PHP form Sensitive character filter code
/**
* Form Generation Validation File
*/
$_form = new Formhtmlfind ();
Class formhtmlfind{
/**
* Output Form function
* $formKey Form Key
* $infoArray An array of raw information when updating
*/
Public Function formhtml ($array, $infoArray = ')
{
Detecting whether an array exists
if (empty ($array)) return false;
$newform = null;
Information Array (update information)
$this->infoarray =!empty ($infoArray) $infoArray: Array ();
$this->array[' class '] = Get_class_methods (Get_class ());
foreach ($array as $key => $arr)
{
Convert key value to pure English
$key = Preg_replace ("/[^a-z]/i", "", $key);
Generate a form
$newform. = $this->outputform ($arr, $key);
}
Output form
Return $newform. $this->jserror ();
}
/**
* Generate Form functions
*/
Private Function Outputform ($arr, $key)
{
$value = null;
if (empty ($arr)) return false;
Input Type
$type = $key;
Input NAME
$name = Trim ($arr [0]);
Input initial value does not contain multiple selections, radio class
$value = (!empty ($this->infoarray[$name))? Trim ($this->infoarray[$name]): Trim ($arr [1]);
$value = Empty ($this->post[$name])? $value: Trim ($this->post[$name]);
Input Title
$title = Trim ($arr [2]);
Style
$style = Trim ($arr [3]);
if ($key!== "hidden")
{
$dt = "<dt>{$title}</dt><dd>";
JS Error Tip
$DD = "<tt id=" j{$name} "></tt></dd>rn";
}
Return (!preg_match ("/checkbox|select|radio/i", $key))?
$dt. $this->newinput ($type, $name, $value, $style, $title). $DD:
$this->formselect ($type, $name, $arr [1], $title, $style); Multi-Select Class
}
/**
* Submit Data detection
*/
Public Function Postform ($array)
{
Detecting whether an array exists
if (Empty ($array) | | Empty ($_post)) return false;
$this->post = $_post;
$this->array[' class '] = Get_class_methods (Get_class ());
foreach ($array as $key => $arr)
{
Convert key value to pure English
$key = Preg_replace ("/[^a-z]/i", "", $key);
Detect logoff File class form
if (!empty ($arr) && ' file '!= $key) $newData [Trim ($arr [0])] = $this->postfind ($arr, $key);
}
Output form
if (!empty ($this->error))
{
return false;
}
else return $newData;
}
/**
* Generate a form
*/
Private Function Newinput ($type, $name, $value, $style, $title)
{
Switch ($type)
{
Case ' text ':
Single line of text
Return "<input type=" text "Name=" {$name} "value=" {$value} "{$style}/>";
Break
Case ' password ':
Password input
Return "<input type=" password "name=" {$name} "{$style}/>";
Break
Case ':
Multiple lines of text
Return "<textarea name=" {$name} "{$style}/>{$value}</textarea>";
Break
Case ' hidden ':
Hide
Return "<input type=" hidden "name=" {$name} "value=" {$value} "{$style}/>";
Break
Case ' file ':
File Upload
Return "<input type=" file "Name=" {$name} "{$style}/>";
Break
Case ' Submit ':
Submit
Return "<input type=" Submit "Name=" {$name} "value=" $value "$style}/>";
Break
Default
Return ' {$type} type error!!! ';
Break
}
}
/**
* Submit Information detection
* Errors return Error
*/
Private Function Postfind ($arr, $key)
{
if (empty ($arr)) return false;
$name = $title = $error = $find = $standard =null;
Input NAME
$name = Trim ($arr [0]);
Input Title
$title = Trim ($arr [2]);
Error tips
$error = Trim ($arr [4]);
Detection type Y N
$find = Trim ($arr [5]);
Testing standards
$standard = Trim ($arr [6]);
//
if (!empty ($standard)) $this->error. = $this->ck_split ($standard, $name, $title, $find, $error);
Convert to String
if (Is_array ($this->post[$name])) $this->post[$name] = Implode (",", $this->post[$name]);
Escape or other transformation
$KKarray = Array ();
if (Preg_match ("/y| N/is ", $find))
{
$KKarray = Split ("_", $find);
Escaping or filtering
$escape _filter = (!empty ($KKarray [1]))? ' Ck_ '. $KKarray [1]: ';
Output valid data through detection
$data = ($escape _filter) $this-> $escape _filter ($this->post[$name]): $this->post[$name];
}
else $data = "";
To output new data
return $data;
}
/**
* Multiple-selection form generation
*/
Private Function Formselect ($type, $name, $value, $title, $style)
{
$outform = null;
The initial when the update and commit action are triggered
$nowvalue = (!empty ($this->post[$name]))? $this->post[$name]: $this->infoarray[$name];
Compatible with multiple-selection recognition, to array
if (!empty ($nowvalue)) $valueArray = Explode (",", $nowvalue);
Option title
if (Is_array ($title))
{
Array_unshift ($title, ' Choice ');
$titarray = Array_values ($title);
}else $titarray = explode ("|", $title);
Option value
if (Is_array ($value))
{
Array_unshift ($value, ' Choice ');
$valarray = Array_keys ($value);
if (empty ($title)) $titarray = Array_values ($value);
}
else $valarray = explode ("|", $value);
Cancel the initial default value for a form
if (!empty ($this->post) &&!empty ($this->infoarray)) $value = Preg_replace ("/y_/i", "", $value);
foreach ($valarray As $key => $varl)
{
//Non-default recognition
if (!empty ($valueArray)) $ select = (In_array ($varl, $valueArray))? ' Y ': ';
// to determine whether the default
else $select = ( Eregi ("Y_", $varl))? ' Y ': ';
if ($key > ' 0 ')
{
$_title= ($titarray [$key])? $titarray [$key]: $title;
Switch ($type)
{
Case ' SELECT ':
if (' Y ' = = $select) $select = ' selected ';
$outform. = sprintf ("<option%s value="%s "/>%s</option>rn"
, $select, Preg_replace ("/y_/i", "", $varl), $_title);
Break
Case ' Radio ':
if (' Y ' = = $select) $select = ' checked ';
$outform. = sprintf ("<label>%s<input%s type=" Radio "name="%s "value="%s "%s/></label>rn".
$_title, $select, $name, $varl, $style);
Break
Case ' checkbox ':
if (' Y ' = = $select) $select = ' checked ';
$outform. = sprintf ("<label>%s<input%s type= checkbox" Name= "%s[]" value= "%s"%s/></label>rn ", $_ Title, $select, $name, $varl, $style);
Break
}
$select =null;
}
}
Drop down Selection
if ($type = = ' SELECT ') $outform = sprintf (' <select name= '%s '%s>%s</select> ', $name, $style, $outform);
Return sprintf ("<dt>%s</dt><dd>%s<tt id=" j%s "></tt></dd>rn", $titarray [0],$ Outform, $name);
}
/**
* Form validation and all Ck_ class functions
*/
Private Function Ck_split ($standard, $name, $title, $find, $error)
{
Non-mandatory default Skip
if (eregi (' N ', $find) && empty ($this->post[$name]) return false;
Required Default Detection
if (eregi (' Y ', $find) && empty ($this->post[$name])) return "[" j{$name} "," $error "],";
$t _error = null;
Multi-item detection
$arr = Explode (', ', $standard);
Post Data detection
if (!empty ($arr)) foreach ($arr as $var)
{
if (Trim ($var)!= ')
{
Switch ($this->post)
{
Case Is_array ($this->post[$name]):
Detection of array classes
foreach ($this->post[$name] as $_var)
{
$t _error.= ($this->ck_open ($_var,trim ($var))? ": $error;
if ($t _error) break;
}
Break
Default
$t _error.= ($this->ck_open ($this->post[$name],trim ($var))? "": $error;
Break
}
if ($t _error) break;
}
}
Return ($t _error)? "[J{$name}", "$t _error"], ":";
}
Function call
Private Function Ck_open ($string, $STR)
{
$functi = $this->ck_detected ($STR);
Return ($this-> $functi ($string, $str))? True:false;
}
Type judgment
Private Function ck_detected ($STR)
{
$detect = (eregi ("^[a-za-z]*$", $str))? "{$str}detect": ' Lengthdetect ';
if (!in_array ($detect, $this->array[' class '))
{
Location (' index.php ', $ck, ' Lack ' function!!! ');
}
return $detect;
}
-------------------------------------the following is an external call to the instrumentation function
Length
Public Function Lengthdetect ($string, $str) {
$len = Split ('-', trim ($STR));
Return (strlen ($string) > ($len [0]-1) && strlen ($string) < ($len [1]+1)]? True:false;
}
Price
Public Function Moneydetect ($STR) {
Return Preg_match ("/^ (-|+)" d+ (. d+) $/", $str);
}
Mail
Public Function Emaildetect ($STR) {
Return Preg_match ("/^w+ [-+.] w+) *@w+ ([-.] w+) *.w+ ([-.] w+) *$/", $str);
}
Url
Public Function Urldetect ($STR) {
Return Preg_match ("/^http://[a-za-z0-9]+.[ a-za-z0-9]+[/=?%-&_~ ' @[] ': +!] * ([^<> "]) *$/", $str);
}
Digital type
Public Function Numdetect ($STR) {
Return Is_numeric ($STR);
}
Chinese
Public Function Cndetect ($STR) {
Return Preg_match ("/^[x7f-xff]+$/", $str);
}
Letters
Public Function Endetect ($STR) {
Return Preg_match ("/^[a-za-z]+$/", $str);
}
Digital Letter Mix
Public Function Numendetect ($STR) {
Return Preg_match ("/^ ([a-za-z0-9_-]) +$/", $str);
}
Phone number
Public Function Teldetect ($STR) {
Return Ereg ("^[+]?[ 0-9]+ ([xx-][0-9]+) *$ ", $str);
}
Sensitive words
Public Function Keydetect ($STR) {
Return (!preg_match ("/$badkey/I", $str));
}
-----------------------------------------------------output
Character substitution
Public Function Ck_filter ($STR) {
$str = (Is_array ($str))? Implode (",", $str): $str;
$str =nl2br ($STR); Replace the carriage return with the <br>
$str =htmlspecialchars ($STR); Converts a special character into HTML format.
$str =str_replace (Array ("", ';? '), Array ("", ' < '), $STR); Replace a space with
return $str;
}
Escape
function Ck_escape ($STR)
{
if (!GET_MAGIC_QUOTES_GPC ()) return addslashes ($STR);
return $str;
}
MD5 encryption
Public Function Ck_md5 ($STR) {
Return MD5 ($STR);
}
Base64 encryption
Public Function Ck_base64 ($STR) {
Return Base64_encode ($STR);
}
Time
function Ck_time ($STR) {
Time_r () to the common function file
if (!is_numeric ($STR))
{
Return Time_r ($STR);
}
else return $str;
}
Conditional cancellation (number)
Public Function Ck_cancel ($STR) {
Return (!is_numeric ($STR))? $STR: "";
}
Unconditional logoff
Public Function Ck_delete () {
return null;
}
JS Error Tip
Private Function Jserror ()
{
if (Empty ($this->error)) return false;
Return "
<script language=javascript> rn var error = new Array (". Trim ($this->error, ', ').");
RN for (i=0 i < error.length; i++) {
RN document.getElementById (Error[0]). Innerhtml=error[1];
}rn </script>
";
}
}
Demonstrate:
$form [1] =array (
' Text ' =>array (' title ', ', ' Product name ', ' size=40 ', ' Product name is indispensable! ', ' Y ', ' cn,1-30 '),
' Text1 ' =>array (' categories ', ', ', ' Product name ', ', ' ', ', ' y_base64 '),
' Select ' =>array (' superiors ', ' | | 1|2| Y_3 ', ' Product category | Select |1|2|3 ', ', ' ' must option ', ' Y '),
' Radio ' =>array (' superiors1 ', ' |1| Y_2|3 ', ' Product xun| product 1| product 2| Product 3 ', ', ' must option ', ' Y '),
' checkbox ' =>array (' superiors2 ', array (1=> ' one ',2=> ',3=> ' 33 '), ', ', ' must option ', ' Y '),
' File ' =>array (' ddd ', ', ' ' Files '),
);
$form =array (
' Login ' =>
Array (
' Text ' =>
Array (
0 => ' user ',
1 => ',
2 => ' username ',
3 => ' size=20 ',
4 => '! ',
5 => ' Y ',
6 => ' numen,6-12 ',
),
' Password ' =>
Array (
0 => ' Pass ',
1 => ',
2 => ' password ',
3 => ' size=22 ',
4 => ' password format error! ',
5 => ' Y_md5 ',
6 => ' numen,6-12 ',
),
' Radio ' =>
Array (
0 => ' time ',
1 => ' |7200|3600|1800 ',
2 => ' Cookies effective time |1 hours |30 minutes ',
3 => ',
4 => ',
5 => ' N_delete ',
6 => ',
),
),
);
Form submission
$past = $_form->postform ($form [' Login ']);
$DD = Array (' title ' => ' titles ', ' Categories ' => ' category ');
$DD priority for internal processing of post data bits for existing information, such as information output at update time
if (!empty ($past))
{
echo "<pre>";
Print_r ($past);
echo "</pre>";
}
Echo ' <form method= ' POST "name=" Posttopic "action=" "enctype=" Multipart/form-data "style=" margin:0px; > ';
Echo $_form->formhtml ($form [' Login '], $DD);
Echo ' <input type= "submit" value= "Y" name= "B1" ></form>;
?>