使用GUMP进行PHP表单验证
[英]PHP form validation using GUMP
问题描述
I'm using GUMP https://github.com/Wixel/GUMP for server side form validation and have a question regarding showing messages after a redirect. 
我正在使用GUMP https://github.com/Wixel/GUMP进行服务器端表单验证,并且对重定向后显示消息有疑问。
I want to validate the form data after submission, then redirect to the form if there was an error but I don't know the best way to pass the errors to the form after the redirect. 我想在提交后验证表单数据,然后在出现错误时重定向到表单,但是我不知道在重定向后将错误传递给表单的最佳方法。
I've read this question Header Redirect after form Validation in PHP which suggests two ways of doing this: 我已经阅读了PHP表单验证后的标题重定向问题,它提出了两种方法:
1. 1。
$message="Some message for the next page.";
$message=urlencode($message);
header("Location:page.php?message=".$message);
2. 2。
$_SESSION['message']='some other message';
The author of the answer thinks method 1 is more secure, but can you tell me why that would be? 答案的作者认为方法1更安全,但是您能告诉我为什么会这样吗?
I've also had a look at how it's done by php-form-builder class https://github.com/lkorth/php-form-builder-class , and they seem to use method 2: 我还查看了php-form-builder类https://github.com/lkorth/php-form-builder-class的工作方式 ,他们似乎使用了方法2:
/*Valldation errors are saved in the session after the form submission, and will be displayed to the user
when redirected back to the form.*/
public static function setError($id, $errors, $element = "") {
if(!is_array($errors))
$errors = array($errors);
if(empty($_SESSION["pfbc"][$id]["errors"][$element]))
$_SESSION["pfbc"][$id]["errors"][$element] = array();
foreach($errors as $error)
$_SESSION["pfbc"][$id]["errors"][$element][] = $error;
}
So, my question is, which is the best way to go about this? 因此,我的问题是,执行此操作的最佳方法是什么? Pass the errors with $_GET or in session variables? 通过$_GET或在会话变量中传递错误?
ps If I've missed something, and there is a way to do it that's easier/built into GUMP, please point it out! ps如果我错过了某些事情,并且有一种方法可以轻松实现/内置于GUMP中,请指出!
1 个解决方案
解决方案1
0 已采纳 2017-10-30 19:55:46
Two files, one of them contains all the PHP business logic and the other the form (which you include in the first file). 两个文件,其中一个包含所有PHP业务逻辑,另一个文件包含表单(您包含在第一个文件中)。 The first file does two things: it checks to see if the form was submitted and displays the form. 第一个文件有两件事:检查表单是否已提交并显示表单。 On the first run, there are no error messages because the form has yet to be submitted. 第一次运行时,没有错误消息,因为尚未提交表单。 If the form is submitted and it does not validate, have the form display the error message(s) (ie; <?php echo $gump->get_readable_errors(true) ?> ). 如果表单已提交且未通过验证,则让表单显示错误消息(即<?php echo $gump->get_readable_errors(true) ?> )。 No need to store the error messages in session. 无需在会话中存储错误消息。 You could also re-populate the form with the previously submitted data. 您也可以使用先前提交的数据重新填充表单。
form.php form.php的
<?php
$_error_messages = '';
if (isset($_POST) && !empty($_POST)) :
$gump = new GUMP();
// Let's sanitize the POST data
$_POST = $gump->sanitize($_POST);
$gump->validation_rules(array(
// your validationm rules here
));
$gump->filter_rules(array(
// your filter rules here
));
// Validate the form data
$validated_data = $gump->run($_POST);
if ($validated_data === false) :
// The submitted data did not validate,
// display the errors in the form
$_error_messages = $gump->get_readable_errors(true);
else :
// The submitted data validated successfully
. . .
endif;
endif;
// Display your form
include 'form-view.php';
form-view.php 外形view.php
<!DOCTYPE html>
<html>
<head>
// . . .
</head>
<body>
<section>
<?php echo $_error_messages ?>
<form
action = '<?php echo htmlentities('form.php'); ?>'
method = 'post'
name = 'my_form'
>
// The rest of your form here
</form>
</section>
</body>
</html>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.