Php form sensitive character filtering

Source: Internet
Author: User
Tags php form
This article mainly introduces the php form sensitive character filtering class and its usage examples. it analyzes in detail the form generation and submission processes to filter sensitive characters. it is a very practical technique, for more information about sensitive character filtering in php forms, see the following example. Share it with you for your reference. The specific analysis is as follows:

The code is as follows:


/**
* Form generation verification file
*/
$ _ Form = new formHtmlFind ();
Class formHtmlFind {
/**
* Output form functions
* $ FormKey form key
* $ Array of original information when infoArray is updated
*/

Public function formHtml ($ array, $ infoArray = '')
{
// Check whether the array exists
If (emptyempty ($ array) return false;
$ Newform = null;
// Information array (update information)
$ This-> infoArray =! Emptyempty ($ infoArray )? $ InfoArray: array ();
$ This-> array ['class'] = get_class_methods (get_class ());
Foreach ($ array as $ key => $ arr)
{
// Convert the key value to English only
$ Key = preg_replace ("/[^ a-z]/I", '', $ key );
// Generate a form
$ Newform. = $ this-> outputForm ($ arr, $ key );
}
// Output form
Return $ newform. $ this-> jsError ();
}
/**
* Generate form functions
*/
Private function outputForm ($ arr, $ key)
{
$ Value = null;
If (emptyempty ($ arr) return false;
// Input Type
$ Type = $ key;
// Input NAME
$ Name = trim ($ arr [0]);
// The input initial value does not contain multiple-choice, single-choice classes.
$ Value = (! Emptyempty ($ this-> infoArray [$ name])? Trim ($ this-> infoArray [$ name]): trim ($ arr [1]);
$ Value = emptyempty ($ this-> post [$ name])? $ Value: trim ($ this-> post [$ name]);
// Input Title
$ Title = trim ($ arr [2]);
// Style
$ Style = trim ($ arr [3]);
If ($ key! = "Hidden ")
{
$ Dt ="

{$ Title}
";
// Js error message
$ Dd ="
Rn ";
}
Return (! Preg_match ("/checkbox | select | radio/I", $ key ))?
$ Dt. $ this-> newInput ($ type, $ name, $ value, $ style, $ title). $ dd:
$ This-> formSelect ($ type, $ name, $ arr [1], $ title, $ style); // select multiple classes
}
/**
* Data Submission detection
*/
Public function postForm ($ array)
{
// Check whether the array exists
If (emptyempty ($ array) | emptyempty ($ _ POST) return false;
$ This-> post =$ _ POST;
$ This-> array ['class'] = get_class_methods (get_class ());
Foreach ($ array as $ key => $ arr)
{
// Convert the key value to English only
$ Key = preg_replace ("/[^ a-z]/I", '', $ key );
// Check the file cancellation form
If (! Emptyempty ($ arr) & 'file '! = $ Key) $ newData [trim ($ arr [0])] = $ this-> postFind ($ arr, $ key );
}
// Output form
If (! Emptyempty ($ this-> error ))
{
Return false;
}
Else return $ newData;
}
/**
* Generate a form
*/
Private function newInput ($ type, $ name, $ value, $ style, $ title)
{
Switch ($ type)
{
Case 'text ':
// Single line text
Return" ";
Break;
Case 'password ':
// Enter the password
Return" ";
Break;
Case '':
// Multi-line text
Return" {$ Value}";
Break;
Case 'ddden ':
// Hide
Return" ";
Break;
Case 'file ':
// File Upload
Return" ";
Break;
Case 'submit ':
// Submit
Return" ";
Break;
Default:
Return "{$ type} type error !!! ";
Break;
}
}
/**
* Detection of submitted information
* Error returned
*/
Private function postFind ($ arr, $ key)
{
If (emptyempty ($ arr) return false;
$ Name = $ title = $ error = $ find = $ standard = null;
// Input NAME
$ Name = trim ($ arr [0]);
// Input Title
$ Title = trim ($ arr [2]);
// Error message
$ Error = trim ($ arr [4]);
// Check type Y N
$ Find = trim ($ arr [5]);
// Detection standard
$ Standard = trim ($ arr [6]);
//
If (! Emptyempty ($ standard) $ this-> error. = $ this-> ck_split ($ standard, $ name, $ title, $ find, $ error );
// Convert to a string
If (is_array ($ this-> post [$ name]) $ this-> post [$ name] = implode (",", $ this-> post [$ name]);
// Escape or other conversions
$ KKarray = array ();
If (preg_match ("/Y | N/is", $ find ))
{
$ KKarray = split ("_", $ find );
// Escape or filter
$ Escape_filter = (! Emptyempty ($ KKarray [1])? 'CK _ '. $ KKarray [1]: '';
// Output the detected legal data
$ Data = ($ escape_filter )? $ This-> $ escape_filter ($ this-> post [$ name]): $ this-> post [$ name];

}
Else $ data = "";
// Output new data
Return $ data;
}
/**
* Multiple-choice form generation
*/
Private function formSelect ($ type, $ name, $ value, $ title, $ style)
{
$ Outform = null;
// Trigger the initial update and submission actions
$ Nowvalue = (! Emptyempty ($ this-> post [$ name])? $ This-> post [$ name]: $ this-> infoarray [$ name];
// Compatible with multiple-choice recognition and converted to an array
If (! Emptyempty ($ nowvalue) $ valueArray = explode (",", $ nowvalue );
// Option title
If (is_array ($ title ))
{
Array_unshift ($ title, 'select ');
$ Titarray = array_values ($ title );
} Else $ titarray = explode ("|", $ title );
// Option value
If (is_array ($ value ))
{
Array_unshift ($ value, 'select ');
$ Valarray = array_keys ($ value );
If (emptyempty ($ title) $ titarray = array_values ($ value );
}
Else $ valarray = explode ("|", $ value );
// Cancel the initial default value of the form
If (! Emptyempty ($ this-> post )&&! Emptyempty ($ this-> infoArray) $ value = preg_replace ("/Y _/I", '', $ value );

Foreach ($ valarray as $ key => $ varl)
{
// Non-default recognition
If (! Emptyempty ($ valueArray) $ select = (in_array ($ varl, $ valueArray ))? 'Y ':'';
// Determine whether it is the default value
Else $ select = (eregi ("Y _", $ varl ))? 'Y ':'';

If ($ key> '0 ')
{
$ _ Title = ($ titarray [$ key])? $ Titarray [$ key]: $ title;
Switch ($ type)
{
Case 'select ':
If ('y' = $ select) $ select = 'selected ';
$ Outform. = sprintf (" % SRn"
, $ Select, preg_replace ("/Y _/I", '', $ varl), $ _ title );
Break;
Case 'Radio ':
If ('y' = $ select) $ select = 'checked ';
$ Outform. = sprintf (" % SRn ",
$ _ Title, $ select, $ name, $ varl, $ style );
Break;
Case 'checkbox ':
If ('y' = $ select) $ select = 'checked ';
$ Outform. = sprintf (" % SRn ", $ _ title, $ select, $ name, $ varl, $ style );
Break;
}
$ Select = null;
}
}
// Select from the drop-down list
If ($ type = 'select') $ outform = sprintf (' % S', $ Name, $ style, $ outform );
Return sprintf ("
% S
% S
Rn ", $ titarray [0], $ outform, $ name );
}
/**
* Form verification and all ck _ class functions
*/
Private function ck_split ($ standard, $ name, $ title, $ find, $ error)
{
// Optional, skipped by default
If (eregi ('N', $ find) & emptyempty ($ this-> post [$ name]) return false;
// Required. default detection
If (eregi ('Y', $ find) & emptyempty ($ this-> post [$ name]) return "[" J {$ name }", "$ error"], ";
$ T_error = null;
// Multiple checks
$ Arr = explode (',', $ standard );
// POST data detection
If (! Emptyempty ($ arr) foreach ($ arr as $ var)
{
If (trim ($ var )! = '')
{
Switch ($ this-> post)
{
Case is_array ($ this-> post [$ name]):
// Array detection
Foreach ($ this-> post [$ name] as $ _ var)
{
$ T_error. = ($ this-> ck_open ($ _ var, trim ($ var )))? "": $ Error;
If ($ t_error) break;
}
Break;
Default:
$ T_error. = ($ this-> ck_open ($ this-> post [$ name], trim ($ var )))? "": $ Error;
Break;
}
If ($ t_error) break;
}
}
Return ($ t_error )? "[" J {$ name} "," $ t_error "],": "";
}
// Function call
Private function ck_open ($ string, $ str)
{
$ Functi = $ this-> ck_detected ($ str );
Return ($ this-> $ functi ($ string, $ str ))? True: false;
}
// Type determination
Private function ck_detected ($ str)
{
$ Detect = (eregi ("^ [a-zA-Z] * $", $ str ))? "{$ Str} Detect": 'lengthdetect ';
If (! In_array ($ detect, $ this-> array ['class'])
{
Location ('index. php', $ ck, 'Lack of function !!! ');
}
Return $ detect;
}
// --------------------------------------- The following shows that the detection function can be called externally.
// Length
Public function lengthDetect ($ string, $ str ){
$ Len = split ('-', trim ($ str ));
Return (strlen ($ string)> ($ len [0]-1) & strlen ($ string) <($ len [1] + 1 ))? True: false;
}
// Price
Public function moneyDetect ($ str ){
Return preg_match ("/^ (-| + )? D + (. d + )? $/", $ Str );
}
// Email
Public function emailDetect ($ str ){
Return preg_match ("/^ w + ([-+.] w +) * @ w + ([-.] w + )*. w + ([-.] w +) * $/", $ str );
}
// URL
Public function urlDetect ($ str ){
Return preg_match ("/^ http: // [A-Za-z0-9] +. [A-Za-z0-9] + [/=? % -&_~ '@ []': +!] * ([^ <> "]) * $/", $ Str );
}
// Digital
Public function numDetect ($ str ){
Return is_numeric ($ str );
}
// Chinese
Public function cnDetect ($ str ){
Return preg_match ("/^ [x7f-xff] + $/", $ str );
}
// Letter
Public function enDetect ($ str ){
Return preg_match ("/^ [A-Za-z] + $/", $ str );
}
// Mixed numbers and letters
Public function numenDetect ($ str ){
Return preg_match ("/^ ([a-zA-Z0-9 _-]) + $/", $ str );
}
// Phone number
Public function telDetect ($ str ){
Return ereg ("^ [+]? [0-9] + ([xX-] [0-9] +) * $ ", $ str );
}
// Sensitive words
Public function keyDetect ($ str ){
Return (! Preg_match ("/$ badkey/I", $ str ));
}
// --------------------------------------------------------- Output
// Character replacement
Public function ck_filter ($ str ){
$ Str = (is_array ($ str ))? Implode (",", $ str): $ str;
$ Str = nl2br ($ str); // replace the carriage return

$ Str = htmlspecialchars ($ str); // Convert Special characters into HTML format.
// $ Str = str_replace (array ("", '<? '), Array ("",' <? '), $ Str); // replace the space
Return $ str;
}
// Escape
Function ck_escape ($ str)
{
If (! Get_magic_quotes_gpc () return addslashes ($ str );
Return $ str;
}
// MD5 encryption
Public function ck_md5 ($ str ){
Return MD5 ($ str );
}
// Base64 encryption
Public function ck_base64 ($ str ){
Return base64_encode ($ str );
}
// Time
Function ck_time ($ str ){
// Time_r () in the public function file
If (! Is_numeric ($ str ))
{
Return time_r ($ str );
}
Else return $ str;
}
// Conditional logout (number)
Public function ck_cancel ($ str ){
Return (! Is_numeric ($ str ))? $ Str :"";
}
// Unregister unconditionally
Public function ck_delete (){
Return null;
}
// Js error message
Private function jsError ()
{
If (emptyempty ($ this-> error) return false;
Return"
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.