Heim  >  Artikel  >  php教程  >  php留言系统(9)

php留言系统(9)

WBOY
WBOYOriginal
2016-06-06 19:44:431034Durchsuche

1、参照之前的(mvc框架总结)将整体框架定下来之后,那么请求默认参数将变为: // 默认请求首页: // P=front // C=fIndex // A=show 1.1 找到控制器fIndexController下的动作: // 首页展示动作 public function showAction() { // 防止恶意调用 $ this -

1、参照之前的(mvc框架总结)将整体框架定下来之后,那么请求默认参数将变为:

<span>//</span><span>默认请求首页:
    </span><span>//</span><span>P=front
    </span><span>//</span><span>C=fIndex
    </span><span>//</span><span>A=show</span>

1.1     找到控制器fIndexController下的动作:

<span>//</span><span>首页展示动作</span>
        <span>public</span><span> function showAction()
        {
            </span><span>//</span><span>防止恶意调用</span>
            $<span>this</span>-><span>checkAuthority();
            </span><span>//</span><span>不需要具体模型,直接载入模版</span>
            require CUR_VIE_PATH.<span>'</span><span>index.html</span><span>'</span><span>;
        }</span>

2、防止恶意调用这一块放于我们的Controller层面,所有模型几乎都要用到,因此将其放于基础模型,、

<span>/*</span><span>
     * 防止恶意调用方法,适用于全部方法
     </span><span>*/</span>
    <span>protected</span><span> function checkAuthority()
    {
        </span><span>if</span>(!defined(<span>'</span><span>IN_NG</span><span>'</span><span>))
        {
            exit(</span><span>"</span><span>you no authority</span><span>"</span><span>);
        }
    }</span>

随时调用该方法

3、拒绝php低版本,由于总是在运行,所以直接放入初始文件Framework.class.php

4.1将 CSS做成包含文件

每个页面都要导入CSS,着实麻烦,我们定一个文件title.inc.html。

但是每个页面却有一个不相同的CSS,那么可以定义一个常量来证明本页。

define('SCRIPT','index');

<title>Your Title</title>
    <span>php
        require </span><span>'</span><span>application/view/front/title.inc.html</span><span>'</span>
    ?>

php留言系统(9)

其中title.inc.html代码

<link rel="<span">"<span>shortcut icon</span><span>"</span> href=<span>"</span><span>favicon.ico</span><span>"</span> />
<link rel="<span">"<span>stylesheet</span><span>"</span> type=<span>"</span><span>text/css</span><span>"</span> href=<span>"</span><span>public/front/css/1/basic.css</span><span>"</span> />
<link rel="<span">"<span>stylesheet</span><span>"</span> type=<span>"</span><span>text/css</span><span>"</span> href=<span>"</span><span>public/front/css/1/<?php echo SCRIPT?>.css</span><span>"</span> />

5.2 创建注册页面register.html

<span>参数请求为:
    请求注册页
        P</span>=<span>front
        C</span>=<span>fRegister
        A</span>=show

代码为:

<div id="<span">"<span>register</span><span>"</span>>
        <h2>会员注册</h2>
        <form method="<span">"<span>post</span><span>"</span> action=<span>"</span><span>post.php</span><span>"</span>>
            <dl>
                <dt>请认真填写一下内容</dt>
                <dd>
<span>
                    用 户 名:</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>username</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />(*<span>必填,至少两位)
                </span>
</dd>
                <dd>
<span>
                    密 码:</span><input type="<span">"<span>password</span><span>"</span> name=<span>"</span><span>password</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />(*<span>必填,至少六位)
                </span>
</dd>
                <dd>
<span>
                    确认密码:</span><input type="<span">"<span>password</span><span>"</span> name=<span>"</span><span>notpassword</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />(*<span>必填,同上)
                </span>
</dd>
                <dd>
<span>
                    密码提示:</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>passt</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />(*<span>必填,至少两位)
                </span>
</dd>
                <dd>
<span>
                    密码回答:</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>passd</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />(*<span>必填,至少两位)
                </span>
</dd>
                <dd>
<span>
                    性 别:</span><input type="<span">"<span>radio</span><span>"</span> name=<span>"</span><span>sex</span><span>"</span> value=<span>"</span><span>男</span><span>"</span> <span>checked</span>=<span>"</span><span>checked</span><span>"</span> /><span>男
                    </span><input type="<span">"<span>radio</span><span>"</span> name=<span>"</span><span>sex</span><span>"</span> value=<span>"</span><span>女</span><span>"</span> /><span>女
                </span>
</dd>
                <dd>class=<span>"</span><span>face</span><span>"</span>>
                    <img  src="<span" alt="php留言系统(9)" >"<span>public/front/face/m01.gif</span><span>"</span> alt=<span>"</span><span>头像选择</span><span>"</span><span>
                        onclick</span>=<span>"</span><span>javascript:window.open('face.php','face','width=400,height=400,top=0,left=0')</span><span>"</span> />
                </dd>
                <dd>
<span>
                    电子邮件:</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>email</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />
                </dd>
                <dd>
<span>
                    Q Q :</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>qq</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> />
                </dd>
                <dd>
<span>
                    主页地址:</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>url</span><span>"</span> <span>class</span>=<span>"</span><span>text</span><span>"</span> value=<span>"</span><span>http://</span><span>"</span> />
                </dd>
                <dd>
<span>
                    验 证 码:</span><input type="<span">"<span>text</span><span>"</span> name=<span>"</span><span>yzm</span><span>"</span> <span>class</span>=<span>"</span><span>text yzm</span><span>"</span> />
                </dd>
                <dd>
                    <input type="<span">"<span>submit</span><span>"</span> <span>class</span>=<span>"</span><span>submit</span><span>"</span> value=<span>"</span><span>注册</span><span>"</span> />
                </dd>
            </dl>
        </form>
    </div>

php留言系统(9)

5.3点击头像弹出选择头像框:

<img  src="<span" alt="php留言系统(9)" >"<span>public/front/face/m01.gif</span><span>"</span> alt=<span>"</span><span>头像选择</span><span>"</span><span>
                        onclick</span>=<span>"</span><span>javascript:window.open('face.php','face','width=400,height=400,top=0,left=0')</span><span>"</span> />

php留言系统(9)

这个页面存放着64 张头像页面,可以通过数组循环的方式罗列出来

<?php <span>foreach (range(<span>1</span>,<span>9</span>) <span>as</span> $number) {?>
php留言系统(9)"face/m0.gif" />

 6.提交数据
将数据提交到本页,必须做一个名值对,用来判断是否提交了数据。

?action=<span>register
也可以设计一个隐藏字段来做名值对
</span>input
type=<span>"</span><span>hidden</span><span>"</span><span>
name</span>=<span>"</span><span>action</span><span>"</span><span>
value</span>=<span>"</span><span>register</span><span>"</span>
/>

6.1核对验证码
验证码的用途是为了防止恶意注册和一些表单伪造跨站攻击等。
验证码里保存在session 里面,可以判断是否是当前表单提交,而刷新一次后验证码随
即变化,又可以防止多次恶意注册。

<span>if</span> (!($_POST[<span>'</span><span>yzm</span><span>'</span>] == $_SESSION[<span>'</span><span>code</span><span>'</span><span>])) {
_alert_back(</span><span>'</span><span>验证码有误,请重新输入!</span><span>'</span><span>);
}</span>

6.2.接受数据

<span>设计变量,将数据提交出来赋值给变量
$_username
</span>=<span>
$_POST[</span><span>'</span><span>username</span><span>'</span><span>];
也可以通过一个数组来存放提交过来的值
$_clean
</span>=<span>
array();
$_clean[</span><span>'</span><span>username</span><span>'</span><span>]
</span>=<span>
$_POST[</span><span>'</span><span>username</span><span>'</span>]

6.3各种限制与过滤

<span>1.首先,必须去掉两边的空格
$_string </span>= trim($_string);

<span>2.其次长度限制
</span><span>if</span> (mb_strlen($_string,<span>'</span><span>utf-8</span><span>'</span>) '<span>utf-8</span><span>'</span>) > $_max_num)

<span>3.敏感字符限制
$_char_pattern </span>= <span>'</span><span>/[\'\"\ \ ]/</span><span>'</span><span>;
</span><span>if</span> (preg_match($_char_pattern,$_string)) {}

<span>4.敏感用户名限制
$_mg[</span><span>0</span>] = <span>'</span><span>22</span><span>'</span><span>;
$_mg[</span><span>1</span>] = <span>'</span><span>11</span><span>'</span><span>;
$_mg[</span><span>2</span>] = <span>'</span><span>33</span><span>'</span><span>;
</span><span>foreach</span> ($_mg <span>as</span><span> $value) {
$_mg_string .</span>= <span>'</span><span>[</span><span>'</span>.$value.<span>'</span><span>]</span><span>'</span>.<span>'</span><span>\n</span><span>'</span><span>;
}
</span><span>if</span><span> (in_array($_string,$_mg)) {
_alert_back($_mg_string.</span><span>'</span><span>以上敏感用户名不得注册!</span><span>'</span><span>);
}</span>

<span>5.转义输入,有效防止SQL 注入问题
</span><span>//</span><span>mysql_escape_string();
</span><span>//</span><span>addslashes()</span>
<span>return</span> mysql_real_escape_string($_string); <span>//</span><span>这个mysql_是需要连接数据库的</span>

 

Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn