PHP表单验证具有多个功能

时间:2018-05-24 19:24:51

标签: php forms validation

我已经创建了一个注册表单,并且出于安全考虑,我想验证用户输入。

我已经创建了一些功能,如下所示。

我只是不确定如何正确实现它们。我是否会嵌套if语句?我现在就像现在这样保留它吗?

当某些事情不正确时,如何停止我的脚本?为了防止在某些事情不正确时尝试插入。

非常感谢任何帮助。

function validateLength($stringToValidate, $minimumLength) {
    if(strlen($stringToValidate) < $minimumLength) {
        return [
            'error' => 'Minimum length is 8 charachters',
            'class' => 'alert alert-danger',
        ];
    } else {
        return true;
    }
}

function validateEmail($emailToVerify) {
    if(filter_var($emailToVerify, FILTER_VALIDATE_EMAIL)) {
        return true
    } else {
        return [
            'error' => '<strong>Error:</strong> That is not a valid email address',
            'class' => 'alert alert-danger'
        ];
    }
}

function formIsFilledIn(array $formInputs = []) {
    foreach ($formInput as $inputField) {
        if(empty($inputField)) {
            return [
                'error' => '<strong>Error: </strong> Fill in all fields.',
                'class' => 'alert alert-danger',
            ];
        }
    }
    return null;
}

现在,我正在使用各种功能。

$formErrors = formIsFilledIn($_POST);

if($formErrors !== null) {
   // Something is not filled in
}

$formErrors = validateLength($_POST['username'], 8);

if($formErrors !== true) {
   // Username doesn't have enough characters
}

$formErrors = validateLength($_POST['password'], 8);

if($formErrors !== true) {
   // Password doesn't have enough characters
}

为了完整性,这是插入部分(它正常工作)

$stmt = $connect->prepare('INSERT INTO `users` (user_name, user_password, user_email, user_perms, user_created_at) VALUES (?, ?, ?, ?, ?)');

if($stmt) {
    $username = $_POST['username'];
    $password = hashPassword($_POST['password']);
    $email = $_POST['email'];
    $date = date('Y-m-d H:i:s');
    $perms = "Gebruiker";

    $stmt->bind_param('sssss', $username, $password, $email, $perms, $date);

    if($stmt->execute()) {
        $err = "<strong>Success: </strong> The account has been created";
        $class = "alert alert-success";
    } else {
        $err = "<strong>Error:</strong> Something went wrong";
        $class = "alert alert-danger";
    }
}

1 个答案:

答案 0 :(得分:1)

你确实可以使用elseif将if连接起来。但是,我会建议对功能进行一些更改。您只需让他们验证并返回truefalse

,而不是让他们验证并返回包含某些错误的数组。

看起来有点像这样:

function validateLength($stringToValidate, $minimumLength) {
    if(strlen($stringToValidate) < $minimumLength) {
        return false;
    } else {
        return true;
    }
}

function validateEmail($emailToVerify) {
    if(filter_var($emailToVerify, FILTER_VALIDATE_EMAIL)) {
        return true;
    } else {
        return false;
    }
}

function formIsFilledIn(array $formInputs = []) {
    foreach ($formInputs as $inputField) {
        if(empty($inputField)) {
            return false;
        }
    }
    return true;
}

这意味着您可以执行以下操作:

if(!formIsFilledIn($_POST)) {
    $error = [
        'error' => '<strong>Error: </strong> Fill in all fields.',
        'class' => 'alert alert-danger',
    ];

} elseif(!validateLength($_POST['username'], 8) || !validateLength($_POST['password'], 8)) {
    $error = [
        'error' => 'Minimum length is 8 charachters',
        'class' => 'alert alert-danger',
    ];
}

elseif(!validateEmail($_POST['email'])) {
    $error = [
        'error' => '<strong>Error:</strong> That is not a valid email address',
        'class' => 'alert alert-danger'
    ];
}

else {
// now you can call a function that starts to insert stuff, everything has been validated
}

当然,这种形式会越长,形式就越长。另一种选择是迭代帖子并检查所有字段是否都有有效长度。完成后,您可以查看电子邮件和所有其他特殊字段

相关问题
最新问题