![](/img/trans.png)
[英]how do i securely update a remote database from inside a chrome extension?
[英]How do I update a table in the database securely using an input from a html form?
我有一個html表,我需要在其中安全安全地接受用戶輸入以更新表項。 有指導嗎? (我知道我在下面寫的是不正確的)
例如,如果他們想更新自己的詳細信息(例如姓):
<div class="grid-2">
<p><b>UPDATE MY DETAILS</b></p>
<form action ="includes/update.inc.php" method ="post">
<label>S.Name</label>
<input name="update-surname" type="text" placeholder="Enter new surname...">
<label>Address</label>
<input name="update-houseno" type="text" placeholder="Enter house no' or name...">
<input name="update-ln1" type="text" placeholder="1st Line of Address...">
<input name="update-town" type="text" placeholder="Town...">
<input name="update-county" type="text" placeholder="County...">
<input name="update-postcode" type="text" placeholder="Postcode...">
<label>Contact Number</label>
<input name="update-number" type="text" placeholder="Contact Number...">
<label>Email</label>
<input name="update-email" type="text" placeholder="Email...">
<input type="submit" name="update-details" value="Update">
</form>
</div>
更新我已經在上面的頁面中添加了代碼,並根據要求對表單進行了操作。 下面的代碼是我對該操作所導致的頁面的開始:
<?php
// Here we check whether the user got to this page by clicking the proper button.
if (isset($_POST['update-details'])) {
require 'dbh.inc.php';
// We grab all the data which we passed from the update form so we can use it later.
$surname = $_POST['update-surname'];
$houseno = $_POST['update-houseno'];
$ln1 = $_POST['update-ln1'];
$town = $_POST['update-town'];
$county = $_POST['update-county'];
$postcode = $_POST['update-postcode'];
$number = $_POST['update-number'];
$email = $_POST['update-email'];
// We validate email is correct if email has been updated.
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../after-login.php?error=invalidmail&uid=");
exit();
}
}
?>
因此,您需要對表單進行操作-即一個腳本,將其指向處理表單(可以是相同的腳本)。 理想情況下,您還希望將方法設置為post,以使數據在url中不可見,然后您需要清理數據,連接到db並進行查詢。
這應該可以幫助您獲得正確的想法
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.