如何使用php验证输入表单

时间:2014-11-04 03:56:20

标签: php forms validation

我创建了一个表单如下,但现在我需要使用PHP验证用户输入。作为一项安全措施,您不仅应该依赖于javascript / HTML 5表单 验证以验证您的表单提交。你应该总是使用服务器 验证以验证正在提交的任何数据 编写将执行以下操作的PHP代码: 1.验证firstName,lastName和email是否必需 2.如果输入的是一个数字,则验证该年龄 3.验证电子邮件和网站条目以确保它们有效

<!DOCTYPE html>

<html>
<head>
    <title>Page Title</title>
</head>

<?php
$firstName="";
$lastName="";
$email="";
$age="";
$website="";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
   if (empty($_POST["firstName"])) {
      $firstName = "First name is required";
   }
   else {
      $firstName = test_input($_POST["firstName"]);
   }
   if (empty($_POST["lastName"])) {
      $lastName = "Last name is required";
   }
   else {
      $lastName = test_input($_POST["lastName"]);
   }
   if (empty($_POST["email"])) {
      $email = "Email is required";
   }
   else {
      $email = test_input($_POST["email"]);
   }
   if (is_numeric ($_POST["age"]))  {}
   else { $age ="Age must be numeric";
     }

}
echo $firstName;
echo $lastName;
echo $email;
echo $age;

?>



<form action="." method="POST">
<input type="text" name="firstName" placeholder="*First Name" /><br>
<input type="text" name="lastName" placeholder="*Last Name" /><br>
<input type="text" name="email" placeholder="*Email" /><br>
<input type="text" name="age" placeholder="Age" /><br>
<input type="text" "name="website" placeholder="Website" /><br>
<input type="submit" name="submit" value="Submit" />
</form>
<body>





</body>
</html>

所以它看起来像这样: enter image description here

3 个答案:

答案 0 :(得分:1)

在这里,这是我在我的脚本库中碰巧遇到的一个表单,您可以根据自己的需要对其进行修改。

奇怪的是,它有一个名为test_input()的函数,可以完成您想要实现的功能。

旁注:请务必将其更改为您自己的$myemail = "email@example.com"; 

<?php
ob_start();
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<style>
.error {color: #FF0000;}
h6
{
  font-family: bookman old style;
  font-size:20px;
  text-align: center;
  font-weight: normal;
}
h5
{
  font-family: bookman old style;
  font-size:15px;
  text-align: center;
  font-weight: normal;
}
</style>

<?php
$nameErr = $emailErr  = $websiteErr = $commentErr = $categoryErr = "";
$name = $email = $comment  = $website = $category = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
   if (empty($_POST["name"])) {
     $nameErr = "Name is required";


$Err = 1;


   } else {
     $name = test_input($_POST["name"]);
     if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
       $nameErr = "Only letters and white space allowed"; 
     }
   }

   if (empty($_POST["email"])) {
     $emailErr = "Email is required";

$Err = 1;


   } else {
     $email = test_input($_POST["email"]);
     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
       $emailErr = "Invalid email format"; 

 $Err = 1;

// die();


     }
   }

   if (empty($_POST["website"])) {
     $websiteErr = "URL is required";

$Err = 1;

   } else {
     $website = test_input($_POST["website"]);
     if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
       $websiteErr = "Invalid URL"; 
     }
   }

   if (empty($_POST["comment"])) {
//     $comment = "";

     $commentErr = "Comment is required";

$Err = 1;

   } else {
     $comment = test_input($_POST["comment"]);
   }
//   if (empty($_POST["category"])) {

   if ($_POST["category"] == "" ) {
     $categoryErr = "Category is required";

$Err = 1;


   } else {
     $category = test_input($_POST["category"]);
   }
}

function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}
?>
<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>

<h6>Link Submission</h6>
<h5><span class="error">* required field.</span>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> 
   Name Of Site: <input type="text" name="name" value="<?php echo $name;?>">
   <span class="error">* <?php echo $nameErr;?></span>
   <br><br>
   E-mail: <input type="text" name="email" value="<?php echo $email;?>">
   <span class="error">* <?php echo $emailErr;?></span>
   <br><br>
   URL: <input type="text" name="website" value="<?php echo $website;?>">
   <span class="error">* <?php echo $websiteErr;?></span>
   <br><br>
   Description: <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea><span class="error">* <br><?php echo $commentErr;?></span>
   <br><br>

Category Of Site: <select size="1" name="category"> 
   <option value="<?php echo $category;?>"> -- Please select -- </option>    
   <option>Arts</option>     
   <option>Business</option>     
   <option>Computers</option>     
   <option>Games</option>     
   <option>Health</option>     
   <option>Home</option>     
   <option>Kids and Teens</option>     
   <option>News</option>     
   <option>Recreation</option>     
   <option>Reference</option>     
   <option>Science</option>     
   <option>Shopping</option>     
   <option>Society</option>     
   <option>Sports</option>     
   <option>World</option>

  </select><span class="error">* <?php echo $categoryErr;?></span>
   <br><br>
   <input type="submit" name="submit" value="Submit"> 
</form>
</h5>


<?php

 if(isset($_POST['submit'])){

if ($Err != 1){

$myemail = "email@example.com";
$subject = "Link Submission";
$message = "Your Link Submission form has been submitted by:
Website Name: $name
E-mail: $email
URL: $website
Category: $category
Description:
$comment";

$headers = "From: ". $name . " <" . $email . ">\r\n";

mail($myemail, $subject, $message, $headers);
// header('Location: submit_thanks.php');

echo "OK";

}

}
?>

答案 1 :(得分:0)

试试这个

提示将它们存储在数组中然后显示它们

if ($_SERVER["REQUEST_METHOD"] == "POST") {
   if (empty($_POST["firstName"])) {
      $error['firstName'] = "First name is required";
   }
   else {
      $firstName = test_input($_POST["firstName"]);
   }
   if (empty($_POST["lastName"])) {
      $error['lastName'] = "Last name is required";
   }
   else {
      $lastName = test_input($_POST["lastName"]);
   }
   if (empty($_POST["email"])) {
      $error['email'] = "Email is required";
   }
   else {
      $email = test_input($_POST["email"]);
   }
   if (is_numeric ($_POST["age"]))  {

   }
   else { $error['age'] ="Age must be numeric";
     }

}


?>

<html>
<body>

<form action="" method="POST">
    <?php echo $error['firstName'] = "First name is required".'<br/>';?>
<input type="text" name="firstName" placeholder="*First Name" /><br>
<?php echo $error['lastName'] = "First name is required".'<br/>';?>
<input type="text" name="lastName" placeholder="*Last Name" /><br>
<?php echo $error['email'].'<br/>'?>
<input type="text" name="email" placeholder="*Email" /><br>
<?php echo $error['age'].'<br/>'?>
<input type="text" name="age" placeholder="Age" /><br>
<input type="text" "name="website" placeholder="Website" /><br>
<input type="submit" name="submit" value="Submit" />
</form>






</body>
</html>

答案 2 :(得分:-2)

我认为您可以尝试使用PHP_SELF。一个简单的例子:

<强> HTML 

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method='POST'>
    <input type='submit' name='submit'/>
</form>

<强> PHP 

<?php
    if (isset($_POST['submit'])) {
        echo "your code here";
    }

?>
相关问题
最新问题