当我运行这个php脚本时,我一直在绞尽脑汁去理解为什么在我的页面上的每个文本框中都有斜杠(" /")。页面上的一切工作正常。我已经尝试了一切,但他们只是在那里。这里我的整个代码如下。谢谢你的帮助!
function validateInput($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else if (!preg_match('/[^A-Za-z]/', $data) == 0){
echo "\"$fieldName\" can only contain letters.<br />\n";
++$error;
$retval = "";
} else {
$retval = trim($stripslashes($data));
}
return ($retval);
}
function validateAddress($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else if (!preg_match('/[^0-9A-Za-z]/', $data)){
echo "\"$fieldName\" can only contain letters or numbers.<br />\n";
++$error;
$retval = "";
} else {
$retval = trim(stripslashes($data));
}
return ($retval);
}
function validateNumber($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else if (!is_numeric($data)){
echo "\"$fieldName\" must contain only numbers.<br />";
++$error;
$retval = "";
} else if (strlen($data) != 10){
echo "\"$fieldName\" must be 10 numbers long.<br />";
++$error;
$retval = "";
} else {
$retval = trim(stripslashes($data));
}
return ($retval);
}
function validateEmail($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else {
$retval = trim(stripslashes($input));
$pattern = "/^[\w-]+(\.[\w-]+)*@" .
"[\w-]+(\.[\w-]+)*" .
"(\.[a-z]{2,})$/i";
if (preg_match($pattern, $retval) == 0){
echo "\"$fieldName\" is not a valid email address.<br />\n";
++$error;
}
}
return($retval);
}
function displayForm($name, $email, $address, $phone){
include("header.html");
?>
<div class="center">
<form name="contact_us" action="contact_us.php" method="post">
<p>Your Name: <input type="text" name="name" value=<?php echo $name; ?> /></p>
<p>Your Email: <input type="text" name="email" value=<?php echo $email; ?> /></p>
<p>Your Address: <input type="text" name="address" value=<?php echo $address; ?> /></p>
<p>Your Phone Number: <input type="text" name="phone" value=<?php echo $phone;?> /></p>
<p><input type="submit" name="Submit" value="Send" />
<input type="reset" value="Clear"/>
</form>
</div>
<?php
include("footer.html");
}
$showForm = TRUE;
$error = 0;
$name = "";
$email = "";
$address = "";
$phone = "";
if (isset($_POST['Submit'])){
$name = validateInput($_POST['name'], "Name");
$email = validateEmail($_POST['email'], "Email");
$address = validateAddress($_POST['address'], "Address");
$phone = validateNumber($_POST['phone'], "Phone");
if ($error == 0)
$showForm = FALSE;
else
$showForm = TRUE;
}
if ($showForm == TRUE){
if ($error > 0)
echo "<p>Please re-enter the form information below.<br/>\n";
displayForm($name, $email, $address, $phone);
} else {
echo "Your contact information has been recorded. Thank you!";
}
?>
答案 0 :(得分:0)
您必须在以下行中引用value属性:
<input type="text" name="name" value=<?php echo $name; ?> />
如果$name为空,默认为true,则代码将缩减为
<input type="text" name="name" value=/ >
默认情况下,您的输入框中填充了/。要修复此错误(并避免其他可能的错误),请引用$name:
<input type="text" name="name" value="<?php echo htmlspecialchars($name); ?>" />
请注意,我还调用htmlspecialchars来阻止XSS。
答案 1 :(得分:0)
PHP默认在所有GET,POST和COOKIE数据上运行addslashes()。