and use PHP more The trim() function
removes backslash() from user input data using PHP’s stripslashes() function
Form data processing example:

<code><span><span>&lt;?php</span><span>$name</span>=<span>$email</span>=<span>$website</span>=<span>$comment</span>=<span>''</span>;
<span>$gender</span>=<span>0</span>;
<span>$name</span>=test_input(<span>$_POST</span>[<span>'name'</span>]);
<span>$email</span>=test_input(<span>$_POST</span>[<span>'email'</span>]);
<span>$website</span>=test_input(<span>$_POST</span>[<span>'website'</span>]);
<span>$comment</span>=test_input(<span>$_POST</span>[<span>'comment'</span>]);

<span><span>function</span><span>test_input</span><span>(<span>$data</span>)</span>{</span><span>$data</span>=trim(<span>$data</span>);<span>//去除$data数据两侧多余的空格</span><span>$data</span>=stripslashes(<span>$data</span>);<span>//去除$data中的反斜杠</span><span>$data</span>=htmlspecialchars(<span>$data</span>);<span>//将html标签转以为html实体</span><span>return</span><span>$data</span>;
}


<span>?&gt;</span></span></code>

Copy after login

').addClass('pre-numbering').hide(); $(this).addClass('has-numbering').parent().append($numbering); for (i = 1; i ').text(i)); }; $numbering.fadeIn(1700); }); });

The above introduces PHP form verification -w3school PHP study notes, including w3school content. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn