Input 我的输入过滤器可以吗?
大家好,我是php新手,刚刚在我的xD上完成了php课程 ,所以问题是:我的验证中是否存在严重错误?或者我 虽然写得不好,你还能用吗?我只想知道我能用我的 或者我需要重新编写它,因为它易受攻击?不想 浪费你的时间,对不起Input 我的输入过滤器可以吗?,input,filter,Input,Filter,大家好,我是php新手,刚刚在我的xD上完成了php课程 ,所以问题是:我的验证中是否存在严重错误?或者我 虽然写得不好,你还能用吗?我只想知道我能用我的 或者我需要重新编写它,因为它易受攻击?不想 浪费你的时间,对不起 请记住,这不是一个好的做法,因为你告诉浏览器在每次加载时下载每个文件1x1,也请将代码复制/粘贴到中,并将链接放在评论/问题上,如果我能理解什么是jsfiddle=,但无论如何,我对css.Thankson jsfiddle有了概念,你可以把所有的.html.css和.js代码
请记住,这不是一个好的做法,因为你告诉浏览器在每次加载时下载每个文件1x1,也请将代码复制/粘贴到中,并将链接放在评论/问题上,如果我能理解什么是jsfiddle=,但无论如何,我对css.Thankson jsfiddle有了概念,你可以把所有的.html.css和.js代码链接到CDN e.i引导程序,或者选择jsfiddle为你准备的库,比如jQuery和运行/保存/共享你的代码,为什么我要这么做?stack社区更容易在你遇到的每一个问题上测试/帮助你抱歉英语太糟糕了
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<title>Digital Agency</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Add your business website description here">
<meta name="keywords" content="Add your, business, website, keywords, here">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<!-- favicon -->
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
<link rel="icon" href="favicon.ico" type="image/x-icon">
<!-- google fonts -->
<link href='http://fonts.googleapis.com/css?family=Raleway:400,500,600,700,800,900%7CMerriweather:400,400italic,300,300italic,700,700italic' rel='stylesheet' type='text/css'>
<!-- Font icons -->
<link rel="stylesheet" href="css/vendor/elegant-font-icon.css">
<!-- stylesheet -->
<link rel="stylesheet" href="css/vendor/bootstrap.css">
<link rel="stylesheet" href="css/style.css">
<link rel="stylesheet" href="css/custom.css">
<link rel="stylesheet" href="css/vendor/animate.css">
<link rel="stylesheet" href="css/vendor/owl.carousel.css">
<!-- style switcher -->
<link rel="stylesheet" href="css/vendor/style-switcher.css">
<!-- Custom styles for this template -->
<link rel="stylesheet" type="text/css" href="css/colors/blue.css" title="blue" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/blue-2.css" title="blue-2" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/purple.css" title="purple" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/green.css" title="green" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/green-2.css" title="green-2" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/yellow.css" title="yellow" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/orange.css" title="orange" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/red.css" title="red" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/red-2.css" title="red-2" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/red-3.css" title="red-3" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/pink.css" title="pink" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/pink-2.css" title="pink-2" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/beige.css" title="beige" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/midnight.css" title="midnight" media="screen"/>
<link rel="stylesheet" type="text/css" href="css/colors/black.css" title="black" media="screen"/>
<script type="text/javascript" src="js/vendor/jquery-1.11.0.min.js"></script>
<script type="text/javascript" src="js/vendor/modernizr.custom.js"></script>
<!--[if lt IE 9]>
<script type="text/javascript" src="js/vendor/html5-3.6-respond-1.1.0.min.js"></script>
<![endif]-->
<script>
function loadXMLDocname()
{
var xmlhttp;
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("submit").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","http://example.com/ajaxname.txt",true);
xmlhttp.send();
}
</script>
<script>
function loadXMLDocemail()
{
var xmlhttp;
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("submit").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","http://example.com/ajaxemail.txt",true);
xmlhttp.send();
}
</script>
<script>
function loadXMLDocsuccess()
{
var xmlhttp;
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("submit").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","http://example.com/ajaxsuccess.txt",true);
xmlhttp.send();
}
</script>
<script>
function loadXMLDocnosuccess()
{
var xmlhttp;
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("submit").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","http://example.com/ajaxnosuccess.txt",true);
xmlhttp.send();
}
</script>
</head>
<body>
<div class="row">
<fieldset id="contactform" class="wow bounce" data-wow-duration="2s" data-wow-delay="0.5s">
<form method="post" action="<?php $url='http://example.com/formtest.php';echo htmlspecialchars($url);?>">
<div id="form_result"></div>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<input name="name" type="text" id="name" class="form-control" placeholder="Your Name">
</div>
</div>
<div class="row">
<div class="col-md-3 col-md-offset-3">
<input name="email" type="text" id="email" class="form-control" value="" placeholder="Your email">
</div>
<div class="col-md-3">
<input name="phone" type="text" id="phone" class="form-control" value="" placeholder="Your Number">
</div>
</div>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<textarea name="message" cols="40" rows="5" id="comments" class="form-control" placeholder="Your Message"></textarea>
</div>
</div>
<div class="row">
<div class="col-md-12 text-center">
<button type="submit" onclick="loadXMLDoc()" class="btn btn-default btn-lg" id="submit">SUBMIT</button>
</div>
</div>
</form>
</fieldset>
</div>
</body>
</html>
<?php
$a=mysql_connect('xxxxx','xxxx','xxxx');
$b=mysql_select_db('xxxxx',$a);
if (!$b){
echo 'no connection db ';
}
if ($_POST){
$n=htmlspecialchars($_POST['name']);
$e=htmlspecialchars($_POST['email']);
$p=intval($_POST['phone']);
$m=htmlspecialchars($_POST['message']);
if (!filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)&&filter_var($_POST['message'],FILTER_SANITIZE_STRING)){
echo '<script>loadXMLDocnosuccess();</script>';
}
if (filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)&&filter_var($_POST['message'],FILTER_SANITIZE_STRING)){
$i=mysql_query('INSERT INTO yup SET name="'.$n.'",email="'.$e.'",phone='.$p.',message="'.$m.'"');
echo '<script>loadXMLDocsuccess();</script>';
}
if(!$_POST['name']){
echo '<script>loadXMLDocname();</script>';
}
if(!$_POST['email']){
echo '<script>loadXMLDocemail();</script>';
}
}
?>