由于xss_clean,表单验证无效

时间:2016-07-13 06:51:58

标签: php codeigniter 

  public function add_creation()
{
    $images = $this->do_imgupload();
    $this->form_validation->set_rules('title','title','trim|xss_clean');
    $this->form_validation->set_rules('instrument_used','instrument_used','trim|xss_clean');
    $this->form_validation->set_rules('genre','genre','trim|xss_clean');
    $this->form_validation->set_rules('courtesy','courtesy','trim|xss_clean');
    $this->form_validation->set_rules('image_link','image_link','trim|xss_clean');
    $this->form_validation->set_rules('song_link','song_link','trim|xss_clean');
    $this->form_validation->set_rules('comment_request','comment_request','trim|xss_clean');

    if($this->input->post('upload')){
        if($this->form_validation->run()==FALSE){

               redirect('creations');
        }
        else
        {
            //based on input field the data will be inserted
            if ($this->input->post('image_link')) {
                    $time=date('Y-m-d');
            $data1=array(
            'title'=>$this->input->post('title'),
            'instrument_used' =>$this->input->post('instrument_used'),
            'genre' =>$this->input->post('genre'),
            'art_form_id' =>$this->input->post('art_form_id'),
            'courtesy' =>$this->input->post('courtesy'),
            'image_link'=>$images['file_name'],
            'artist_id'=>1,
            'published_date'=>$time,
            'comment_request' => $this->input->post('comment_request')

            );
            $query=$this->hbmodel->md_add_creation($data1);


            } 




            if ($query) 
            {


                redirect('profile');    
            }
            else
            {

               redirect('creations');
            }
    }
}
  }


        <form   role="form" id="#publish_creation" action="<?php echo base_url();?>creations/add_creation" method="post" enctype="multipart/form-data">
                <input type="submit" value="Publish" name="upload" class="btn th-btn-pri1blue">
    <input class="btn btn-default btn-sm" type="file"  name="image_link" id="image_upload">


          <input placeholder="Title: Numb Cover" name="title" id="title" type="text" required >
          <select class="form-control" id="my_select" name="art_form_id">
          <option value="1">Music</option>
          <option value="2">Photography</option>
          <option value="3">Painting</option>
          <option value="4">Fashion</option>
          <option value="5">Modelling</option>
          </select> 


        <input  placeholder="Genre: Alternative Rock" name="genre" id="genre"  type="text" >

        <input  placeholder="Instrument Used: Yamaha Piano" name="instrument_used" id="instrument_used" type="text" >

        <input  placeholder="Courtesy: Linkin Park" name="courtesy" id="courtesy"  type="text" >

        <input  placeholder="Comment Request: Be critical or interpret!" name="comment_request" id="comment"  type="text" >
    </form>

当我提交表单并且没有收到任何错误时,我被重定向到同一个上传页面。但我正在尝试向控制器提供值,以便稍后进入模型页面。你可以从控制器创建数据库并将其插入模型中。我确信模型没有任何问题。

3 个答案:

答案 0 :(得分:3)

我发现您必须在config文件夹的global_xss_filtering中将true更改为config.php。然后把

$this->load->helper('security');

到控制器。然后验证将起作用。 CI 3.0.0中出现此问题

答案 1 :(得分:1)

您的验证应该是(表单中缺少song_link字段): 

   $this->form_validation->set_rules('title','title','trim|xss_clean');
   $this->form_validation->set_rules('instrument_used','instrument_used','trim|xss_clean');
   $this->form_validation->set_rules('genre','genre','trim|xss_clean');
   $this->form_validation->set_rules('courtesy','courtesy','trim|xss_clean');
   $this->form_validation->set_rules('image_link','image_link','trim|xss_clean');

 // should not include song_link as it is missing 

  $this->form_validation->set_rules('comment_request','comment_request','trim|xss_clean');

答案 2 :(得分:1)

我认为您的行动链接不对。你忘了在base_url()之后添加/index.php,或者你可以使用site_url()

行动= “/ index.php的/创作/ add_creation”

相关问题
最新问题