PHP验证时有用的几段代码

1.htmlspecialchars()

 htmlspecialchars() 函数把一些预定义的字符转换为 HTML 实体。预定义的字符是:

  • & (和号) 成为 &
  • " (双引号) 成为 "
  • ' (单引号) 成为 '
  • < (小于) 成为 &lt;
  • > (大于) 成为 &gt;

2.一般用到的验证输入的函数:

function test_input($data)
{
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
}

3.preg_match("/^[a-zA-Z ]*$/",$name) 匹配只包含字母和空格的情况,多用于验证名字。

 preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email) 对邮箱进行验证

   preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website) 对邮箱进行验证

4.一个完整的表单验证程序

  1 <!DOCTYPE HTML> 
  2 <html>
  3 <head>
  4 <meta charset="utf-8">
  5 <title>XXXXXXX</title>
  6 <style>
  7 .error {color: #FF0000;}
  8 </style>
  9 </head>
 10 <body> 
 11 
 12 <?php
 13 // 定义变量并默认设置为空值
 14 $nameErr = $emailErr = $genderErr = $websiteErr = "";
 15 $name = $email = $gender = $comment = $website = "";
 16 
 17 if ($_SERVER["REQUEST_METHOD"] == "POST")
 18 {
 19     if (empty($_POST["name"]))
 20     {
 21         $nameErr = "名字是必需的";
 22     }
 23     else
 24     {
 25         $name = test_input($_POST["name"]);
 26         // 检测名字是否只包含字母跟空格
 27         if (!preg_match("/^[a-zA-Z ]*$/",$name))
 28         {
 29             $nameErr = "只允许字母和空格"; 
 30         }
 31     }
 32     
 33     if (empty($_POST["email"]))
 34     {
 35       $emailErr = "邮箱是必需的";
 36     }
 37     else
 38     {
 39         $email = test_input($_POST["email"]);
 40         // 检测邮箱是否合法
 41         if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
 42         {
 43             $emailErr = "非法邮箱格式"; 
 44         }
 45     }
 46     
 47     if (empty($_POST["website"]))
 48     {
 49         $website = "";
 50     }
 51     else
 52     {
 53         $website = test_input($_POST["website"]);
 54         // 检测 URL 地址是否合法
 55         if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website))
 56         {
 57             $websiteErr = "非法的 URL 的地址"; 
 58         }
 59     }
 60     
 61     if (empty($_POST["comment"]))
 62     {
 63         $comment = "";
 64     }
 65     else
 66     {
 67         $comment = test_input($_POST["comment"]);
 68     }
 69     
 70     if (empty($_POST["gender"]))
 71     {
 72         $genderErr = "性别是必需的";
 73     }
 74     else
 75     {
 76         $gender = test_input($_POST["gender"]);
 77     }
 78 }
 79 
 80 function test_input($data)
 81 {
 82     $data = trim($data);
 83     $data = stripslashes($data);
 84     $data = htmlspecialchars($data);
 85     return $data;
 86 }
 87 ?>
 88 
 89 <h2>PHP 表单验证实例</h2>
 90 <p><span class="error">* 必需字段。</span></p>
 91 <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> 
 92    名字: <input type="text" name="name" value="<?php echo $name;?>">
 93    <span class="error">* <?php echo $nameErr;?></span>
 94    <br><br>
 95    E-mail: <input type="text" name="email" value="<?php echo $email;?>">
 96    <span class="error">* <?php echo $emailErr;?></span>
 97    <br><br>
 98    网址: <input type="text" name="website" value="<?php echo $website;?>">
 99    <span class="error"><?php echo $websiteErr;?></span>
100    <br><br>
101    备注: <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea>
102    <br><br>
103    性别:
104    <input type="radio" name="gender" <?php if (isset($gender) && $gender=="female") echo "checked";?>  value="female">105    <input type="radio" name="gender" <?php if (isset($gender) && $gender=="male") echo "checked";?>  value="male">106    <span class="error">* <?php echo $genderErr;?></span>
107    <br><br>
108    <input type="submit" name="submit" value="Submit"> 
109 </form>
110 
111 <?php
112 echo "<h2>您输入的内容是:</h2>";
113 echo $name;
114 echo "<br>";
115 echo $email;
116 echo "<br>";
117 echo $website;
118 echo "<br>";
119 echo $comment;
120 echo "<br>";
121 echo $gender;
122 ?>
123 
124 </body>
125 </html>

 

posted @ 2017-03-04 18:05  godlei  阅读(208)  评论(0编辑  收藏  举报