PHP代码如何从$\u POST清除用户输入
我有以下PHP代码:PHP代码如何从$\u POST清除用户输入,php,post,input-sanitization,Php,Post,Input Sanitization,我有以下PHP代码: <?php $score11 = $_POST['passmarks12']; if($_POST['passmarks12'] > 100){ $grade11 = ""; } elseif ($_POST['passmarks12'] < 45){ $grade11 = "Fail"; } $strg = " $grade11"; echo $strg; ?&
<?php
$score11 = $_POST['passmarks12'];
if($_POST['passmarks12'] > 100){
$grade11 = "";
}
elseif ($_POST['passmarks12'] < 45){
$grade11 = "Fail";
}
$strg = " $grade11";
echo $strg;
?>
无论发送什么,代码总是打印“失败”
我希望这样,如果它通过空白或无效输入,它就会失败
我应该如何正确地清理输入?我想您需要
elseif ($_POST['passmarks12'] < 45 && !empty($_POST['passmarks12']))
elseif($\u POST['passmarks12']<45&&!空($\u POST['passmarks12']))
此PHP代码将确保$\u POST
在与100进行比较之前不为空
<?php
$score11 = $_POST['passmarks12'];
if(empty($_POST['passmarks12']) || $_POST['passmarks12'] > 100)
$grade11 = "";
elseif ($_POST['passmarks12'] < 45)
$grade11 = "Fail";
$strg = " $grade11" ;
echo $strg;
?>
试试这个:
<?php
//$_POST['passmarks12'] = '';
if(empty($_POST['passmarks12']) || $_POST['passmarks12'] > 100)
{
$grade11 = "";
}
else if ($_POST['passmarks12'] < 45){
$grade11 = "Fail";
} else{
$grade11 = "Pass";
}
$strg = " $grade11" ;
echo $strg;
?>
积分:
isset
检查$\u POST['key']
是否存在$\u POST['key']
是否具有有效的数据类型字符串它可以是数组
$\u POST['key']
是否具有有效的数字格式李>
intval
比较$\u POST['key']
(字符串)和45
(整数)如果您不能相信输入是有效的,您可以在执行任何其他操作之前检查它们。这些应该是另一种方式,否则如果未设置$\u POST['passmarks12']
,您将收到一个错误。
<?php
switch (true) {
case !isset($_POST['passmarks12']):
case !is_string($score = $_POST['passmarks12']):
case !is_numeric($score):
$result = 'Error (Invalid parameter)';
break;
case (intval($score) < 45):
$result = 'Fail (Less than 45)';
break;
default:
$result = 'Success (No less than 45)';
}
echo $result;