我正在为我的网站制作验证系统。实际上,如果我没有在$_POST中添加任何参数(例如$_POST['Login']),我的代码就可以正常工作。如果我在$_POST中放入任何参数,则会返回错误:
警告:非法字符串偏移:C:\ ...
中的'username'
我的示例身份验证表单:
<form action="" method="post">
<div class="field">
<label for="username">Username: </label>
<input type="text" name="username" id="username" autocomplete="off" />
</div>
<div class="field">
<label for="Password">Password: </label>
<input type="password" name="password" id="password" autocomplete="off" />
</div>
<div class="field">
<label for="remember">
<input type="checkbox" name="remember" id="remember" value="on"/> Remember Me
</label>
</div>
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>" />
<input type="submit" value="Login" name="Login"/>
</form>
提交表单时将处理的脚本:
<?php
require_once 'init.php';
$user = new User();
if($user->isLoggedIn()){
Redirect::to('index.php');
}
$validate = new Validate();
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
$validation = $validate->check($_POST["Login"], array(
'username' => array('required' => true),
'password' => array('required' => true)
));
}
}
?>
验证类:
<?php
class Validate {
# Set the variables
private $_passed = false,
$_errors = array(),
$_db = null;
# Construct or establish connection to the database
public function __construct(){
$this->_db = Database::getInstance();
}
# The validation/checking code or the main brain of the code
public function check($source, $items = array()){
# Run a ` for each ` for each item in the fields
foreach($items as $item => $rules) {
# Run a ` for each ` for every rule in the items
foreach($rules as $rule => $rule_value) {
# Set the variables of `value` and `item`
$value = $source[$item];
$item = sanitize($item);
if($rule === 'required' && empty($value)) {
$this->addError("{$item} is required");
} else if (!empty($value)) {
switch($rule) {
# Case: Minimum
case 'min':
if(strlen($value) < $rule_value) {
$this->addError("{$item} must be a minimum of {$rule_value} characters.");
}
break;
# Case Maximum
case 'max':
if(strlen($value) > $rule_value) {
$this->addError("{$item} must be a maximum of {$rule_value} characters.");
}
break;
# Case: Match
case 'matches':
if($value != $source[$rule_value]) {
$this->addError("{$rule_value} must match {$item}.");
}
break;
# Case: Unique
case 'unique':
$check = $this->_db->get($rule_value, array($item, '=', $value));
if($check->count()) {
$this->addError("{$item} already exists.");
}
break;
# Case: Not match
case 'notmatch':
if($value === $source[$rule_value]) {
$this->addError("{$rule_value} must not match {$item}.");
}
break;
}
}
}
}
if(empty($this->_errors)) {
$this->_passed = true;
}
}
# ~ ADD ~ and error
public function addError($error) {
$this->_errors[] = $error;
}
# ~ RETURN ~ the errors
public function errors() {
return $this->_errors;
}
# ~ CHECK ~ if it is passed
public function passed() {
return $this->_passed;
}
}
答案 0 :(得分:0)
您正在调用$ validate-&gt;检查并传递$ _POST [&#34; Login&#34;]作为第一个参数,但根据您的HTML,您应该只传递$ _POST。当您传递$ _POST [&#34;登录&#34;]时,表单输入应具有名称=&#34;登录[用户名]&#34;
现在当你传递$ _POST [&#34;登录&#34;]时,它实际上是一个空数组,这可能是你获得非法字符串偏移的原因