PHP - Filter_var替代?
[英]PHP - Filter_var alternative?
问题描述
I built a php script to output data posted in a form, but I ran into a problem. 
我构建了一个PHP脚本来输出表单中发布的数据,但我遇到了一个问题。 The server the website is going to run on, runs PHP 5.1.6. 该网站将运行的服务器运行PHP 5.1.6。 This version of PHP does not support filter_var. 此版本的PHP不支持filter_var。
I need to know an alternative on short term (preferably yesterday), and can't find something straight forward on Google or Stack Overflow. 我需要在短期内(最好是昨天)知道一个替代方案,并且无法在Google或Stack Overflow上找到直接的内容。
Mayhap someone here ran into the same issue in the past and has a quick fix for me? Mayhap这里有人遇到了同样的问题并且快速解决了我的问题?
This code: 这段代码:
$email= filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$answer= filter_var($_POST['answer'], FILTER_SANITIZE_STRING);
needs to be compatible with PHP 5.1.6, so the email address is checked on genuinity, and that no malicious code is used in either fields. 需要与PHP 5.1.6兼容,因此在genuinity上检查电子邮件地址,并且在任一字段中都不使用恶意代码。 Any tips? 有小费吗?
Thanks so much! 非常感谢!
4 个解决方案
解决方案1
4 已采纳 2012-02-03 09:35:30
for Emails you can use a Regex: (for example: http://www.totallyphp.co.uk/validate-an-email-address-using-regular-expressions ) 对于电子邮件,您可以使用正则表达式:(例如: http : //www.totallyphp.co.uk/validate-an-email-address-using-regular-expressions )
for strings you could also do regex, but that is a little bit too heavy, so maybe a combination of mysql_real_escape_string() if you send it to a DB, and for html you should use htmlentities() : 对于字符串你也可以做正则表达式,但这有点太重了,所以如果你把它发送到数据库可能是mysql_real_escape_string()的组合,对于html你应该使用htmlentities() :
http://de.php.net/manual/en/function.mysql-real-escape-string.php http://de.php.net/manual/en/function.mysql-real-escape-string.php
http://www.php.net/manual/en/function.htmlentities.php http://www.php.net/manual/en/function.htmlentities.php
I don't think that the filter_var-function does far different than just using these methods 我不认为filter_var函数与仅仅使用这些方法有很大不同
解决方案2
2 2012-02-03 09:31:44
您可以通过PECL将扩展安装到PHP 5.1: http : //pecl.php.net/package/filter
解决方案3
2 2012-02-03 09:44:29
解决方案4
-1 2012-02-06 09:57:45
Using the information I was given in the previous answers, here's how I fixed my problem: 使用我在前面的答案中给出的信息,这是我如何解决我的问题:
<?PHP // Retreive POST data and sanitize it: trim string, no HTML, plain text
$variable1=htmlentities(trim($_POST['input1']), ENT_NOQUOTES);
$variable2=htmlentities(trim($_POST['input2']), ENT_NOQUOTES);
$emailaddress=$_POST['email']; // sanitizing email address happens below
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $emailadres)){ // check email address and if legit, do this:
echo '<p>The e-mail address given is valid.</p>'
} else{ // if email is not legit, do this:
echo '<p>The e-mail address given is not valid.</p>';
}
?>
I hope this helps someone :) 我希望这可以帮助别人 :)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.