预先道歉。今天是我使用 php 的第一天,我终于想出了如何让我的页面回发到自身(我把页面作为.html,而不是.php),但现在我很难弄清楚如何在表单验证后将数据带到新页面。 我已经为此工作了一段时间,我炸了。 下面是一个简单的示例:
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// Initialize variables and set to empty strings
$firstName=$lastName="";
$firstNameErr=$lastNameErr="";
// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
if (empty($_POST["firstName"])) {
$firstNameErr = "First name is required";
}
else {
$firstName = test_input($_POST["firstName"]);
}
if (empty($_POST["lastName"])) {
$lastNameErr = "Last name is required";
}
else {
$lastName = test_input($_POST["lastName"]);
}
}
// Sanitize data
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Find Customer</h2>
<p><span class="error">* required</span></p>
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="post">
First Name: <input type="text" name="firstName" value="<?php echo $firstName; ?>"><span class="error">* <?php echo $firstNameErr; ?></span><br><br>
Last Name: <input type="text" name="lastName" value="<?php echo $lastName; ?>"><span class="error">* <?php echo $lastNameErr; ?><br><br>
<input type="submit">
</form>
</body>
</html>
还行。因此,在上面,您将看到表单会发布回自身,以便进行验证。 好。现在,考虑到所有事情都是有效的,我如何发布到另一个脚本(action="otherAction.php",也许?)以便实际处理数据?
此外,任何安全建议都值得赞赏。我尽力考虑安全性。谢谢。
当满足所有条件时,您可以使用header('Location: http:mywebsite.com/otherAction.php')
// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
$valid = true; //Your indicator for your condition, actually it depends on what you need. I am just used to this method.
if (empty($_POST["firstName"])) {
$firstNameErr = "First name is required";
$valid = false; //false
}
else {
$firstName = test_input($_POST["firstName"]);
}
if (empty($_POST["lastName"])) {
$lastNameErr = "Last name is required";
$valid = false;
}
else {
$lastName = test_input($_POST["lastName"]);
}
//if valid then redirect
if($valid){
header('Location: http://mywebsite.com/otherAction.php');
exit();
}
}
在我的一些作品中,我的设置是这样的,但我在这里学到了一些不好的东西。那是您在提交表单后刷新页面时,POST 值仍然存在,并且可能用于复制条目。这不好IMO。
使用 javascript 进行验证,然后将帖子表单发送到自身或另一个页面,在那里它可以对数据执行操作。
<!DOCTYPE html>
<html>
<head>
<script>
function validateForm()
{
var x=document.forms["myForm"]["fname"].value;
if (x==null || x=="")
{
alert("First name must be filled out");
return false;
}
}
</script>
</head>
<body>
<form name="myForm" action="demo_form.php" onsubmit="return validateForm()" method="post">
First name: <input type="text" name="fname">
<input type="submit" value="Submit">
</form>
</body>
</html>
来源 : http://www.w3schools.com/js/js_form_validation.asp
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// Initialize variables and set to empty strings
$firstName=$lastName="";
$firstNameErr=$lastNameErr="";
// Control variables
$app_state = "empty"; //empty, processed, logged in
$valid = 0;
// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
if (empty($_POST["firstName"])) {
$firstNameErr = "First name is required";
}
else {
$firstName = test_input($_POST["firstName"]);
$valid++;
}
if (empty($_POST["lastName"])) {
$lastNameErr = "Last name is required";
}
else {
$lastName = test_input($_POST["lastName"]);
$valid++;
}
if ($valid >= 2) {
$app_state = "processed";
}
}
// Sanitize data
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($app_state == "empty") {
?>
<h2>Find Customer</h2>
<p><span class="error">* required</span></p>
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="post">
First Name: <input type="text" name="firstName" value="<?php echo $firstName; ?>"><span class="error">* <?php echo $firstNameErr; ?></span><br><br>
Last Name: <input type="text" name="lastName" value="<?php echo $lastName; ?>"><span class="error">* <?php echo $lastNameErr; ?><br><br>
<input type="submit">
</form>
</body>
</html>
<?php
}
elseif ($app_state == "processed") {
if ($firstName == "Vincent") {
$app_state = "Logged in";
}
}
if ($app_state == "Logged in") {
echo("Logged in<br> Hello Vincent</body></html>");
}
?>
您可以检查是否有任何无效数据,如果没有无效数据,则处理,然后重定向。例如
if (empty($firstNameErr) && empty($lastNameErr)) {
// process the data
// redirect to other page.
header('LOCATION: index.php');
exit();
}
请注意,您需要在输出任何 HTML 之前执行这些代码,否则无法执行重定向。例如:
<?php
// validate the data
// no error, proccess, then, redirect
?>
html code here.
如果你是关于这些东西的,那么依赖这样的重定向对 SEO 不利。对于SEO来说,您的表单最好自然地发布到另一个页面。