11

提前道歉。今天是我使用 php 的第一天,我终于想出了如何让我的页面发回给自己(我的页面是 .html,而不是 .php),但现在我无法弄清楚如何在验证表单后将数据带到新页面。我已经为此工作了很长一段时间,而且我很生气。这是一个简单的例子:

<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>

<?php
// Initialize variables and set to empty strings
$firstName=$lastName="";
$firstNameErr=$lastNameErr="";

// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
   if (empty($_POST["firstName"])) {
      $firstNameErr = "First name is required";
   }
   else {
      $firstName = test_input($_POST["firstName"]);
   }
   if (empty($_POST["lastName"])) {
      $lastNameErr = "Last name is required";
   }
   else {
      $lastName = test_input($_POST["lastName"]);
   }
}

// Sanitize data
function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}
?>

<h2>Find Customer</h2>
<p><span class="error">* required</span></p>
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="post">
First Name: <input type="text" name="firstName" value="<?php echo $firstName; ?>"><span class="error">* <?php echo $firstNameErr; ?></span><br><br>
Last Name: <input type="text" name="lastName" value="<?php echo $lastName; ?>"><span class="error">* <?php echo $lastNameErr; ?><br><br>
<input type="submit">
</form>

</body>
</html>

好的。所以在上面,您会看到表单回发给自己,以便它可以验证。好的。现在,考虑到所有事情都是有效的,我如何发布到另一个脚本(action="otherAction.php",也许?)以便实际处理数据?

此外,感谢任何安全建议。我尽力考虑到安全性。谢谢。

4

4 回答 4

7

当您的所有条件都满足时,您可以使用header('Location: http:mywebsite.com/otherAction.php')

// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
   $valid = true; //Your indicator for your condition, actually it depends on what you need. I am just used to this method.

   if (empty($_POST["firstName"])) {
      $firstNameErr = "First name is required";
      $valid = false; //false
   }
   else {
      $firstName = test_input($_POST["firstName"]);
   }
   if (empty($_POST["lastName"])) {
      $lastNameErr = "Last name is required";
      $valid = false;
   }
   else {
      $lastName = test_input($_POST["lastName"]);
   }

  //if valid then redirect
  if($valid){
   header('Location: http://mywebsite.com/otherAction.php');
   exit();
  }
}

在我的一些作品中,我的设置是这样的,但我在这里学到了一些不好的东西。那是当您在提交表单后刷新页面时,POST 值仍然存在并且可能用于重复条目。这不是好的国际海事组织。

于 2013-09-16T03:39:08.037 回答
5

使用 javascript 进行验证,然后将 post 表单发送到它自己或另一个可以处理数据的页面。

<!DOCTYPE html>
<html>
<head>
<script>
function validateForm()
{
var x=document.forms["myForm"]["fname"].value;
if (x==null || x=="")
  {
  alert("First name must be filled out");
  return false;
  }
}
</script>
</head>

<body>
<form name="myForm" action="demo_form.php" onsubmit="return validateForm()" method="post">
First name: <input type="text" name="fname">
<input type="submit" value="Submit">
</form>
</body>

</html>

来源:http ://www.w3schools.com/js/js_form_validation.asp

<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>

<?php
// Initialize variables and set to empty strings
$firstName=$lastName="";
$firstNameErr=$lastNameErr="";

// Control variables
$app_state = "empty";  //empty, processed, logged in
$valid = 0;

// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
   if (empty($_POST["firstName"])) {
      $firstNameErr = "First name is required";
   }
   else {
      $firstName = test_input($_POST["firstName"]);
      $valid++;
   }
   if (empty($_POST["lastName"])) {
      $lastNameErr = "Last name is required";
   }
   else {
      $lastName = test_input($_POST["lastName"]);
      $valid++;
   }

   if ($valid >= 2) {
      $app_state = "processed";
   }
}

// Sanitize data
function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}

if ($app_state == "empty") {
?>
<h2>Find Customer</h2>
<p><span class="error">* required</span></p>
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="post">
First Name: <input type="text" name="firstName" value="<?php echo $firstName; ?>"><span class="error">* <?php echo $firstNameErr; ?></span><br><br>
Last Name: <input type="text" name="lastName" value="<?php echo $lastName; ?>"><span class="error">* <?php echo $lastNameErr; ?><br><br>
<input type="submit">
</form>

</body>
</html>
<?php
}
elseif ($app_state == "processed") {
    if ($firstName == "Vincent") {
        $app_state = "Logged in";
    }
}

if ($app_state == "Logged in") {
    echo("Logged in<br> Hello Vincent</body></html>");
}
?>
于 2013-09-16T03:33:54.200 回答
0

您可以检查是否有任何无效数据,如果没有无效数据,则处理,然后重定向。例如

 if (empty($firstNameErr) && empty($lastNameErr)) {
       // process the data

       // redirect to other page.
       header('LOCATION: index.php');
       exit();
 }

请注意,您需要在输出任何 HTML 之前执行这些代码,否则您无法执行重定向。例如:

<?php
      // validate the data
      // no error, proccess, then, redirect
?>
html code here.
于 2013-09-16T03:37:18.433 回答
0

如果您对这些东西感兴趣,那么依赖这样的重定向对 SEO 不利。对于 SEO,您的表单自然发布到另一个页面会更好。

于 2016-04-29T00:17:23.133 回答