本文实例讲述了php表单敏感字符过滤类及其用法。分享给大家供大家参考。具体分析如下:
<br />/** <br />* 表单生成验证文件 <br />*/ <br />$_form = new formHtmlFind(); <br />class formHtmlFind{ <br /> /** <br /> * 输出表单函数 <br /> * $formKey 表单键 <br /> * $infoArray 更新时的原始信息数组 <br /> */ <br /> <br /> public function formHtml($array,$infoArray='') <br /> { <br /> // 检测数组是否存在 <br /> if(emptyempty($array))return false; <br /> $newform = null; <br /> // 信息数组(更新信息) <br /> $this->infoArray = !emptyempty($infoArray)?$infoArray:array(); <br /> $this->array['class'] = get_class_methods(get_class()); <br /> foreach ($array as $key =>$arr) <br /> { <br /> // 键值转换为纯英文 <br /> $key = preg_replace("/[^a-z]/i",'',$key); <br /> // 生成表单 <br /> $newform .= $this->outputForm($arr,$key); <br /> } <br /> // 输出表单 <br /> return $newform.$this->jsError(); <br /> } <br /> /** <br /> * 生成表单函数 <br /> */ <br /> private function outputForm($arr,$key) <br /> { <br /> $value = null; <br /> if(emptyempty($arr))return false; <br /> // input Type <br /> $type = $key; <br /> // input NAME <br /> $name = trim($arr[0]); <br /> // input 初始值 不包含多选,单选类 <br /> $value = (!emptyempty($this->infoArray[$name]))? trim($this->infoArray[$name]):trim($arr[1]); <br /> $value = emptyempty($this->post[$name])? $value :trim($this->post[$name]); <br /> // input Title <br /> $title = trim($arr[2]); <br /> // 样式 <br /> $style = trim($arr[3]); <br /> if($key!=="hidden") <br /> { <br /> $dt = "<dt>{$title}</dt><dd>"; <br /> // js错误提示 <br /> $dd = "<tt id="J{$name}"></tt></dd>rn"; <br /> } <br /> return (!preg_match("/checkbox|select|radio/i",$key))? <br /> $dt.$this->newInput($type,$name,$value,$style,$title).$dd: <br /> $this->formSelect($type,$name,$arr[1],$title,$style); // 多选类 <br /> } <br /> /** <br /> * 提交数据检测 <br /> */ <br /> public function postForm($array) <br /> { <br /> // 检测数组是否存在 <br /> if(emptyempty($array)||emptyempty($_POST))return false; <br /> $this->post = $_POST; <br /> $this->array['class'] = get_class_methods(get_class()); <br /> foreach ($array as $key =>$arr) <br /> { <br /> // 键值转换为纯英文 <br /> $key = preg_replace("/[^a-z]/i",'',$key); <br /> // 检测 注销file类表单 <br /> if (!emptyempty($arr)&&'file' != $key)$newData[trim($arr[0])] = $this->postFind($arr,$key); <br /> } <br /> // 输出表单 <br /> if(!emptyempty($this->error)) <br /> { <br /> return false; <br /> } <br /> else return $newData; <br /> } <br /> /** <br /> * 生成表单 <br /> */ <br /> private function newInput($type,$name,$value,$style,$title) <br /> { <br /> switch ($type) <br /> { <br /> case 'text': <br /> // 单行文本 <br /> return ""; <br /> break; <br /> case 'password': <br /> //密码输入 <br /> return ""; <br /> break; <br /> case '': <br /> //多行文本 <br /> return "<textarea name="{$name}" />{$value}</textarea>"; <br /> break; <br /> case 'hidden': <br /> // 隐藏 <br /> return ""; <br /> break; <br /> case 'file': <br /> // 文件上传 <br /> return ""; <br /> break; <br /> case 'submit': <br /> // 提交 <br /> return ""; <br /> break; <br /> default: <br /> return "{$type}类型错误!!!"; <br /> break; <br /> } <br /> } <br /> /** <br /> * 提交信息检测 <br /> * 错误返回error <br /> */ <br /> private function postFind($arr,$key) <br /> { <br /> if(emptyempty($arr))return false; <br /> $name = $title =$error =$find =$standard =null; <br /> // input NAME <br /> $name = trim($arr[0]); <br /> // input Title <br /> $title = trim($arr[2]); <br /> // 错误提示 <br /> $error = trim($arr[4]); <br /> // 检测类型 Y N <br /> $find = trim($arr[5]); <br /> // 检测标准 <br /> $standard = trim($arr[6]); <br /> // <br /> if(!emptyempty($standard))$this->error .=$this->ck_split($standard,$name,$title,$find,$error); <br /> // 转换为字符串 <br /> if(is_array($this->post[$name]))$this->post[$name] = implode(",",$this->post[$name]); <br /> // 转义或其他转化 <br /> $KKarray = array(); <br /> if(preg_match("/Y|N/is",$find)) <br /> { <br /> $KKarray = split("_", $find); <br /> // 转义或过滤 <br /> $escape_filter = (!emptyempty($KKarray[1]))?'ck_'.$KKarray[1]:''; <br /> // 输出通过检测的合法数据 <br /> $data = ($escape_filter)?$this->$escape_filter($this->post[$name]):$this->post[$name]; <br /> <br /> } <br /> else $data = ""; <br /> // 输出新的数据 <br /> return $data; <br /> } <br /> /** <br /> * 多选类表单生成 <br /> */ <br /> private function formSelect($type,$name,$value,$title,$style) <br /> { <br /> $outform = null; <br /> // 触发更新和提交动作时的初始 <br /> $nowvalue = (!emptyempty($this->post[$name]))?$this->post[$name]:$this->infoarray[$name]; <br /> // 兼容多选的识别,转为数组 <br /> if(!emptyempty($nowvalue))$valueArray = explode(",",$nowvalue); <br /> // 选项标题 <br /> if(is_array($title)) <br /> { <br /> array_unshift($title,'选择'); <br /> $titarray = array_values($title); <br /> }else $titarray = explode("|",$title); <br /> // 选项值 <br /> if(is_array($value)) <br /> { <br /> array_unshift($value,'选择'); <br /> $valarray = array_keys($value); <br /> if(emptyempty($title))$titarray = array_values($value); <br /> } <br /> else $valarray = explode("|",$value); <br /> // 取消表单的初始默认值 <br /> if(!emptyempty($this->post)&&!emptyempty($this->infoArray))$value = preg_replace("/Y_/i",'',$value); <br /> <br /> foreach ($valarray as $key =>$varl) <br /> { <br /> // 非默认的识别 <br /> if(!emptyempty($valueArray))$select = (in_array($varl,$valueArray))?'Y':''; <br /> // 判断是否为默认 <br /> else $select = (eregi("Y_",$varl))? 'Y':''; <br /> <br /> if($key >'0') <br /> { <br /> $_title=($titarray[$key])? $titarray[$key]:$title; <br /> switch ($type) <br /> { <br /> case 'select': <br /> if('Y' == $select)$select = 'selected'; <br /> $outform .= sprintf("%srn" <br /> ,$select,preg_replace("/Y_/i",'',$varl),$_title); <br /> <mark>6来源gaodaimacom搞#^代%!码网</mark><strong>搞gaodaima代码</strong> break; <br /> case 'radio': <br /> if('Y' == $select)$select = 'checked'; <br /> $outform .= sprintf("<label>%s</label>rn", <br /> $_title,$select,$name,$varl,$style); <br /> break; <br /> case 'checkbox': <br /> if('Y' == $select)$select = 'checked'; <br /> $outform .= sprintf("<label>%s</label>rn",$_title,$select,$name,$varl,$style); <br /> break; <br /> } <br /> $select =null; <br /> } <br /> } <br /> // 下拉选择 <br /> if($type =='select')$outform = sprintf('%s',$name,$style,$outform); <br /> return sprintf("<dt>%s</dt><dd>%s<tt id="J%s"></tt></dd>rn",$titarray[0],$outform,$name); <br /> } <br /> /** <br /> * 表单验证 及全部 ck_类函数 <br /> */ <br /> private function ck_split($standard,$name,$title,$find,$error) <br /> { <br /> // 非必填缺省跳过 <br /> if(eregi('N',$find) && emptyempty($this->post[$name]))return false; <br /> // 必填缺省检测 <br /> if(eregi('Y',$find) && emptyempty($this->post[$name]))return "["J{$name}","$error"],"; <br /> $t_error = null; <br /> // 多项检测 <br /> $arr = explode(',',$standard); <br /> // POST数据检测 <br /> if(!emptyempty($arr))foreach ($arr as $var) <br /> { <br /> if(trim($var)!='') <br /> { <br /> switch ($this->post) <br /> { <br /> case is_array($this->post[$name]): <br /> // 数组类的检测 <br /> foreach ($this->post[$name] as $_var) <br /> { <br /> $t_error.= ($this->ck_open($_var,trim($var)))?"":$error; <br /> if($t_error)break; <br /> } <br /> break; <br /> default: <br /> $t_error.= ($this->ck_open($this->post[$name],trim($var)))?"":$error; <br /> break; <br /> } <br /> if($t_error)break; <br /> } <br /> } <br /> return ($t_error)? "["J{$name}","$t_error"],":""; <br /> } <br /> // 函数调用 <br /> private function ck_open($string,$str) <br /> { <br /> $functi = $this->ck_detected($str); <br /> return ($this->$functi($string,$str))? true:false; <br /> } <br /> // 类型判断 <br /> private function ck_detected($str) <br /> { <br /> $detect = (eregi("^[a-zA-Z]*$",$str))? "{$str}Detect":'lengthDetect'; <br /> if(!in_array($detect,$this->array['class'])) <br /> { <br /> location('index.php',$ck,' Lack of function !!!'); <br /> } <br /> return $detect; <br /> } <br /> //-------------------------------------以下为检测函数可外部调用 <br /> // 长度 <br /> public function lengthDetect($string,$str){ <br /> $len = split('-',trim($str)); <br /> return (strlen($string) > ($len[0]-1) && strlen($string) < ($len[1]+1))? true:false; <br /> } <br /> // 价格 <br /> public function moneyDetect($str){ <br /> return preg_match("/^(-|+)?d+(.d+)?$/",$str); <br /> } <br /> // 邮件 <br /> public function emailDetect($str){ <br /> return preg_match("/^w+([-+.]w+)*@w+([-.]w+)*.w+([-.]w+)*$/", $str); <br /> } <br /> // 网址 <br /> public function urlDetect($str){ <br /> return preg_match("/^http://[A-Za-z0-9]+.[A-Za-z0-9]+[/=?%-&_~`@[]':+!]*([^"])*$/", $str); <br /> } <br /> // 数字型 <br /> public function numDetect($str){ <br /> return is_numeric($str); <br /> } <br /> // 中文 <br /> public function cnDetect($str){ <br /> return preg_match("/^[x7f-xff]+$/", $str); <br /> } <br /> // 字母 <br /> public function enDetect($str){ <br /> return preg_match("/^[A-Za-z]+$/", $str); <br /> } <br /> // 数字字母混合 <br /> public function numenDetect($str){ <br /> return preg_match("/^([a-zA-Z0-9_-])+$/",$str); <br /> } <br /> // 电话号码 <br /> public function telDetect($str){ <br /> return ereg("^[+]?[0-9]+([xX-][0-9]+)*$", $str); <br /> } <br /> // 敏感词 <br /> public function keyDetect($str){ <br /> return (!preg_match("/$badkey/i",$str)); <br /> } <br /> //-----------------------------------------------------输出 <br /> // 字符替换 <br /> public function ck_filter($str){ <br /> $str=(is_array($str))? implode(",",$str):$str; <br /> $str=nl2br($str); //将回车替换为<br> <br /> $str=htmlspecialchars($str); //将特殊字元转成 HTML 格式。 <br /> //$str=str_replace(array(" ",'<? '),array(" ",'< ?'),$str); //替换空格替换为 <br /> return $str; <br /> } <br /> // 转义 <br /> function ck_escape($str) <br /> { <br /> if (!get_magic_quotes_gpc())return addslashes($str); <br /> return $str; <br /> } <br /> // MD5加密 <br /> public function ck_md5($str){ <br /> return MD5($str); <br /> } <br /> // base64加密 <br /> public function ck_base64($str){ <br /> return base64_encode($str); <br /> } <br /> // 时间 <br /> function ck_time($str){ <br /> // time_r() 来在公用函数文件 <br /> if(!is_numeric($str)) <br /> { <br /> return time_r($str); <br /> } <br /> else return $str; <br /> } <br /> // 有条件注销(数字) <br /> public function ck_cancel($str){ <br /> return (!is_numeric($str))? $str:""; <br /> } <br /> // 无条件注销 <br /> public function ck_delete(){ <br /> return null; <br /> } <br /> // js错误提示 <br /> private function jsError() <br /> { <br /> if(emptyempty($this->error))return false; <br /> return " <br /> <script language=javascript> rn var error = new Array(".trim($this->error,',')."); <br /> rn for (i=0; i < error.length; i++){ <br /> rn document.getElementById(error[0]).innerHTML=error[1]; <br /> }rn </script> <br /> "; <br /> } <br />} <br /> <br />// 演示: <br />$form[1] =array( <br />'text'=>array('title','','产品名称','size=40','产品名称不可缺少!','Y','cn,1-30'), <br />'text1'=>array('categories','','产品名称','','','Y_base64'), <br />'select'=>array('superiors','||1|2|Y_3','产品类别|选择|1|2|3','','必选项','Y'), <br />'radio'=>array('superiors1','|1|Y_2|3','产品xun|产品1|产品2|产品3','','必选项','Y'), <br />'checkbox'=>array('superiors2',array(1=>'11',2=>'22',3=>'33'),'','','必选项','Y'), <br />'file'=>array('ddd','','文件'), <br />); <br />$form =array ( <br /> 'login' => <br /> array ( <br /> 'text' => <br /> array ( <br /> 0 => 'user', <br /> 1 => '', <br /> 2 => '用户名', <br /> 3 => 'size=20', <br /> 4 => '!', <br /> 5 => 'Y', <br /> 6 => 'numen,6-12', <br /> ), <br /> 'password' => <br /> array ( <br /> 0 => 'pass', <br /> 1 => '', <br /> 2 => '密 码', <br /> 3 => 'size=22', <br /> 4 => '密码格式错误!', <br /> 5 => 'Y_md5', <br /> 6 => 'numen,6-12', <br /> ), <br /> 'radio' => <br /> array ( <br /> 0 => 'time', <br /> 1 => '|7200|3600|1800', <br /> 2 => 'cookies有效时间|2小时|1小时|30分钟', <br /> 3 => '', <br /> 4 => '', <br /> 5 => 'N_delete', <br /> 6 => '', <br /> ), <br /> ), <br /> ); <br /> <br />// 表单提交效验 <br />$past = $_form->postForm($form['login']); <br />$dd = array('title'=>'标题','categories'=>'类别'); <br />// $dd 为已有的信息(如更新时的信息输出) POST数据位内部处理具有优先权<br />if(!emptyempty($past)) <br />{ <br /> echo "<pre class="prettyprint linenums">"; <br /> print_r($past); <br /> echo"
“;
}
echo ”;
echo $_form->formHtml($form[‘login’],$dd);
echo ”;
希望本文所述对大家的PHP程序设计有所帮助。
搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:php表单敏感字符过滤类_PHP
转载请注明原文链接:php表单敏感字符过滤类_PHP
