1, after the reference (MVC Framework Summary) has been set down the overall framework, then the request default parameters will become:
// Default Request home: // P=front // C=findex // A=show
1.1 Locate the action under Controller Findexcontroller:
// Home Show Action Public function showaction () { // Prevent malicious calls $This---checkauthority ( ); // no specific model required, directly loaded into the template Require Cur_vie_path. ' index.html ' ; }
2, to prevent malicious calls this piece on our controller level, all models are almost used, so put it in the basic model,
/* * Prevent malicious call method, apply to all methods * /protected function checkauthority () { If(!defined ('in_ng')) { exit (" You no authority"); } }
Call this method at any time
3, rejected PHP low version, because always running, so directly into the initial file Framework.class.php
4.1 Making CSS Include files
Every page to import CSS, really troublesome, we set a file title.inc.html.
But each page has a different CSS, you can define a constant to prove this page.
Define (' SCRIPT ', ' Index ');
<title>your title</title> <? PHP 'application/view/front/title.inc.html' ?>
where title.inc.html code
<link rel="shortcut icon"href="Favicon.ico"/><link rel="stylesheet"Type="Text/css"href="Public/front/css/1/basic.css"/><link rel="stylesheet"Type="Text/css"href="public/front/css/1/<?php Echo script?>.css"/>
5.2 Create registration page register.html
The parameter request is: Request registration page P=Front C=fregister A=show
The code is:
<div id="Register"> "Post"action="post.php"> <dl> <dt> Please fill in the content </dt> <dd>User name:<input type="text"Name="username" class="text"/> (*required, at least two people)</dd> <dd>Password:<input type="Password"Name="Password" class="text"/> (*required, at least six people)</dd> <dd>Confirm Password:<input type="Password"Name="Notpassword" class="text"/> (*Required , IBID.)</dd> <dd>password Hint:<input type="text"Name="Passt" class="text"/> (*required, at least two people)</dd> <dd>Password Answer:<input type="text"Name="PASSD" class="text"/> (*required, at least two people)</dd> <dd>Gender:<input type="Radio"Name="Sex"Value="male" checked="checked"/>male<input type="Radio"Name="Sex"Value="female"/>female</dd> <DDclass=" Face"> "Public/front/face/m01.gif"alt="Avatar Selection"onclick="javascript:window.open (' face.php ', ' face ', ' width=400,height=400,top=0,left=0 ')"/> </dd> <dd>e-mail:<input type="text"Name="Email" class="text"/> </dd> <dd>q Q:<input type="text"Name="QQ" class="text"/> </dd> <dd>Home Address:<input type="text"Name="URL" class="text"Value="/ http"/> </dd> <dd>Verification Code:<input type="text"Name="Yzm" class="text Yzm"/> </dd> <dd> <input type="Submit" class="Submit"Value="Register"/> </dd> </dl> </form> </div>
5.3 Click on the Avatar Pop-up to select the Avatar frame:
<img src="public/front/face/m01.gif " alt=" Avatar selection " onclick="javascript:window.open (' face.php ', ' face ', ' width=400,height=400,top=0,left=0 ') " />
This page contains 64 avatar pages, which can be listed in the form of an array loop.
foreach (Range (1,9 as $number) {><dd><img src="face/m0<?php echo $ Number?>.gif" /></dd><?php}?>
6. Submit data
To submit the data to this page, a name value pair must be made to determine whether the data was submitted.
? action=Register You can also design a hidden field to do the name value pair <inputtype="hidden"name ="action"value="register"/>
6.1 Check the Verification code
The purpose of the verification code is to prevent malicious registration and some forms of forged cross-site attacks.
The verification code is stored in the session, you can determine whether the current form submission, and refresh once the verification code with
That changes and prevents multiple malicious registrations.
if (! ($_post['yzm'] = = $_session['code')) {_alert_back (' Verification code is wrong, please re-enter! ');}
6.2. Accept Data
design variables, submit data to assign to variable $_username=$_post['username']; You can also use an array to hold the value submitted over $_clean=Array (); $_clean['username') = $_post['username']
6.3 Various restrictions and filters
= Trim ($_string);
2. Second length limit if (Mb_strlen ($_string,'utf-8') < $_min_num | | Mb_strlen ($_string,'utf-8 ') > $_max_num)
' /[<>\ ' \ ' \ \]/ ' ; if (Preg_match ($_char_pattern,$_string)) {}
4. Sensitive user name limit $_mg[0] =' A'; $_mg[1] =' One'; $_mg[2] =' -';foreach($_MG as$value) {$_mg_string.='['. $value.']'.'\ n';}if(In_array ($_STRING,$_MG)) {_alert_back ($_mg_string.'The above sensitive user name may not register! ');}
5. Escape input, effectively prevent SQL injection problem // mysql_escape_string (); // addslashes () return // This mysql_ is required to connect to the database
PHP message System (2)