PHP表單驗證 -w3school PHP學習筆記 w3school菜鳥 w3school官網 w3school教學下載
- WBOY原創
- 2016-07-29 08:53:252562瀏覽
注意:在PHP處理表單時請注意資料的安全性
在處理html表單之前對提交資料進行驗證是非常有必要的,能夠防止駭客的入侵和垃圾郵件的騷擾。 
上面的html表單假設應用如下的規則:
字段–驗證規則
姓名(name)–必填,必須包含字母和空格
郵件(email)–必需,必須包含有效的電子郵件地址,包括@和.
網址(website)–可選填,如果填則必須是有效的url
評論(comment)–可選填,多行輸入欄位
性別(gender)–必需,選一項
html代碼如下:
<code><span></<span>head</span>></span><span><<span>body</span>></span><span><<span>form</span><span>action</span>=<span>'test.php'</span><span>method</span>=<span>'post'</span>></span>
姓名:<span><<span>input</span><span>type</span>=<span>'text'</span><span>name</span>=<span>'name'</span> /></span><span><<span>br</span>/></span>
电邮:<span><<span>input</span><span>type</span>=<span>'text'</span><span>name</span>=<span>'email'</span> /></span><span><<span>br</span>/></span>
网址:<span><<span>input</span><span>type</span>=<span>'text'</span><span>name</span>=<span>'website'</span> /></span><span><<span>br</span>/></span>
评论:<span><<span>textarea</span><span>name</span>=<span>'comment'</span><span>rows</span>=<span>3</span><span>cols</span>=<span>21</span>></span><span></<span>textarea</span>></span><span><<span>br</span>/></span>
性别:<span><<span>input</span><span>type</span>=<span>"radio"</span><span>name</span>=<span>'gender'</span><span>value</span>=<span>0</span><span>checked</span>=<span>'checked'</span>/></span>女性
<span><<span>input</span><span>type</span>=<span>"radio"</span><span>name</span>=<span>'gender'</span><span>value</span>=<span>1</span> /></span>男性<span><<span>br</span>/></span><span><<span>input</span><span>type</span>=<span>'submit'</span><span>value</span>=<span>'提交'</span> /></span><span></<span>form</span>></span><span></<span>body</span>></span><span></<span>html</span>></span></code>
此表單透過post的方法提交資料
透過PHP驗證表單資料:
一般在過濾提交過來的數據時,會用到htmlspecialchars()函數處理數據,它會將html標籤字元轉換為html實體。例如會被替換為<code><span><<span>script</span>></span><span>location.href(<span>'http://www.hacked.com'</span>)</span><span></<span>script</span>></span></code>
將會被轉義為:<code><span>&</span><span>lt</span>;script<span>&</span><span>gt</span>;location<span>.</span>href(<span>'http://www.hacked.com'</span>)<span>&</span><span>lt</span>;/script<span>&</span><span>gt</span>;</code>
,現在這個提交的資料就是安全的,它不會對頁面程式碼造成損壞。
另外,我們除了用htmlspecialchar()函數過濾資料外,還要做兩件事:
刪除使用者輸入資料中的反斜線()使用PHP的stripslashes()函數
<code><span><span><?php</span><span>$name</span>=<span>$email</span>=<span>$website</span>=<span>$comment</span>=<span>''</span>; <span>$gender</span>=<span>0</span>; <span>$name</span>=test_input(<span>$_POST</span>[<span>'name'</span>]); <span>$email</span>=test_input(<span>$_POST</span>[<span>'email'</span>]); <span>$website</span>=test_input(<span>$_POST</span>[<span>'website'</span>]); <span>$comment</span>=test_input(<span>$_POST</span>[<span>'comment'</span>]); <span><span>function</span><span>test_input</span><span>(<span>$data</span>)</span>{</span><span>$data</span>=trim(<span>$data</span>);<span>//去除$data数据两侧多余的空格</span><span>$data</span>=stripslashes(<span>$data</span>);<span>//去除$data中的反斜杠</span><span>$data</span>=htmlspecialchars(<span>$data</span>);<span>//将html标签转以为html实体</span><span>return</span><span>$data</span>; } <span>?></span></span></code>').addClass('pre-numbering').hide();
$(this).addClass('has-numbering').parent().append($numbering);
for (i = 1; i - ').text(i));
};
$numbering.fadeIn(1700);
});
});
以上就介紹了PHP表單驗證 -w3school PHP學習筆記,包括了w3school方面的內容,希望對PHP教程有興趣的朋友有所幫助。