Php/javascript/jquery form validation and Processing Summary: section ① PHP form validation and processing

PHP VERSION = 5.3.10

First, about $_request

PHP documentation Instructions for $_request:

describes an array that contains $_get,$_post and $_cookie by default. Update log version    description 5.3. 0     introduce Request_order. This directive affects the content of $_request.  4.3. 0     $_files information is removed from the $_request.  4.1. 0    Introduce $_request.

In PHP 5.3 or later, the request_order default setting in PHP.ini is:

Request_order = "GP"

GP is GET and POST, and does not contain "C" (cookies), which means that $_request only contains $_get and $_post by default.

Cases

Form.html

<!DOCTYPE HTML><HTMLLang= "en"><Head>    <MetaCharSet= "UTF-8">    <title>Form</title></Head><Body>    <formAction= "Doaction.php?username=deathmask"Method= "POST">User name:<inputtype= "text"name= "username">        <inputtype= "Submit"value= "Submit">    </form></Body></HTML>

doaction.php

<? PHP Var_dump ($_request[' username ']);

At this point: in the user name input box, enter Dee, then output:

string ' Dee ' (length=3)

However, if you modify the order of the Request_order values in php.ini:

Change the default GP to PG,

" PG "

That is, when $_get and $_post are in the same key, the value of $_get overrides the $_post value, at which time the form is submitted and the output:

string ' Deathmask ' (length=9)

Second, determine whether the request is a Get method or Post method:$_server[' Request_method ']

Cases

Form.html

<!DOCTYPE HTML><HTMLLang= "en"><Head>    <MetaCharSet= "UTF-8">    <title>Form</title></Head><Body>    <formAction= "doaction.php"Method= "POST">User name:<inputtype= "text"name= "username">        <inputtype= "Submit"value= "Submit">    </form></Body></HTML>

doaction.php:

<? PHP Echo $_server [' Request_method '];

If the form is submitted via form.html, the doaction.php output: POST

If you access doaction.php directly, the output: GET

"Example" determines what to do according to the requested method (GET output interface, POST output data)

if ($_server[' Request_method ']$_server[' script_name ');? > method= post > user name:<input type= "text" name= "username" ><input type= "Submit" value= "Submit" > </form><?php}Else{    echo ' Hello, '.  $_post[' username '?>

Third, verify the required fields

Scenario: Use strlen() to test element values in $_get or $_post

if (! strlen ($_post[' username '])) {    echo ' cannot be empty ';} Else {    echo ' Hello, '.  $_post[' username '];}

Note : Leaving different types of form elements blank will not be the same for element values in $_get and $_post. Empty text box, empty text area, and blank file upload field values are 0-length strings, and unchecked check boxes and radio buttons do not generate any values in $_get and $_post; The browser will often force a single item to be selected in the Radio drop-down list, and for the multiple-selection drop-down list, If none of these items is selected, the result and check boxes are the same, and no values are generated in $_get or $_post.

Not only that, but the request itself is not only from the Web browser (exploit malicious attacks).

The strictest form validation should be: Step1. Use isset() to check whether this element is present in $_get or $_post; Step2. If the element is contained in an array (check box), you can use Is_array() to verify that it exists in an array.

<! DOCTYPE html>strlen() and Is_array () complete rigorous form validation if($_server[' request_method '] = = ' GET ') {?> <form action= "<?php Echo$_server[' Script_name '];? > "method=" POST ">User name:<input type= "text" name= "username" > * required <br/><br/>Hobbies:<input type= "checkbox" Name= "hobby[]" id= "" >Football<input type= "checkbox" Name= "hobby[]" id= "" >Football<input type= "checkbox" Name= "hobby[]" id= "" >Read<input type= "checkbox" Name= "hobby[]" id= "" >Programming<input type= "checkbox" Name= "hobby[]" id= "" >Music<input type= "checkbox" Name= "hobby[" "id=" "> Movie <br/><br/> <input type=" Submit "value=" Submit "> </form> <?php}Else{        //Check the existence of $_post[' username '] before checking the length        if(!strlen($_post[' username '])){            Echo' Please enter user name <br/> '; }        //make sure $_post[' hobby ' exists and is an array        if(! (isset($_post[' Hobby ']) &&Is_array($_post[' Hobby ']))){            Echo' Please select at least one <br/> '; }    } ?></body>
Note : The character 0 can be converted to false based on the Boolean value of PHP, so attempting to use empty () instead of strlen () may cause problems--if 0 is filled in the Children text box, $_post[' children The value of '] is 0, and empty ($_post[' children ') tests the result to true, which is wrong from the point of view of the validation form.
Cases
<? PHP if (empty($_post[' username ')) {    echo ' empty ';} Else {    echo$_post[' username '];}
When input 0 o'clock, the output is empty.
Iv. Verifying form Input: Digital
Scenario: If you want to determine if the value is an integer greater than or equal to 0 , you can use the function ctype_digit().
<? PHP if (! Ctype_digit ($_post[' age '])) {    echo ' age must be greater than or equal to 0 ';}
adjourned
Reference:
① "PHP Classic Example"
An issue to be aware of when using $_request in ②php
Php/javascript/jquery form validation and Processing Summary: section ① PHP form validation and processing