个人中心
gpt4 book ai didi

php - 如何验证 php post 变量?

转载 作者:行者123 更新时间:2023-11-28 23:17:41 25 4
gpt4 key购买 nike

在这里,我将插入用户详细信息,我的 insert_search.php 包含表单字段,而 insert_dummy.php 包含用于输入用户详细信息的插入代码。我的问题是如何验证 php post 变量以及我需要在哪里插入验证代码 eigther insert_search.php 或 insert_dummy.php?因为我是 php 的新手。在此先感谢您。插入搜索.php

<?php
include('header/page_header.php');
$user="root";
$server="localhost";
$password="";
$db="coedsproddb1";
$dbconn= mysql_connect($server,$user,$password);
mysql_select_db($db,$dbconn);

?>
<html>
<head><title>Insert</title>
<link rel="stylesheet" href="css/bookstyles.css">
<link rel="stylesheet" href="css/jquery-ui.css">
<script src="js/jquery-1.12.4.js"></script>
  <script src="js/jquery-ui.js"></script>
</head>
<body>
<div class="container">

<style>
#display {
color:red;
font-size:12px;
text-align:center;
}
.logo {
padding:5px;
float:right;
}
header {
background-color:#074e7c;
height:60px;
width:100%;
text-align:center;
color:white;
font-size:40px;

}
#wrap {
text-align:center;
}
table ,tr,td {
border-collapse:collapse;
}
</style>
<?php
$end_date1 = date('Y-m-d', strtotime("+3 months"));
 $end_date2 = date('Y-m-d', strtotime("+6 months"));
 $end_date3 = date('Y-m-d', strtotime("+9 months"));
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (empty($_POST["userName"])) {
        $userNameErr = "Missing";
    }
    else {
        $userName = $_POST["userName"];
    }

    if (empty($_POST["userEmail"])) {
        $userEmailErr = "Missing";
    }
    else {
        $userEmail = $_POST["userEmail"];
    }

    if (empty($_POST["userPassword"]))  {
        $userPasswordErr = "Missing";
    }
    else {
        $userPassword = $_POST["userPassword"];
    }


}
 ?>
<form name="useradd" id="useradd" action="insert_dummy.php" method="post">
<input type="hidden" name="end_date" >
<input type="hidden" name="userId" id="userId" value="<?php $userid;?>" >
<table align='center' border='1'>


    <tr>

           <td> <label for="userName">UserName</label></td>
            <td ><input id="userName" name="userName"  type="text" /></td>


        </tr>
        <tr>
        <td> <label for="userEmail">Email</label></td>
        <td ><input id="userEmail" name="userEmail" type="text"/></td>
        </tr>
        <tr>
        <td>
            <label for="userPassword">password</label></td>
            <td ><input id="userPassword" name="userPassword" type="password" /></td>


        </tr>
        <tr>
        <td>
            <label for="expiry_date">Application_expiry_date</label></td>
            <td ><input id="expiry_date" name="expiry_date" type="text" /></td>


        </tr>
        <br/>
        <br/>

    <td> <label for="end_date">EndDate</label></td>
        <td >  <select name="end_date" id="end_date">
             <option value=<?php echo $end_date1; ?>><?php echo $end_date1; ?></option>
             <option value=<?php echo $end_date2; ?>><?php echo $end_date2; ?> </option>
             <option value=<?php echo $end_date3;?>><?php echo $end_date3;?> </option>

        </select>
</td>
</tr>









        </table>



<br>



<div id="wrap">
<input type="submit" name="add" value="add" id="add">

</form>
<div id="display">
</div>

</div>

                <script type="text/javascript">
$('document').ready(function() {

    $(".tooltip").click(function(e) {
     $('[data-toggle="tooltip"]').tooltip();
     e.preventDefault();
     });
     });
     </script>-->
     <script type="text/javascript" >
    $(document).ready(function() {
    $( "#expiry_date" ).datepicker();
    $("#menuwrapper").hide();
    $("#unicode").click(function() {
        $("#menuwrapper").slideToggle(500);
    });
    });
</script>   




</body>
</html>

insert_dummy.php

<html>
<head><title>Insertion</title>

</head>
<body>
<style>

#colour {
text-decoration:none;
}
</style>
<div id="display">
<?php
include('header/page_header.php');
include('db.php');




$userName=mysql_real_escape_string($_POST['userName']);
$userEmail=mysql_real_escape_string($_POST['userEmail']);
$userPassword=mysql_real_escape_string($_POST['userPassword']);
$expiry_date1=mysql_real_escape_string($_POST['expiry_date']);
$expiry_date=date("Y-m-d" ,strtotime($expiry_date1));
$end_date1=mysql_real_escape_string($_POST['end_date']);
$end_date=date("Y-m-d",strtotime($end_date1));



 $regDate = date("Y-m-d");



function generateCode($characters) 
{
    $possible = '23456789abcdefghjkmnpqrstuvwxyz!@#$%^&*';
    $code = '';
    $i = 0;
    while ($i < $characters) { 
        $code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
        $i++;
    }
    return $code;
}

$registration_key=generateCode(10);



$str="insert into coeds_user(userName,userEmail,userPassword,regDate,expiry_date,registration_key) values('$userName','$userEmail','$userPassword','$regDate','$expiry_date','$registration_key')";


$query=mysql_query($str);
$userid=mysql_insert_id();
if($query)
{
$display="Success";
}
/*$string="select chapter_no from chapter_details ";
echo $string;
$query7=mysql_query($string);

$count=mysql_num_rows($query7);
for($i=0;$i<$count;$i++)
{
$chap_lic=generateCode(50);
$chapter_no=mysql_result($query7,$i,'chapter_no');
$start_date=date('Y-m-d');
$expiry_date=mysql_real_escape_string($_POST['end_date']);
$end_date=mysql_real_escape_string($_POST['end_date']);

$s="insert into chapter_subscriptions (userId,chapter_no,start_date,end_date) values($userid,$chapter_no,'$start_date','$end_date')";

$query8=mysql_query($s);
}
}*/
else
{
$display= "Failed";
}
/*$str="select * from chapter_subscriptions where userId=$userid";
$query7=mysql_query($str);
$display.="<table border='1' align='center'>";
$display.="<tr><th>ChapterNumber</th><th>StartDate</th><th>EndDate</th><th>ChapterLicense</th><th colspan='2'>Action</th></tr>";
while($result=mysql_fetch_array($query7))
{
$display.="<tr>";
$display.="<td>".$result['chapter_no']."</td>";
$display.="<td>".$result['start_date']."</td>";


$display.="<td>".$result['end_date']."</td>";
$display.="<td>".$result['chap_lic']."</td>";

$display.="<td><a id='colour' class='tooltip' title='Edit' href='chapter_subscription_update.php?user_Id=".$result['userId']."'><img id='image' src='./images/small.gif'/></a></td>";
$display.="<td><a id='colour' class='tooltip' data-toggle='tooltip' title='Delete' href='chapter_subscription_delete.php?user_Id=".$result['userId']." '><img id='image' src='./images/trash.png'/></a></td>";

$display.="</tr>";
}
$display.="</table>";*/








$string="select * from coeds_user where userId=$userid";
$query2=mysql_query($string);
$display.="<table border='1' align='center'>";
$display.="<tr><th>UserName</th><th>UserEmail</th><th>UserPassword</th><th>RegDate</th><th>ExpiryDate</th><th>RegistrationKey</th><th colspan='3'>Action</th></tr>";
while($result=mysql_fetch_array($query2))
{
$display.="<tr>";

$display.="<td>".$result['userName']."</td>";
$display.="<td>".$result['userEmail']."</td>";
$display.="<td>".$result['userPassword']."</td>";
$display.="<td>".$result['regDate']."</td>";
$display.="<td>".$result['expiry_date']."</td>";
$display.="<td>".$result['registration_key']."</td>";
$display.="<td><a id='colour' class='tooltip' title='Edit' href='user_update.php?user_Id=".$result['userId']."'><img id='image' src='./images/small.gif'/></a></td>";
$display.="<td><a id='colour' class='tooltip' data-toggle='tooltip' title='Delete' href='user_delete.php?user_Id=".$result['userId']." '><img id='image' src='./images/trash.png'/></a></td>";

$display.="<td><a id='colour' class='tooltip' data-toggle='tooltip' title='insert' href='chapter_subscription_search.php?user_Id=".$result['userId']." '>i</a></td>";
$display.="</tr>";

$display.="</table>";

 $end_date1 = date('Y-m-d', strtotime("+3 months"));
 $end_date2 = date('Y-m-d', strtotime("+6 months"));
 $end_date3 = date('Y-m-d', strtotime("+9 months"));
 $page="";


 ?>

<table align='center' border='1'>

    <tr>

           <td> <label for="userId">UserId</label></td>
            <td ><input id="userId" name="userId"  type="text" value="<?php echo $userid;?>"/></td>


        </tr>
        <tr>
        <td> <label for="userName">UserName</label></td>
        <td ><input id="userName" name="userName" type="text" value="<?php echo $result['userName'];?>"/></td>
        </tr>
        <tr>
        <td> <label for="userEmail">UserEmail</label></td>
        <td ><input id="userEmail" name="userEmail" type="text" value="<?php echo $result['userEmail'];?>"/></td>
        </tr>
        <tr>
        <td> <label for="userPassword">UserPassword</label></td>
        <td ><input id="userPassword" name="userPassword" type="password" value="<?php echo $result['userPassword'];?>"/></td>
        </tr>
        <tr>
        <td> <label for="expiry_date">ExpiryDate</label></td>
        <td ><input id="expiry_date" name="expiry_date" type="text" value="<?php echo $result['expiry_date'];?>"/></td>
        </tr>
        <tr>
        <td> <label for="end_date">EndDate</label></td>
        <td >  <select name="end_date" id="end_date">
             <option value=<?php echo $end_date1; ?>><?php echo $end_date1; ?></option>
             <option value=<?php echo $end_date2; ?>><?php echo $end_date2; ?> </option>
             <option value=<?php echo $end_date3;?>><?php echo $end_date3;?> </option>

        </select>
</td>
        </tr>




        </table>

<?php
}
$str="select chapter_no from chapter_details ";


$query7=mysql_query($str);

$count=mysql_num_rows($query7);
for($i=0;$i<$count;$i++)
{
$chap_lic=generateCode(50);
$chapter_no=mysql_result($query7,$i,'chapter_no');
$start_date=date('Y-m-d');
$expiry_date=mysql_real_escape_string($_POST['end_date']);
$end_date1=mysql_real_escape_string($_POST['end_date']);
$end_date=date("Y-m-d",strtotime($end_date1));
$s="insert into chapter_subscriptions (userId,chapter_no,start_date,end_date) values($userid,$chapter_no,'$start_date','$end_date')";

$query8=mysql_query($s);
}
$strings="select * from chapter_subscriptions where userId=$userid";
$query9=mysql_query($strings);
$display.="<table border='1' align='center'>";
$display.="<tr><th>ChapterNumber</th><th>StartDate</th><th>EndDate</th><th colspan='2'>Action</th></tr>";
while($result=mysql_fetch_array($query9))
{
$display.="<tr>";
$display.="<td>".$result['chapter_no']."</td>";
$display.="<td>".$result['start_date']."</td>";


$display.="<td>".$result['end_date']."</td>";


$display.="<td><a id='colour' class='tooltip' title='Edit' href='chapter_subscription_update.php?user_Id=".$result['userId']."'><img id='image' src='./images/small.gif'/></a></td>";
$display.="<td><a id='colour' class='tooltip' data-toggle='tooltip' title='Delete' href='chapter_subscription_delete.php?user_Id=".$result['userId']." '><img id='image' src='./images/trash.png'/></a></td>";

$display.="</tr>";
}
$display.="</table>";


echo $display;


?>
</div>
 <script type="text/javascript">
    $(document).ready(function() {
    $( "#expiry_date" ).datepicker();
    $("#menuwrapper").hide();
    $("#unicode").click(function() {
        $("#menuwrapper").slideToggle(500);
    });
    });

</script>   


</body>
</html>

最佳答案

您始终在接受用户输入(GET、POST 或您使用的任何内容)的 PHP 文件中进行验证,即。在 insert_dummy.php 中。

大部分时间都可以通过在 URL 中传递参数或以编程方式生成表单数据来规避之前的任何事情。

实际表单中的表单验证只是为了方便用户,因此他们不必发送表单并从执行实际信息保存的 PHP 文件中得到“错误,错误的表单字段”错误(除非你实现了一些东西像对表单数据进行哈希处理这样不必要的复杂化,但随后您需要对其进行验证,并且无论如何您都会将哈希代码公开为 Javascript)。

至于如何 - 只有您知道您接受什么样的数据(用户名/密码长度、复杂性等),因此您必须编写一个自定义函数来执行它并在将任何内容传递给数据库部分之前运行它。

关于php - 如何验证 php post 变量?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43138624/

25 4 0
文章推荐: iphone - AdBannerView 框架高度始终为零
文章推荐: tomcat - jplayer 持续时间和进程不适用于 chrome
文章推荐: cocoa-touch - iOS : bubble text?
文章推荐: tomcat - tomcat 的 SSL 设置问题,证书类型为 PrivateKeyEntry
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com