PHP中的表单验证之后的标题重定向 [英] Header Redirect after form Validation in PHP
问题描述
我试图将这段代码作为表单处理的一部分:
<?php
if(isset($ _ POST ['senderEmail']))
{
try
{
require'_php / _security / validation.php'; //见下文
$ rules = array(
'senderEmail'=>'validEmail',
'emailTextbox'=>'validTextbox',
) ;
$ validation = new Validation();
$ b $ if($ validation-> validate($ _ POST,$ rules)== TRUE){
require(_ php / database / dbProcessing.php); //数据库包含的表单处理
}
else {
foreach($ validation-> emailErrors as $ error){
$ emailErrors [] = $ error ;
$ _SESSION ['$ emailErrors'] = $ emailErrors;
header('Location:indexmobile.php#emailErrors');
die('ABORT!');
$ b catch(PDOException $ e)
{
$ error ='将元素添加到数据库:'。 $ E->的getMessage();
回显错误:。 $错误;
exit();
}
exit();
}
?>
我做验证的validation.php有这个:
<?php
类验证{
public $ errors = array();
public function validate($ data,$ rules){
$ valid = TRUE;
foreach($ rules as $ fieldname => $ rule){
$ callbacks = explode('|',$ rule);
foreach($ callbacks as $ callback){
$ value = isset($ data [$ fieldname])? $ data [$ fieldname]:NULL;
if($ this-> $ callback($ value,$ fieldname)== FALSE)$ valid = FALSE;
}
}
return $ valid;
public function validEmail($ value,$ fieldname){
$ valid =!empty($ value);
if($ valid == FALSE){
$ this-> emailErrors [] =$ fieldname是必需的;
返回$ valid;
} else {
$ valid = filter_var($ value,FILTER_VALIDATE_EMAIL);
if($ valid == FALSE)$ this-> emailErrors [] =$ fieldname必须是有效的电子邮件地址;
返回$ valid;
public function validTextbox($ value,$ fieldname){
$ valid =!empty($ value);
if($ valid == FALSE){
$ this-> emailErrors [] =$ fieldname是必需的;
返回$ valid;
} else {
$ whitelist ='/ ^ [a-zA-Z0-9,\.\ + \\ n;:!_ \ - @] + $ /' ;
$ textarea = strip_tags($ value);
$ textarea = mysql_real_escape_string($ textarea);
$ valid = preg_match($ whitelist,$ textarea);
if($ valid == FALSE)$ this-> errors [] =$ fieldname包含无效字符;
返回$ valid;
$ b $ / code>
使用这,我有重定向问题(我认为)。似乎进一步,我有验证错误。因此,我的问题是:
- 我是否正确地进行标题重定向?我读过必须在发送任何实际输出之前调用header(),所以这是重定向不正确的原因吗?如果我需要显示/发送某些内容到重定向页面,如何进行重定向?
- 函数validTextbox总是会导致字段为空的错误。为什么如此?
- 我的整个表单验证过程是验证表单字段的一个好方法(我通过观看在线教程学到了这些)?什么是更好的方法?
- 在这种情况下,错误报告有什么问题吗?
感谢那些回复的人。我是PHP新手,并尽我所能学习该语言。
1 - 有几种方法可将消息传递到您要重定向的页面。一个是通过 $ _ GET
像这样
$ message =一些消息为下一页。;
$ message = urlencode($ message);
header(Location:page.php?message =。$ message);
然后在page.php上
<$ p $如果(!empty($ _ GET ['message']))
{
$ _GET ['message'];
}
同样,您也可以使用会话(安全性较低)
$ _ SESSION ['message'] ='其他信息';
然后在page.php上
<$ p $如果($ empty($ _ SESSION ['message']))
{
echo $ _SESSION ['message'];
unset($ _ SESSION ['message']);
2 - 我必须看到你传递给 validate
函数。你应该做一个 var_dump
$ _ POST
并将其添加到你的问题中。
<3> - 这取决于您的标准。如果你只是检查空虚的过度杀伤力。我不知道你需要/认为哪些文本是有效的,但是正则表达式是执行验证的合理方式。
4 - 见#2。
I am trying this code as part of form processing:
<?php
if(isset($_POST['senderEmail']))
{
try
{
require '_php/_security/validation.php'; //SEE BELOW
$rules = array(
'senderEmail' => 'validEmail',
'emailTextbox' => 'validTextbox',
);
$validation = new Validation();
if ($validation->validate($_POST, $rules) == TRUE) {
require("_php/database/dbProcessing.php"); //Form Proccessing for database inclusion
}
else {
foreach($validation->emailErrors as $error){
$emailErrors[] = $error;
$_SESSION['$emailErrors'] = $emailErrors;
header('Location:indexmobile.php#emailErrors');
die('ABORT!');
}
}
}
catch (PDOException $e)
{
$error = 'Error adding elements to database: ' . $e->getMessage();
echo "Error: " . $error;
exit();
}
exit();
}
?>
The validation.php where I do my validation has this:
<?php
class Validation {
public $errors = array();
public function validate($data, $rules) {
$valid = TRUE;
foreach ($rules as $fieldname => $rule) {
$callbacks = explode('|', $rule);
foreach ($callbacks as $callback) {
$value = isset($data[$fieldname]) ? $data[$fieldname] : NULL;
if ($this->$callback($value, $fieldname) == FALSE) $valid = FALSE;
}
}
return $valid;
}
public function validEmail($value, $fieldname) {
$valid = !empty($value);
if ($valid == FALSE) {
$this->emailErrors[] = "The $fieldname is required";
return $valid;
} else {
$valid = filter_var($value, FILTER_VALIDATE_EMAIL);
if ($valid == FALSE) $this->emailErrors[] = "The $fieldname needs to be a valid email";
return $valid;
}
}
public function validTextbox($value, $fieldname) {
$valid = !empty($value);
if ($valid == FALSE) {
$this->emailErrors[] = "The $fieldname is required";
return $valid;
} else {
$whitelist = '/^[a-zA-Z0-9 ,\.\+\\n;:!_\-@]+$/';
$textarea = strip_tags($value);
$textarea = mysql_real_escape_string($textarea);
$valid = preg_match($whitelist, $textarea);
if ($valid == FALSE) $this->errors[] = "The $fieldname contains invalid characters";
return $valid;
}
}
}
Upon using this, Im have issues with the redirect (I think). It seems further that Im having errors in validation. My questions are thus:
- Am I doing the header redirect correctly? I've read that " header() must be called before any actual output is sent,.." So is this the reason why this redirect is incorrect? how to make a redirect if i need to show/send something to the redirected page?
- function validTextbox always ends up an error that the field is empty. Why so?
- Is my entire process of form validation a good way of validating form fields (which i learned from watching an online tutorial)? What is a better way?
- Is there something wrong with error reporting in this case?
Thank you for those who replies. I am new to PHP and trying my best to learn the language.
1 - There are several ways to pass on a message to the page you are redirecting to. One is through $_GET
like this
$message="Some message for the next page.";
$message=urlencode($message);
header("Location:page.php?message=".$message);
then on page.php
if(!empty($_GET['message']))
{
$_GET['message'];
}
similarly you can also use the session (less secure)
$_SESSION['message']='some other message';
then on page.php
if (!empty($_SESSION['message']))
{
echo $_SESSION['message'];
unset($_SESSION['message']);
}
2 - I would have to see what you are passing to your validate
function. You should do a var_dump
of $_POST
and add that to your question.
3 - It depends on your criteria. If you are just checking for emptiness its overkill. I don't know what text you need / consider valid, but a regex is a reasonable way of enforcing validation.
4 - See #2.
这篇关于PHP中的表单验证之后的标题重定向的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!