请找到index.html和submit.php文件的代码。在loopo的帮助下,两者都工作完美。我正在努力将验证代码放在哪里(在index.html文件或submit.php文件中)。我在 html 文件中使用 html5 输入类型,但我不知道在 Submit.php 文件中到底要在哪里进行验证。我有多个表单,我按照建议制作了validations.php。我也不明白错误消息将显示在哪里?
您能否建议我通过编辑submit.php 文件在submit.php 文件中添加这些验证的位置?
电子邮件的正则表达式 ('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0 -9-]+)*(\.[a-z]{2,3})$/')
手机正则表达式 (^(?:(?:\+|0{ 0,2})91(\s*[\-]\s*)?|[0]?)?[789]\d{9}$)
index.html 文件
<form method="post" action="submit.php">
<div class="box">
<div class="cl"><input type="text" name="name" placeholder="Name" /></div>
<div class="cl"><input type="text" name="city" placeholder="City" /></div>
<div class="cl"><input type="text" name="mobile" placeholder="Mobile" /></div>
<div class="cl"><input type="email" name="email" placeholder="Email" /></div>
<div class="cl"><input type="text" name="sub" placeholder="Want 3 m Free Subscription (Yes/No)?"></textarea></div>
<div class="cl"><input type="text" name="slogan" placeholder="Suggest a slogan for 6 m subscription"></textarea></div>
</div>
<div class="srow">
<div class="cl1">
<ul class="action">
<li><input type="submit" value="Submit" /></li>
</ul>
</div>
</div>
</form>
提交.php文件
<?php
include 'config.php'; // store your configuration in a seperate file so
// you only need to update it once when your environment changes
$errors = false;
$output = '';
$nl = '<br>'.PHP_EOL;
$redirect_url = 'index.html';
if (!$con = new mysqli(DBHOST,DBUSER,DBPASS,DBNAME)){
$errors = true;
$output .= "ERROR Can't connect to DB".$nl;
};
if (!$errors){
//should validate/clean $_POST before using in query
$name = $con->escape_string($_POST['name']);
$city = $con->escape_string($_POST['city']);
$email = $con->escape_string($_POST['email']);
$mobile = $con->escape_string($_POST['mobile']);
$sub = $con->escape_string($_POST['sub']);
$slogan = $con->escape_string($_POST['slogan']);
$sql="INSERT INTO members
(sName, sCity, sMobile, sEmail, sSub, sSlogan)
VALUES ('$name', '$city', '$mobile', '$email',
'$sub','$slogan')";
if (!$con->query($sql)){ //forgot a parenthesis here earlier
$output .= 'ERROR: DB said: ('.$con->errno.') '.$con->error.$nl;
$output .= 'Query was:'.$sql.$nl;
$errors = true;
}else{
$output .= "1 record added".$nl;
}
}
if (!$errors){
//if there are no errors redirect to index.html;
header('refresh: 2; URL='.$redirect_url);
$output .= '...Redirecting...'.$nl;
}else{
//show the errors and allow display a link to go back/try again
$output .= '<a href="'.$redirect_url.'">Try again</a>'.$nl;
}
echo $output;
?>
loopo 建议的验证但不知 Prop 体的放置位置。我制作了一个validations.php文件并包含在submit.php中,但可能是我的语法错误,因此它不起作用。
function validate_name($input){
// fairly naive rule:
// upper and lower case latin characters and space
// at least three character long
// you may want to look at allowing other characters such as é ö etc.
$input = trim($input); //get rid of spaces at either end
if (preg_match('/^[a-zA-Z ]{3,}$/',$input) == 1){
return $input;
}else{
return false;
}
}
if (!empty($_POST['name']){
if (!$name = $con->escape_string(validate_name($_POST['name'])){
$error = true;
$output .= 'ERROR: Invalid Name: '.$_POST['name'].$nl;
}
}else{
$error = true;
$output .= 'ERROR: No name specified'.$nl;
}
最佳答案
可以通过直接向 php 文件发送请求来绕过 html 验证,因此在服务器端验证信息是一个不错的选择。
我建议你最好使用php的内置函数filter_var ,为了干净的代码和准确/安全的结果,请尝试以下操作:
function validateEmail($email){
if(filter_var($email,FILTER_VALIDATE_EMAIL)){
return true;
}
}
function validatePhonenb($nb){
if(filter_var($nb,FILTER_VALIDATE_REGEXP,array("options"=>array("regexp"=>"/^(?:(?:\+|0{0,2})91(\s*[\-]\s*)?|[0]?)?[789]\d{9}$/"))){
return true;
}
}
由于没有验证电话号码,我使用了你的正则表达式,顺便说一句,你可以 sanitize在继续之前使用 var_filter 的电话号码而不是验证它
I have multiple forms and I made validations.php as suggested. I am also not understanding where will the error messages been shown
错误消息将显示在页面底部,因为它们在代码末尾得到回显
echo $output;
?>
如果它们没有被替换,则更改回显包含错误的输出的位置并在其后执行 die() ,以便脚本在显示错误后停止执行
关于php - 使用 php 验证 html 页面上的字段,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32695491/