基本的PHP过程的HTML [英] Basic php process for html
问题描述
当使用这个PHP过程的html表单时,我只得到一个你好,的回应。这里是我上传文件的链接,也许它是我的一个问题break.hostoi.com PHP代码它自己
<?php
$ name = $ _POST [$ name];
回声你好,。 $名称;
?>
以下是需要的html
< HTML>
< head>< title> Hello World< / title>< / head>
< body>
< form action =process.phpmethod =post>
输入您的姓名'< input name =nametype =text>
< input type =submit>
< / form>
< / body>
< / html>
更改
$ name = $ _POST [$ name];
至
$ name = $ _POST [name];
美元符号不应该存在
[$ name]
^ - //删除此
在打开<?php 标记
后立即向文件顶部添加错误报告
<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
//其余代码
完成此操作后,会抛出类似于这:
$ b
注意:未定义的变量:在第X行的文件路径中的名称
要了解有关错误报告的更多信息,请访问:
另外,请通过PHP.net网站。 http://php.net
您可以浏览其网站,其中显示示例。没有比手册本身更好的开始方式了。
PHP.net上的PHP表单
脚注:
另外,您可以开启 XSS攻击 (跨站点脚本)。使用以下(PHP)过滤器函数: FILTER_SANITIZE_FULL_SPECIAL_CHARS
$ name = filter_var($ _ POST ['name'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
相当于调用
htmlspecialchars()与ENT_QUOTES集合。编码引号可以通过设置来禁用。
编辑:
根据Jeremy1026的评论:
通过做 $ _ POST [$ name] 你基本上在做, $ name = foo; $ _POST ['foo'];
感谢您的额外评论,以改善答案。
When using this php process for html forms I only get a response of just "Hello, ". Here is a link to where I have the file uploaded maybe it is a problem on my end break.hostoi.com the php code it self
<?php
$name = $_POST["$name"];
echo "Hello, " . $name;
?>
and here is the html if needed
<html>
<head><title>Hello World</title></head>
<body>
<form action="process.php" method="post">
Enter your name' <input name="name" type="text">
<input type="submit">
</form>
</body>
</html>
Change
$name = $_POST["$name"];
to
$name = $_POST["name"];
the dollar sign shouldn't be in there
["$name"]
^-- // remove this
Add error reporting to the top of your file(s) right after your opening <?php tag
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of code
Having done this, would've thrown an error similar to this:
Notice: Undefined variable: name in...(path of file) on line X
To learn more on error reporting, visit:
Also, go through the PHP.net website. http://php.net
You can browse through their website where examples are shown. No better way to start than in the manuals themselves.
PHP forms on PHP.net
Footnotes:
Also, you are open to XSS attacks (Cross-site scripting).
Use the following (PHP) filter function: FILTER_SANITIZE_FULL_SPECIAL_CHARS
$name = filter_var($_POST['name'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
Equivalent to calling
htmlspecialchars()withENT_QUOTESset. Encoding quotes can be disabled by setting.
Edit:
As per Jeremy1026's comment:
"by doing $_POST["$name"] you are basically doing, $name = foo; $_POST['foo'];"
Thank you for the additional comment in order to improve the answer.
这篇关于基本的PHP过程的HTML的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
