PHP - 将行动态添加到 CSV 的 html 表单的安全性
[英]PHP - Security for html form dynamically adding rows to CSV
问题描述
I need help in adding security such as form validation to my PHP form which writes a new row on a csv as users submit their email.
我需要帮助添加安全性,例如表单验证到我的 PHP 表单,当用户提交他们的电子邮件时,它会在 csv 上写入一个新行。 I'm a complete novice on PHP and require a bit of help.我是 PHP 的完全新手,需要一些帮助。 I need to:我需要:
- Making sure the Email field is not empty and is an actual valid address.确保电子邮件字段不为空并且是实际有效的地址。
- Making sure when the submit button is pressed that the field is not empty and is a valid email address.确保按下提交按钮时该字段不为空并且是有效的电子邮件地址。
I do want to add user feedback such as when the form is submitted and is valid the user gets a message saying 'Your email address has been added.'我确实想添加用户反馈,例如当表单提交并且有效时,用户会收到一条消息,说“您的电子邮件地址已添加”。 However I would like this to be within the same page so it could be underneath the button.但是我希望它位于同一页面内,因此它可以位于按钮下方。
How do I get around doing this?我该如何解决这个问题? I would appreciate all you help the code is below.我将不胜感激您对代码的帮助。
<form action='proces.php' method='post'>
<p><label>Email</label><br><input type='text' name='email' value=''></p>
<p><input type='submit' name='submit' value='Submit'></p>
</form>
<?php
//read data from form
$lName = filter_input(INPUT_POST, "name");
$fName = filter_input(INPUT_POST, "email");
$email = filter_input(INPUT_POST, "email");
$phone = filter_input(INPUT_POST, "phone");
$output = $fName . "\t";
$output .= $lName . "\t";
$output .= $email . "\t";
$output .= $phone . "\n";
if(empty($fname) || empty($ln) || empty($phone)){//show the form
$message = 'Fill in areas in red!';
$aClass = 'errorClass';
}
//open file for output
$fp = fopen("contacts.csv", "a");
//write to the file
fwrite($fp, $output);
fclose($fp);
?>
1 个解决方案
解决方案1
0 2015-11-05 18:26:57
http://php.net/manual/en/filter.examples.validation.php you could use that as a way to validate emails, or you could make a register and login page and have an email sent to theirs for verification. http://php.net/manual/en/filter.examples.validation.php您可以使用它作为验证电子邮件的一种方式,或者您可以制作一个注册和登录页面并将电子邮件发送给他们进行验证。 You can simply put required in the email input somewhere and it would make sure it wasn't empty before successfully submitting or you could make an if statement, which I see you're doing above.您可以简单地将required放在电子邮件输入的某处,它会确保在成功提交之前它不是空的,或者您可以制作一个 if 语句,我看到您在上面这样做。 You'll also need an if statement for the submit button too.您还需要一个用于提交按钮的 if 语句。 I do not see a DB connection being made, nor do I see an insert statement.我没有看到正在建立数据库连接,也没有看到插入语句。 I suggest doing !empty then making it echo successful submit or something and then an else statement, stating that fields are required.我建议做!empty然后让它echo successful submit或其他东西,然后是一个 else 语句,说明字段是必需的。 You can take the short way and put required in there though.你可以走捷径,然后把required放在那里。 (: Not sure if it's supposed to be proces.php or not, just pointing that out there... Maybe you misspelled it, or maybe just named it that way. :/ (:不确定它是否应该是proces.php ,只是指出它......也许你拼错了它,或者只是那样命名。:/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.