我的JQuery没有激活sanitize函数。我需要从输入字段名取值,清理它(使用santize函数)并在路径输入字段中显示它。为什么不工作?我使用PHP 5.3和HEIDISQL
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?php
include('conect.php');
if(($_POST)&&(!empty($_POST['name']))&&(!empty($_POST['path'])) ){
$name=$_POST['name'];
$path=$_POST['path'];
function sanitize($title) {
$title = strip_tags($title);
// Preserve escaped octets.
$title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title);
// Remove percent signs that are not part of an octet.
$title = str_replace('%', '', $title);
// Restore octets.
$title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title);
if (seems_utf8($title)) {
if (function_exists('mb_strtolower')) {
$title = mb_strtolower($title, 'UTF-8');
}
$title = utf8_uri_encode($title, 200);
}
$title = strtolower($title);
$title = preg_replace('/&.+?;/', '', $title); // kill entities
$title = str_replace('.', '-', $title);
$title = preg_replace('/[^%a-z0-9 _-]/', '', $title);
$title = preg_replace('/\s+/', '-', $title);
$title = preg_replace('|-+|', '-', $title);
$title = trim($title, '-');
return $title;
}
mysql_query("UPDATE menus SET name='$name' , path='$path'");
}
?>
<html>
<head>
<script>
$(document).ready(
function(){
$("#name").change(function(){
$("#path").sanitize("name").val();
});
} );
</script>
</head>
<body>
<form action="<?php $_PHP_SELF ?>" method="post">
<label for="nume">Name</label><input type="text" name="name" />
<label for="cale">Path</label><input type="text" name="path" />
<input type="submit" name="submit"/>
</form>
</body>
</html>
答案 0 :(得分:1)
因为其余的是PHP代码,您以Javascript
运行答案 1 :(得分:1)
它无法正常工作,因为它是用PHP编写的,并且您尝试在客户端运行它,就好像它是JavaScript一样。
您不能相信客户端会向您发送已清理的数据 - 您无法控制客户端。