文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
首页
学习
活动
专区
圈层
工具
MCP广场
返回腾讯云官网
社区首页 >问答首页 >不带字符的Php验证表单

不带字符的Php验证表单
EN

Stack Overflow用户
提问于 2016-07-17 15:14:22
回答 1查看 61关注 0票数 0

我有一个问题。我需要用户在不写东西的情况下不能发送表单。我有这个表单:

代码语言:javascript
复制
<div id="content" class="inner-wrapper reg">
	<div id="mside">
    <div class="section goback">
	<div class="btn-back"><a class="back" onClick="history.go(-1)"><?= $lang['profile']['back'] ?></a></div>
    </div>
		<div class="section register">
			<form id="mail-cons" method="post" action="" enctype="multipart/form-data" >
				
				<div class="step2">
				<ul class="step-ul">
					<h2>Asesoría vía correo electrónico</h2>

<?//Primul pas pt user, descrierea problemei
if(loggedtype()=='user' AND $data['user_description']==''){?>
					<div class="step-message sys-info"><img class='small icon' src='<?=$url_base?>css/images/icons/information.png' alt=''/> <?=$lang['mc']['user_step1']?></div>

					<div class="row  mail-cnsl">
						</div>
					<div class="row">
				      <textarea id="descriere2 " name="descriere" class="tinymce" rows="20" cols="50" style="width: 554px; height: 517px;"><?php echo $_REQUEST["descriere"];?></textarea>
					</div>
		<div class="row submit mail-cnsl">
						<input type="submit" name="submitdesc"  value="Enviar solicitud!"  />
					</div>

			<? } ?>

此函数用于验证:

代码语言:javascript
复制
<script type="text/javascript">
function validate_required(field,alerttxt)
{
with (field)
  {
  if (value==null||value=="")
    {
    alert(alerttxt);return false;
    }
  else
    {
    return true;
    }
  }
}

function validate_form(thisform)
{
with (thisform)
  {
  if(window.clicked) return true;
  if (validate_required(user_description_extra,"Por favor, introduzca el motivo del rechazo!")==false)
   {user_description_extra.focus();return false;}
    }
}
</script>

<script type="text/javascript">
function validate_length(f,a,l){
    z=f.value;
    x=z.length;
    if (x<l){alert (a); f.focus(); return false;}
    return true;
}
</script>

此函数用于提交:

代码语言:javascript
复制
if(isset($_POST['submitdesc'])){
   $upd = mysql_query("UPDATE discussion SET active='0' WHERE id='".$_GET['iddisc']."'") or die(mysql_error());

   $sel = mysql_query("SELECT * FROM discussion WHERE id='".$_GET['iddisc']."'") or die(mysql_error());
   $data = mysql_fetch_array($sel);

   $upd_mc = mysql_query("UPDATE mail_counseling SET new_user=0, new_cons=1, user_description='".mysql_real_escape_string($_POST['descriere'])."' WHERE id_disc='".$_GET['iddisc']."'") or die(mysql_error());

   //Notificari
   if($_SESSION['loggedin']['type']=='user'){
      $insid = $user['id_user'];
      $type1 = 'user';
      $type2 = 'client';
   }else{
      $insid = $cons['id_counselor'];
      $type1 = 'consilier';
      $type2 = 'counselor';
   }



   $insnotifs = mysql_query("INSERT INTO mc_notifs (type,id_user,message) VALUES ('".$_SESSION['loggedin']['type']."','".$insid."','".mysql_real_escape_string($message)."')") or die(mysql_error());
   //End Notificari

   //Send notification mail
   $query_tpl_mail = "SELECT * FROM mails WHERE id_mails='6'";
   $tpl_mail = mysql_query($query_tpl_mail, $conn) or die(mysql_error());
   $row_tpl_mail = mysql_fetch_assoc($tpl_mail);

   $subject = $row_tpl_mail['title_mail'.$lng_s_tb];
   $message = $row_tpl_mail['description'.$lng_s_tb];
   avertizare_mail($cons["email"],$subject,$lang['mc']['notif1']);
   avertizare_mail($user["email"],$subject,$lang['mc']['notif11']);
   header("Location: ".$url_base."$tip_user-account/mail-counseling/ok/");
   exit;

}

但是不要工作.Can我帮助我的?

javascript
php
EN

回答 1

Stack Overflow用户

发布于 2016-07-17 15:35:26

不要依赖客户端验证。关闭javascript可能会使您的表单易受攻击。你必须在php中更安全、更容易地完成这项工作。

代码语言:javascript
复制
if(isset($_POST['submitdesc'])){

    $desc = htmlspecialchars(trim($_POST['descriere']))); 

    if(isset($desc)){
           $upd = mysql_query("UPDATE discussion SET active='0' WHERE id='".$_GET['iddisc']."'") or die(mysql_error());

   $sel = mysql_query("SELECT * FROM discussion WHERE id='".$_GET['iddisc']."'") or die(mysql_error());
   $data = mysql_fetch_array($sel);

   $upd_mc = mysql_query("UPDATE mail_counseling SET new_user=0, new_cons=1, user_description='".mysql_real_escape_string($_POST['descriere'])."' WHERE id_disc='".$_GET['iddisc']."'") or die(mysql_error());

   //Notificari
   if($_SESSION['loggedin']['type']=='user'){
      $insid = $user['id_user'];
      $type1 = 'user';
      $type2 = 'client';
   }else{
      $insid = $cons['id_counselor'];
      $type1 = 'consilier';
      $type2 = 'counselor';
   }



   $insnotifs = mysql_query("INSERT INTO mc_notifs (type,id_user,message) VALUES ('".$_SESSION['loggedin']['type']."','".$insid."','".mysql_real_escape_string($message)."')") or die(mysql_error());
   //End Notificari

   //Send notification mail
   $query_tpl_mail = "SELECT * FROM mails WHERE id_mails='6'";
   $tpl_mail = mysql_query($query_tpl_mail, $conn) or die(mysql_error());
   $row_tpl_mail = mysql_fetch_assoc($tpl_mail);

   $subject = $row_tpl_mail['title_mail'.$lng_s_tb];
   $message = $row_tpl_mail['description'.$lng_s_tb];
   avertizare_mail($cons["email"],$subject,$lang['mc']['notif1']);
   avertizare_mail($user["email"],$subject,$lang['mc']['notif11']);
   header("Location: ".$url_base."$tip_user-account/mail-counseling/ok/");
   exit;
    }else{
       ?><script>alert('Empty text field is not allowed.')</script><?php
    }
}
票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/38418798

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2025 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 深公网安备号 44030502008569

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号 | 京公网安备号11010802020287

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档