在我的表单中,用户可以添加其社交网站的所有URL。但是他们不能添加具有http://或https://的URL。
如果用户在提交表单中添加了http://或https://;表单尚未提交,它重定向了我的错误页面。
但我希望如果用户在表单提交中添加http://或https://,它将显示错误消息,而不会在错误页面上重定向。
这是我的表格流程。(Mysql已弃用,但我稍后将全部转移)
if(isset($_POST['update_ac'])){
$web = mysql_real_escape_string($_POST['web']);
$fb = mysql_real_escape_string($_POST['fb']);
$tw = mysql_real_escape_string($_POST['tw']);
$gg = mysql_real_escape_string($_POST['gg']);
$fk = mysql_real_escape_string($_POST['fk']);
$rn = mysql_real_escape_string($_POST['rn']);
$yt = mysql_real_escape_string($_POST['yt']);
$ig = mysql_real_escape_string($_POST['ig']);
$it = mysql_real_escape_string($_POST['it']);
$ms = mysql_real_escape_string($_POST['ms']);
$pt = mysql_real_escape_string($_POST['pt']);
$sc = mysql_real_escape_string($_POST['sc']);
$tm = mysql_real_escape_string($_POST['tm']);
$vv = mysql_real_escape_string($_POST['vv']);
$ws = mysql_real_escape_string($_POST['ws']);
# array of keys to check...
$keys = array('web','fb','tw','gg','fk','rn','yt','ig','it','ms','pt','sc','tm','vv','ws');
# array of invalid strings to to check for...
$invalid_strings = array("http://","https://");
# array to hold errors found...
$errors = array();
foreach($keys as $key) { # iterate through each key to check
foreach($invalid_strings as $invalid) { # iterate through each invalid string
if (strpos($_POST[$key],$invlid) > -1) {
$errors[] = "$key cannot contain '$invalid'";
}
}
}
# if errors were found...
if (count($errors) > 0) {
$error_msg = implode($errors,", ");
echo $error_msg;
} else {
// update data in mysql database
$sql = mysql_query("UPDATE social SET web='$web', fb='$fb', tw='$tw', gg='$gg', fk='$fk', rn='$rn', yt='$yt', ig='$ig', it='$it', ms='$ms', pt='$pt', sc='$sc', tm='$tm', vv='$vv', ws='$ws' WHERE username = '".$_SESSION['username']."'");
$result=mysql_query($sql);
// if successfully updated.
if($result){
echo '<strong>Updated Successful</strong>';
echo '<META HTTP-EQUIV=Refresh //CONTENT="0">';
}
else {
echo '<strong>Sorry !</strong> Not update, try again later';
}
}
}
<form class="form-horizontal" role="form" name="form1" method="post" action="">
<input name="username" type="text" id="username" value="<? echo $session->username; ?> (Cannot change)" disabled/>
<input name="web" type="text" id="web" placeholder="Enter url without http:// or https://" value="<? echo $web; ?>" size="15">
<input name="fb" type="text" id="fb" placeholder="Enter url without http:// or https://" value="<? echo $fb; ?>" size="15">
<input name="tw" type="text" id="tw" placeholder="Enter url without http:// or https://" value="<? echo $tw; ?>" size="15">
<input name="gg" type="text" id="gg" placeholder="Enter url without http:// or https://" value="<? echo $gg; ?>" size="15">
<input name="fk" type="text" id="fk" placeholder="Enter url without http:// or https://" value="<? echo $fk; ?>" size="15">
<input name="rn" type="text" id="rn" placeholder="Enter url without http:// or https://" value="<? echo $rn; ?>" size="15">
<input name="yt" type="text" id="yt" placeholder="Enter url without http:// or https://" value="<? echo $yt; ?>" size="15">
<input name="ig" type="text" id="ig" placeholder="Enter url without http:// or https://" value="<? echo $ig; ?>" size="15">
<input name="it" type="text" id="it" placeholder="Enter url without http:// or https://" value="<? echo $it; ?>" size="15">
<input name="ms" type="text" id="ms" placeholder="Enter url without http:// or https://" value="<? echo $ms; ?>" size="15">
<input name="pt" type="text" id="pt" placeholder="Enter url without http:// or https://" value="<? echo $pt; ?>" size="15">
<input name="sc" type="text" id="sc" placeholder="Enter url without http:// or https://" value="<? echo $sc; ?>" size="15">
<input name="tm" type="text" id="tm" placeholder="Enter url without http:// or https://" value="<? echo $tm; ?>" size="15">
<input name="vv" type="text" id="vv" placeholder="Enter url without http:// or https://" value="<? echo $vv; ?>" size="15">
<input name="ws" type="text" id="ws" placeholder="Enter url without http:// or https://" value="<? echo $ws; ?>" size="15">
<input name="userid" type="hidden" id="userid" value="<? echo $session->userid; ?>">
<input type="submit" name="update_ac" value="Submit">
</form>
这是我处理它的方式…
<?php
# array of keys to check...
$keys = array('web','fb','tw','gg','fk','rn','yt','ig','it','ms','pt','sc','tm','vv','ws');
# array of invalid strings to to check for...
$invalid_strings = array("http://","https://");
# array to hold errors found...
$errors = array();
foreach($keys as $key) { # iterate through each key to check
foreach($invalid_strings as $invalid) { # iterate through each invalid string
if (strpos($_POST[$key],$invlid) > -1) {
$errors[] = "$key cannot contain '$invalid'";
}
}
}
# if errors were found...
if (count($errors) > 0) {
$error_msg = implode($errors,", ");
echo $error_msg;
} else {
# the code to run if no errors found
}
?>
dbinns66的答案将完全符合您的要求,尽管我建议您采取另一种方案:如果用户将URL从剪贴板粘贴到您的表单中(这种情况经常发生),只需删除协议部分:
// remove the HTTP(S) part from a string in a case-insensitive manner
function removeProtocol($line) {
return preg_replace('|^http?(s*)://|i', "", $line);
}
// I tend to not overwrite superglobals, you may use $_POST[$field]= ... instead
$arrCheckedFields= array();
// fields possibly containing URLs
$arrFieldsToHandle = array('web','fb','tw','gg','fk','rn','yt','ig','it','ms','pt','sc','tm','vv','ws');
foreach($arrFieldsToHandle as $field) {
$arrCheckedFields[$field]= removeProtocol($_POST[$field]);
}