[英]Restrict access to page - PHP
I have page with 3 $_GET
variables in the URL; 我的网页的网址中包含3个
$_GET
变量;
http://www.example.co.uk/search?location=asokoro&day=today&time=12%3A00
location = string, day = string, time = time eg 12:00, 13:15
I will like to prevent access to the page for the below conditions. 在以下情况下,我将阻止访问该页面。
Prevent access if no variable received --- COMPLETED 阻止访问,如果没有收到任何变量--- 竣工
if(!isset($_GET['location']) || !isset($_GET['day']) || !isset($_GET['time'])) {
header("Location: http://www.example.co.uk");
exit;
}
Prevent access if location
is not supported --- COMPLETED 阻止访问,如果
location
不支持--- 已完成
$locations = Array('loc1','loc2');
if (!in_array($_GET['location'], $locations)) {
header("Location: http://www.example.co.uk");
exit;
}
Prevent access if day
is not correct--- COMPLETED 阻止访问,如果
day
不正确--- 已完成
if($_GET['day'] != "today" || $_GET['day'] != "tomorrow") {
header("Location: http://www.abklab.co.uk");
exit;
}
Prevent access if time
is not correct--- NOT COMPLETED 阻止访问,如果
time
是不正确的--- 没有完成
Here I want to be able to check if time
is actually time and not some random string like test
. 在这里,我希望能够检查
time
是否实际上是时间,而不是诸如test
类的一些随机字符串。
As you can see from the URL time is passed with %3A
which reperents :
I would like to check if time
is indeed a time eg 12:00, 14:20 etc if not then prevent access 从URL中可以看到,时间传递了
%3A
,它表示:
我想检查time
是否确实是一个时间,例如12 :
00、14 :
20等,如果没有,则阻止访问
You just need a way to escape from html's special characters, right? 您只需要一种摆脱html特殊字符的方法,对吗? Try this:
尝试这个:
if(strlen(trim($_GET['time'])) > 0){
echo htmlspecialchars_decode(trim($_GET['time']));
}
When you get the time variable through $_GET['time']
, %3A
should be translated to :
and rest you can check if the time
is actually time
through regex
. 通过
$_GET['time']
获得时间变量$_GET['time']
,应将%3A
转换为:
休息,您可以通过regex
检查time
是否实际上是time
。 And the expression for that is: ([01]?[0-9]|2[0-3]):[0-5][0-9](:[0-5][0-9])?
表达式为:
([01]?[0-9]|2[0-3]):[0-5][0-9](:[0-5][0-9])?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.