互联网程序设计·PHP语言之表单进阶
第1关 表单验证 – 安全的资料填写
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<label>
名字:<input type="text" name="name">
</label>
<label>
年龄:<input type="text" name="age">
</label>
<input type="submit" value="提交">
</form>
<?php
$name = $age = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$name = formatted_input($_POST['name']);
$age = formatted_input($_POST['age']);
echo '欢迎'.$name.',你今年'.$age.'岁';
}
/********** Begin *********/
function formatted_input($val){
$val = htmlspecialchars($val);
$val = trim($val);
$val = stripslashes($val);
return $val;
}
/********** End *********/
?>
</body>
</html>
第2关 必需字段验证 – 一个完整的表单实例(一)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$nameErr = $emailErr = $genderErr = '';
$name = $email = $gender = $comment = $website = '';
/********** Begin *********/
if (empty($_POST['name'])) {
$nameErr = '名字是必需的';
} else {
$name = formatted_input($_POST['name']);
}
if (empty($_POST['email'])) {
$emailErr = '邮箱是必需的';
} else {
$email = formatted_input($_POST['email']);
}
if (empty($_POST['gender'])) {
$genderErr = '性别是必需的';
} else {
$gender = formatted_input($_POST['gender']);
}
/********** End *********/
function formatted_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<p>
<span class="error">* 为必需字段</span>
</p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<label>
姓名:<input type="text" name="name">
</label>
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label>
邮箱:<input type="text" name="email">
<span class="error">* <?php echo $emailErr;?></span>
</label>
<br><br>
<label>
博客:<input type="text" name="website">
</label>
<br><br>
<label>
备注:<textarea name="comment" rows="5" cols="40"></textarea>
</label>
<br><br>
<label>
性别:<input type="radio" name="gender" value="male">男
<input type="radio" name="gender" value="female">女
<span class="error">* <?php echo $genderErr;?></span>
</label>
<br><br>
<input type="submit" name="submit" value="提交">
</form>
<?php
echo '你输入的内容是:'."<br>";
echo $name."<br>";
echo $email."<br>";
echo $website."<br>";
echo $comment."<br>";
echo $gender."<br>";
?>
</body>
</html>
第3关 邮箱地址和URL验证 – 一个完整的表单实例(二)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$nameErr = $emailErr = $genderErr = $websiteErr = '';
$name = $email = $gender = $comment = $website = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (empty($_POST['name'])) {
$nameErr = '名字是必需的';
} else {
$name = formatted_input($_POST['name']);
/********** Begin *********/
if (!preg_match("/^[a-zA-Z ]*$/", $name)) {
$nameErr = '只允许字母和空格';
$name = ''; //格式非法,将$name变量清空
}
/********** End *********/
}
if (empty($_POST['email'])) {
$emailErr = '邮箱是必需的';
} else {
$email = formatted_input($_POST['email']);
/********** Begin *********/
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) {
$emailErr = '非法的邮箱格式';
$email = ''; //格式非法,将$email变量清空
}
/********** End *********/
}
if (empty($_POST['website'])) {
$website = '';
} else {
$website = formatted_input($_POST['website']);
/********** Begin *********/
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
$websiteErr = '非法的 URL 地址';
$website = ''; //格式非法,将$website变量清空
}
/********** End *********/
}
if (empty($_POST['comment'])) {
$comment = '';
} else {
$comment = formatted_input($_POST['comment']);
}
if (empty($_POST['gender'])) {
$genderErr = '性别是必需的';
} else {
$gender = formatted_input($_POST['gender']);
}
}
function formatted_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<p>
<span class="error">* 为必需字段</span>
</p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<label>
姓名:<input type="text" name="name">
</label>
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label>
邮箱:<input type="text" name="email">
<span class="error">* <?php echo $emailErr;?></span>
</label>
<br><br>
<label>
博客:<input type="text" name="website">
<span class="error"><?php echo $websiteErr;?></span>
</label>
<br><br>
<label>
备注:<textarea name="comment" rows="5" cols="40"></textarea>
</label>
<br><br>
<label>
性别:<input type="radio" name="gender" value="male">男
<input type="radio" name="gender" value="female">女
<span class="error">* <?php echo $genderErr;?></span>
</label>
<br><br>
<input type="submit" name="submit" value="提交">
</form>
<?php
echo '你输入的内容是:'."<br>";
echo $name."<br>";
echo $email."<br>";
echo $website."<br>";
echo $comment."<br>";
echo $gender."<br>";
?>
</body>
</html>
第4关 综合运用 – 一个完整的表单实例(三)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$nameErr = $emailErr = $genderErr = $websiteErr = '';
$name = $email = $gender = $comment = $website = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (empty($_POST['name'])) {
$nameErr = '名字是必需的';
} else {
$name = formatted_input($_POST['name']);
/********** Begin *********/
if (!preg_match("/^[a-zA-Z ]*$/", $name)) {
$nameErr = '只允许字母和空格';
$name = ''; //格式非法,将$name变量清空
}
/********** End *********/
}
if (empty($_POST['email'])) {
$emailErr = '邮箱是必需的';
} else {
$email = formatted_input($_POST['email']);
/********** Begin *********/
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) {
$emailErr = '非法的邮箱格式';
$email = ''; //格式非法,将$email变量清空
}
/********** End *********/
}
if (empty($_POST['website'])) {
$website = '';
} else {
$website = formatted_input($_POST['website']);
/********** Begin *********/
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
$websiteErr = '非法的 URL 地址';
$website = ''; //格式非法,将$website变量清空
}
/********** End *********/
}
if (empty($_POST['comment'])) {
$comment = '';
} else {
$comment = formatted_input($_POST['comment']);
}
if (empty($_POST['gender'])) {
$genderErr = '性别是必需的';
} else {
$gender = formatted_input($_POST['gender']);
}
}
function formatted_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<p>
<span class="error">* 为必需字段</span>
</p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<label>
姓名:<input type="text" name="name">
</label>
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label>
邮箱:<input type="text" name="email">
<span class="error">* <?php echo $emailErr;?></span>
</label>
<br><br>
<label>
博客:<input type="text" name="website">
<span class="error"><?php echo $websiteErr;?></span>
</label>
<br><br>
<label>
备注:<textarea name="comment" rows="5" cols="40"></textarea>
</label>
<br><br>
<label>
性别:<input type="radio" name="gender" value="male">男
<input type="radio" name="gender" value="female">女
<span class="error">* <?php echo $genderErr;?></span>
</label>
<br><br>
<input type="submit" name="submit" value="提交">
</form>
<?php
echo '你输入的内容是:'."<br>";
echo $name."<br>";
echo $email."<br>";
echo $website."<br>";
echo $comment."<br>";
echo $gender."<br>";
?>
</body>
</html>