我正在尝试修改框架上的表单,我真的不知道发生了什么。
表格如下:
<form name="postVideoComment" id="postVideoComment" method="post" action="#">
<input type = "text" id = "user_handle" name = "user_handle" class="video_comment">
<textarea name="video_comment" id="video_comment" cols="100" rows="5" class="video_comment"></textarea>
<div id="post_message" class="post_message" style="display: none;">{t c='global.comment_empty'}</div>
<div class="action"><span id="chars_left">1000</span> {t c='global.chars_left'}</div>
<div class="action">
<input name="submit_comment" type="button" value=" {t c='global.post'} " id="post_video_comment_{$video.VID}" class="button" />
</div>
<div class="clear_left"></div>
</form>
但是,以某种方式,id为user_handle的输入不会传递给表单。此表单提交到一个文件video_comment.php,其行为方式我无法理解(例如,它使用$ filter-&gt; get('comment')来获取评论;这个'评论'即将到来我不知道但它的评论工作非常好,除非它忽略了我的user_handle:
$data = array('msg' => '', 'code' => '', 'vid' => 0, 'cid' => 0);
if ( isset($_POST['video_id']) && isset($_POST['comment']) ) {
if ( $config['video_comments'] == '0' ) {
$data['msg'] = 'Video comments are currently disabled!';
} else {
$spam = false;
if ( isset($_SESSION['v_comment_added']) ) {
$delay = intval($_SESSION['v_comment_added'])+30;
if ( time() < $delay ) {
$spam = true;
$_SESSION['v_comment_added'] = time();
}
}
$filter = new VFilter();
$uid = '1';
$vid = $filter->get('video_id', 'INTEGER');
$user_handle = $_POST['user_handle'];
$comment = $filter->get('comment');
var_dump($_POST);
$sql = "INSERT INTO video_comments ( VID, UID, comment, user_handle, addtime )
VALUES (" .$vid. ", " .$uid. ", '" .mysql_real_escape_string($comment). "', '" .mysql_real_escape_string($user_handle). "', '" .time(). "')";
$conn->execute($sql);
任何帮助表示赞赏!谢谢!
答案 0 :(得分:0)
我认为“VFilter”类可能正在清理POST数据,以确保只能通过$ filter实例访问这些数据。看看那个类,我猜有一个从POST变量名称到短语的映射,比如'comment'。