PHP message System (2), PHP message system
1, after the reference (MVC Framework Summary) has been set down the overall framework, then the request default parameters will become:
// Default Request home: // P=front // C=findex // A=show
1.1 Locate the action under Controller Findexcontroller:
// Home Show Action Public function showaction () { // Prevent malicious calls $This---checkauthority ( ); // no specific model required, directly loaded into the template Require Cur_vie_path. ' index.html ' ; }
2, to prevent malicious calls this piece on our controller level, all models are almost used, so put it in the basic model,
/* * Prevent malicious call method, apply to all methods * /protected function checkauthority () { If(!defined ('in_ng')) { exit (" You no authority"); } }
Call this method at any time
3, rejected PHP low version, because always running, so directly into the initial file Framework.class.php
4.1 Making CSS Include files
Every page to import CSS, really troublesome, we set a file title.inc.html.
But each page has a different CSS, you can define a constant to prove this page.
Define (' SCRIPT ', ' Index ');
Your Title
PHP 'application/view/front/title.inc.html' ?>
where title.inc.html code
"shortcut icon" href="favicon.ico" /> "
stylesheet " type="text/css" href="public/front/css/1/ Basic.css "/>
"stylesheet" type="text/css " href="public/front/css/1/
. css" />
5.2 Create registration page register.html
The parameter request is: Request registration page P=Front C=fregister A=show
The code is:
"Register"> Member Registration
5.3 Click on the Avatar Pop-up to select the Avatar frame:
"public/front/face/m01.gif" alt=" Avatar Select " onclick=" javascript:window.open (' face.php ', ' face ', ' width=400,height=400,top=0,left=0 ')" />
This page contains 64 avatar pages, which can be listed in the form of an array loop.
foreach (Range (1,9 as $number) {?>
"
face/m0
. gif
" />
6. Submit data
To submit the data to this page, a name value pair must be made to determine whether the data was submitted.
? action=Register can also design a hidden field to do the name value pair <inputtype="hidden" name="action"value="register "/>
6.1 Check the Verification code
The purpose of the verification code is to prevent malicious registration and some forms of forged cross-site attacks.
The verification code is stored in the session, you can determine whether the current form submission, and refresh once the verification code with
That changes and prevents multiple malicious registrations.
if (! ($_post['yzm'] = = $_session['code')) {_alert_back (' Verification code is wrong, please re-enter! ');}
6.2. Accept Data
design variables, submit data to assign to variable $_username=$_post['username']; You can also use an array to hold the value submitted over $_clean=Array (); $_clean['username') =$_post['username')
6.3 Various restrictions and filters
= Trim ($_string);
2. Second length limit if (Mb_strlen ($_string,'utf-8') < $_min_num | | Mb_strlen ($_string,'utf-8 ') > $_max_num)
' /[<>\ ' \ ' \ \]/ ' ; if (Preg_match ($_char_pattern,$_string)) {}
4. Sensitive user name limit $_mg[0'; $_mg[1' One ' ;2'$_mg['; foreach as $value) {$_mg_string. ' ['. $value. ' ]'. ' \ n ' ;} if (In_array ($_STRING,$_MG)) {_alert_back ($_mg_string. ' The above sensitive user name may not register! ');}
5. Escape input, effectively prevent SQL injection problem // mysql_escape_string (); // addslashes () return // This mysql_ is required to connect to the database
http://www.bkjia.com/PHPjc/970605.html www.bkjia.com true http://www.bkjia.com/PHPjc/970605.html techarticle PHP Message System (2), PHP message system 1, referring to the previous (MVC framework Summary) after the overall framework is set down, then the request default parameters will become://Default Request First page://P ...