PHP form Validation-w3school PHP learning Notes W3school rookie W3school official website w3school Tutorial Download

Source: Internet
Author: User
Tags php form php form validation
Note: Be aware of the security of your data when working with the form in PHP
Validating submitted data before processing an HTML form is necessary to prevent hackers from hacking and spam.

The above HTML form assumes the following rules apply:
Fields – Validation rules
Name – required, must contain letters and spaces
Email – required, must contain a valid e-mail address, including @ and.
URL (website) – optional, if the fill must be a valid URL
Comment (comment) – optional, multi-line input field
Gender (gender) – required, select an item
The HTML code is as follows:

 
     Head
 ><body><formAction=' test.php 'method=' post '>Name:<inputtype=' text 'name=' name ' /><br/>E-Mail:<inputtype=' text 'name=' email ' /><br/>Url:<inputtype=' text 'name=' website ' /><br/>Comments:<textareaname=' comment 'rows=3cols= >  
     textarea
 ><br/>Gender:<inputtype="Radio"name=' gender 'value =0checked=' checked '/>Women<inputtype="Radio"name=' gender 'value=1 / >Men<br/><inputtype=' Submit 'value=' Submit ' /> 
     Form
 > 
     Body
 > 
     HTML
 >

This form submits the data through the Post method
Validating form data with PHP:
Typically, when you filter submitted data, the Htmlspecialchars () function is used to process the data, which converts HTML tag characters into HTML entities. For example <和> , it will be replaced by lt; and the gt;. This prevents the attacker from exploiting the code by injecting HTML or JS code into the form.
After we have used the Htmlspecailchars () function, the following code

<script>location.href('http://www.hacked.com')
   
    script>

Will be escaped as:

&lt;script&gt;location.href('http://www.hacked.com')&lt;/script&gt;

, the submitted data is now secure and will not cause damage to the page code.
In addition, there are two things we need to do in addition to filtering data with the Htmlspecialchar () function:

    1. Remove unnecessary characters from user input data (such as extra spaces, tabs, line breaks, etc.), and use the trim () function of PHP more
    2. Delete the backslash (\) in the user input data using PHP's Stripslashes () function
      form Data Processing Example:

    
     $name=$email=$website=$comment='';$gender=0;$name=test_input($_POST['name']);$email=test_input($_POST['email']);$website=test_input($_POST['website']);$comment=test_input($_POST['comment']);functiontest_input($data){$data=trim($data);//去除$data数据两侧多余的空格$data=stripslashes($data);//去除$data中的反斜杠$data=htmlspecialchars($data);//将html标签转以为html实体return$data;}?>

'). addclass (' pre-numbering '). Hide (); $ (this). addclass (' has-numbering '). Parent (). append ($numbering); for (i = 1; i <= lines; i++) {$numbering. Append ($ ('
  • '). Text (i)); }; $numbering. FadeIn (1700); }); });

    The above describes the php form validation-w3school PHP learning notes, including the w3school aspects of the content, I hope the PHP tutorial interested in a friend helpful.

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.