php表单敏感字符过滤类


Posted in PHP onDecember 08, 2014

本文实例讲述了php表单敏感字符过滤类及其用法。分享给大家供大家参考。具体分析如下:

/** 

* 表单生成验证文件 

*/ 

$_form = new formHtmlFind(); 

class formHtmlFind{ 

        /** 

         * 输出表单函数 

         * $formKey  表单键 

         * $infoArray 更新时的原始信息数组 

         */ 

 

        public function formHtml($array,$infoArray='') 

        { 

                // 检测数组是否存在 

                if(emptyempty($array))return false; 

                $newform = null; 

                // 信息数组(更新信息) 

                $this->infoArray = !emptyempty($infoArray)?$infoArray:array(); 

                $this->array['class'] =  get_class_methods(get_class()); 

                foreach ($array as $key =>$arr) 

                { 

                        // 键值转换为纯英文 

                        $key = preg_replace("/[^a-z]/i",'',$key); 

                        // 生成表单 

                        $newform .= $this->outputForm($arr,$key); 

                } 

                // 输出表单 

                return $newform.$this->jsError(); 

        } 

        /** 

         * 生成表单函数 

         */ 

        private function outputForm($arr,$key) 

        { 

                $value = null; 

                if(emptyempty($arr))return false; 

                // input Type 

                $type   = $key; 

                // input NAME 

                $name   = trim($arr[0]); 

                // input 初始值 不包含多选,单选类 

                $value  = (!emptyempty($this->infoArray[$name]))? trim($this->infoArray[$name]):trim($arr[1]); 

                $value  = emptyempty($this->post[$name])? $value :trim($this->post[$name]); 

                // input Title 

                $title  = trim($arr[2]); 

                // 样式 

                $style  = trim($arr[3]); 

                if($key!=="hidden") 

                { 

                        $dt = "<dt>{$title}</dt><dd>"; 

                        // js错误提示 

                        $dd = "<tt id="J{$name}"></tt></dd>rn"; 

                } 

                return (!preg_match("/checkbox|select|radio/i",$key))? 

                $dt.$this->newInput($type,$name,$value,$style,$title).$dd: 

                $this->formSelect($type,$name,$arr[1],$title,$style); // 多选类 

        } 

        /** 

         * 提交数据检测 

         */ 

        public function postForm($array) 

        { 

                // 检测数组是否存在 

                if(emptyempty($array)||emptyempty($_POST))return false; 

                $this->post           =  $_POST; 

                $this->array['class'] =  get_class_methods(get_class()); 

                foreach ($array as $key =>$arr) 

                { 

                        // 键值转换为纯英文 

                        $key = preg_replace("/[^a-z]/i",'',$key); 

                        // 检测 注销file类表单 

                        if (!emptyempty($arr)&&'file' != $key)$newData[trim($arr[0])] = $this->postFind($arr,$key); 

                } 

                // 输出表单 

                if(!emptyempty($this->error)) 

                { 

                        return false; 

                } 

                else return $newData; 

        } 

        /** 

         * 生成表单 

         */ 

        private function newInput($type,$name,$value,$style,$title) 

        { 

                switch ($type) 

                { 

                        case 'text': 

                                // 单行文本 

                                return  "<input type="text" name="{$name}" value="{$value}" {$style}/>"; 

                                break; 

                        case 'password': 

                                //密码输入 

                                return "<input type="password" name="{$name}" {$style}/>"; 

                                break; 

                        case '': 

                                //多行文本 

                                return "<textarea name="{$name}" {$style}/>{$value}</textarea>"; 

                                break; 

                        case 'hidden': 

                                // 隐藏 

                                return "<input type="hidden" name="{$name}" value="{$value}" {$style}/>"; 

                                break; 

                        case 'file': 

                                // 文件上传 

                                return "<input type= "file"name="{$name}" {$style}/>"; 

                                break; 

                        case 'submit': 

                                // 提交 

                                return "<input type="submit" name="{$name}" value="$value" $style}/>"; 

                                break; 

                        default: 

                                return "{$type}类型错误!!!"; 

                                break; 

                } 

        } 

        /** 

         * 提交信息检测 

         * 错误返回error 

         */ 

        private function postFind($arr,$key) 

        { 

                if(emptyempty($arr))return false; 

                $name = $title =$error =$find =$standard =null; 

                // input NAME 

                $name     = trim($arr[0]); 

                // input Title 

                $title    = trim($arr[2]); 

                // 错误提示 

                $error    = trim($arr[4]); 

                // 检测类型 Y N 

                $find     = trim($arr[5]); 

                // 检测标准 

                $standard = trim($arr[6]); 

                // 

                if(!emptyempty($standard))$this->error .=$this->ck_split($standard,$name,$title,$find,$error); 

                // 转换为字符串 

                if(is_array($this->post[$name]))$this->post[$name] = implode(",",$this->post[$name]); 

                // 转义或其他转化 

                $KKarray = array(); 

                if(preg_match("/Y|N/is",$find)) 

                { 

                        $KKarray       = split("_", $find); 

                        // 转义或过滤 

                        $escape_filter = (!emptyempty($KKarray[1]))?'ck_'.$KKarray[1]:''; 

                        // 输出通过检测的合法数据 

                        $data          = ($escape_filter)?$this->$escape_filter($this->post[$name]):$this->post[$name]; 

 

                } 

                else  $data        = ""; 

                // 输出新的数据 

                return $data; 

        } 

        /** 

         * 多选类表单生成 

         */ 

        private function formSelect($type,$name,$value,$title,$style) 

        { 

                $outform = null; 

                // 触发更新和提交动作时的初始 

                $nowvalue = (!emptyempty($this->post[$name]))?$this->post[$name]:$this->infoarray[$name]; 

                // 兼容多选的识别,转为数组 

                if(!emptyempty($nowvalue))$valueArray = explode(",",$nowvalue); 

                // 选项标题 

                if(is_array($title)) 

                { 

                        array_unshift($title,'选择'); 

                        $titarray = array_values($title); 

                }else $titarray = explode("|",$title); 

                // 选项值 

                if(is_array($value)) 

                { 

                        array_unshift($value,'选择'); 

                        $valarray  = array_keys($value); 

                        if(emptyempty($title))$titarray = array_values($value); 

                } 

                else $valarray = explode("|",$value); 

                // 取消表单的初始默认值 

                if(!emptyempty($this->post)&&!emptyempty($this->infoArray))$value = preg_replace("/Y_/i",'',$value); 

 

                foreach ($valarray as $key =>$varl) 

                { 

                        // 非默认的识别 

                        if(!emptyempty($valueArray))$select   = (in_array($varl,$valueArray))?'Y':''; 

                        //  判断是否为默认 

                        else $select   = (eregi("Y_",$varl))? 'Y':''; 

 

                        if($key >'0') 

                        { 

                                $_title=($titarray[$key])? $titarray[$key]:$title; 

                                switch ($type) 

                                { 

                                        case 'select': 

                                                if('Y' == $select)$select = 'selected'; 

                                                $outform .=        sprintf("<option %s value="%s"/>%s</option>rn" 

                                                ,$select,preg_replace("/Y_/i",'',$varl),$_title); 

                                                break; 

                                        case 'radio': 

                                                if('Y' == $select)$select = 'checked'; 

                                                $outform .= sprintf("<label>%s<input %s type="radio" name="%s" value="%s" %s/></label>rn", 

                                                $_title,$select,$name,$varl,$style); 

                                                break; 

                                        case 'checkbox': 

                                                if('Y' == $select)$select = 'checked'; 

                                                $outform .= sprintf("<label>%s<input %s type="checkbox" name="%s[]" value="%s" %s/></label>rn",$_title,$select,$name,$varl,$style); 

                                                break; 

                                } 

                                $select =null; 

                        } 

                } 

                // 下拉选择 

                if($type =='select')$outform = sprintf('<select name="%s" %s>%s</select>',$name,$style,$outform); 

                return sprintf("<dt>%s</dt><dd>%s<tt id="J%s"></tt></dd>rn",$titarray[0],$outform,$name); 

        } 

        /** 

         * 表单验证 及全部 ck_类函数 

         */ 

        private function ck_split($standard,$name,$title,$find,$error) 

        { 

                //  非必填缺省跳过 

                if(eregi('N',$find) && emptyempty($this->post[$name]))return false; 

                // 必填缺省检测 

                if(eregi('Y',$find) && emptyempty($this->post[$name]))return "["J{$name}","$error"],"; 

                $t_error = null; 

                // 多项检测 

                $arr = explode(',',$standard); 

                // POST数据检测 

                if(!emptyempty($arr))foreach ($arr as $var) 

                { 

                        if(trim($var)!='') 

                        { 

                                switch ($this->post) 

                                { 

                                        case is_array($this->post[$name]): 

                                                // 数组类的检测 

                                                foreach ($this->post[$name] as $_var) 

                                                { 

                                                        $t_error.= ($this->ck_open($_var,trim($var)))?"":$error; 

                                                        if($t_error)break; 

                                                } 

                                                break; 

                                        default: 

                                                $t_error.= ($this->ck_open($this->post[$name],trim($var)))?"":$error; 

                                                break; 

                                } 

                                if($t_error)break; 

                        } 

                } 

                return ($t_error)? "["J{$name}","$t_error"],":""; 

        } 

        // 函数调用 

        private function ck_open($string,$str) 

        { 

                $functi = $this->ck_detected($str); 

                return ($this->$functi($string,$str))? true:false; 

        } 

        // 类型判断 

        private function ck_detected($str) 

        { 

                $detect = (eregi("^[a-zA-Z]*$",$str))? "{$str}Detect":'lengthDetect'; 

                if(!in_array($detect,$this->array['class'])) 

                { 

                        location('index.php',$ck,' Lack of function !!!'); 

                } 

                return $detect; 

        } 

        //-------------------------------------以下为检测函数可外部调用 

        // 长度 

        public function lengthDetect($string,$str){ 

                $len = split('-',trim($str)); 

                return (strlen($string) > ($len[0]-1) && strlen($string) < ($len[1]+1))? true:false; 

        } 

        // 价格 

        public function moneyDetect($str){ 

                return preg_match("/^(-|+)?d+(.d+)?$/",$str); 

        } 

        // 邮件 

        public function emailDetect($str){ 

                return preg_match("/^w+([-+.]w+)*@w+([-.]w+)*.w+([-.]w+)*$/", $str); 

        } 

        // 网址 

        public function urlDetect($str){ 

                return preg_match("/^http://[A-Za-z0-9]+.[A-Za-z0-9]+[/=?%-&_~`@[]':+!]*([^<>"])*$/", $str); 

        } 

        // 数字型 

        public function numDetect($str){ 

                return is_numeric($str); 

        } 

        // 中文 

        public function cnDetect($str){ 

                return preg_match("/^[x7f-xff]+$/", $str); 

        } 

        // 字母 

        public function enDetect($str){ 

                return preg_match("/^[A-Za-z]+$/", $str); 

        } 

        // 数字字母混合 

        public function numenDetect($str){ 

                return preg_match("/^([a-zA-Z0-9_-])+$/",$str); 

        } 

        // 电话号码 

        public function telDetect($str){ 

                return ereg("^[+]?[0-9]+([xX-][0-9]+)*$", $str); 

        } 

        // 敏感词 

        public function keyDetect($str){ 

                return (!preg_match("/$badkey/i",$str)); 

        } 

        //-----------------------------------------------------输出 

        // 字符替换 

        public function ck_filter($str){ 

                $str=(is_array($str))? implode(",",$str):$str; 

                $str=nl2br($str); //将回车替换为<br> 

                $str=htmlspecialchars($str); //将特殊字元转成 HTML 格式。 

                //$str=str_replace(array(" ",'<? '),array(" ",'< ?'),$str); //替换空格替换为 

                return $str; 

        } 

        // 转义 

        function ck_escape($str) 

        { 

                if (!get_magic_quotes_gpc())return addslashes($str); 

                return $str; 

        } 

        // MD5加密 

        public function ck_md5($str){ 

                return  MD5($str); 

        } 

        // base64加密 

        public function ck_base64($str){ 

                return  base64_encode($str); 

        } 

        // 时间 

        function ck_time($str){ 

                // time_r() 来在公用函数文件 

                if(!is_numeric($str)) 

                { 

                        return time_r($str); 

                } 

                else return $str; 

        } 

        // 有条件注销(数字) 

        public function ck_cancel($str){ 

                return (!is_numeric($str))? $str:""; 

        } 

        // 无条件注销 

        public function ck_delete(){ 

                return null; 

        } 

        // js错误提示 

        private function jsError() 

        { 

                if(emptyempty($this->error))return false; 

                return  " 

                <script  language=javascript> rn var error = new Array(".trim($this->error,',')."); 

                        rn for (i=0; i < error.length; i++){ 

                        rn document.getElementById(error[0]).innerHTML=error[1]; 

                         }rn </script> 

                "; 

        } 

} 

 

// 演示: 

$form[1] =array( 

'text'=>array('title','','产品名称','size=40','产品名称不可缺少!','Y','cn,1-30'), 

'text1'=>array('categories','','产品名称','','','Y_base64'), 

'select'=>array('superiors','||1|2|Y_3','产品类别|选择|1|2|3','','必选项','Y'), 

'radio'=>array('superiors1','|1|Y_2|3','产品xun|产品1|产品2|产品3','','必选项','Y'), 

'checkbox'=>array('superiors2',array(1=>'11',2=>'22',3=>'33'),'','','必选项','Y'), 

'file'=>array('ddd','','文件'), 

); 

$form =array ( 

  'login' =>  

  array ( 

    'text' =>  

    array ( 

      0 => 'user', 

      1 => '', 

      2 => '用户名', 

      3 => 'size=20', 

      4 => '!', 

      5 => 'Y', 

      6 => 'numen,6-12', 

    ), 

    'password' =>  

    array ( 

      0 => 'pass', 

      1 => '', 

      2 => '密 码', 

      3 => 'size=22', 

      4 => '密码格式错误!', 

      5 => 'Y_md5', 

      6 => 'numen,6-12', 

    ), 

    'radio' =>  

    array ( 

      0 => 'time', 

      1 => '|7200|3600|1800', 

      2 => 'cookies有效时间|2小时|1小时|30分钟', 

      3 => '', 

      4 => '', 

      5 => 'N_delete', 

      6 => '', 

    ), 

  ), 

  ); 

 

// 表单提交效验 

$past = $_form->postForm($form['login']); 

$dd = array('title'=>'标题','categories'=>'类别'); 

// $dd 为已有的信息(如更新时的信息输出) POST数据位内部处理具有优先权

if(!emptyempty($past)) 

{ 

        echo "<pre>"; 

        print_r($past); 

        echo"</pre>"; 

} 

echo '<form method="POST" NAME="PostTopic" action="" enctype="multipart/form-data" style="margin:0px;">'; 

echo $_form->formHtml($form['login'],$dd); 

echo '<input type="submit" value="Y" name="B1"></form>';

希望本文所述对大家的PHP程序设计有所帮助。

PHP 相关文章推荐
一个图形显示IP的PHP程序代码
Oct 19 PHP
php xml实例 留言本
Mar 20 PHP
深入了解 register_globals (附register_globals=off 网站打不开的解决方法)
Jun 27 PHP
PHP容易忘记的知识点分享
Apr 30 PHP
php加密解密函数authcode的用法详细解析
Oct 28 PHP
php 批量添加多行文本框textarea一行一个
Jun 03 PHP
php中限制ip段访问、禁止ip提交表单的代码分享
Aug 22 PHP
PHP编程实现脚本异步执行的方法
Aug 09 PHP
php通过各种函数判断0和空
Jul 04 PHP
jQuery ajax+PHP实现的级联下拉列表框功能示例
Feb 12 PHP
PHP实现图片防盗链破解操作示例【解决图片防盗链问题/反向代理】
May 29 PHP
laravel添加角色和模糊搜索功能的实现代码
Jun 22 PHP
php网页病毒清除类
Dec 08 #PHP
ThinkPHP入口文件设置及相关注意事项分析
Dec 05 #PHP
简单实用的PHP防注入类实例
Dec 05 #PHP
ThinkPHP连接数据库的方式汇总
Dec 05 #PHP
PHP生成RSS文件类实例
Dec 05 #PHP
php实现两表合并成新表并且有序排列的方法
Dec 05 #PHP
ThinkPHP中redirect用法分析
Dec 05 #PHP
You might like
php环境配置 php5 mysql5 apache2 phpmyadmin安装与配置
2006/11/17 PHP
通过PHP current函数获取未知字符键名数组第一个元素的值
2013/06/24 PHP
PHP基于yii框架实现生成ICO图标
2015/11/13 PHP
PHP设计模式之装饰器模式定义与用法详解
2018/04/02 PHP
IE8下String的Trim()方法失效的解决方法
2013/11/08 Javascript
jquery提交form表单时禁止重复提交的方法
2014/02/13 Javascript
JS实现生成会变大变小的圆环实例
2015/08/05 Javascript
jQuery实现下拉加载功能实例代码
2016/04/01 Javascript
js原生之焦点图转换加定时器实例
2016/12/12 Javascript
使用express+multer实现node中的图片上传功能
2018/02/02 Javascript
Vue+mui实现图片的本地缓存示例代码
2018/05/24 Javascript
vue+django实现一对一聊天功能的实例代码
2019/07/17 Javascript
深入探索VueJS Scoped CSS 实现原理
2019/09/23 Javascript
vue 通过绑定事件获取当前行的id操作
2020/07/27 Javascript
pycharm 使用心得(四)显示行号
2014/06/05 Python
PyMongo安装使用笔记
2015/04/27 Python
Django 生成登陆验证码代码分享
2017/12/12 Python
Python 实现选择排序的算法步骤
2018/04/22 Python
python实现nao机器人身体躯干和腿部动作操作
2019/04/29 Python
详解如何管理多个Python版本和虚拟环境
2019/05/10 Python
Python自动化运维之Ansible定义主机与组规则操作详解
2019/06/13 Python
使用Python串口实时显示数据并绘图的例子
2019/12/26 Python
利用PyQt5+Matplotlib 绘制静态/动态图的实现代码
2020/07/13 Python
Ubuntu 20.04安装Pycharm2020.2及锁定到任务栏的问题(小白级操作)
2020/10/29 Python
ALEX AND ANI:手镯,项链,耳环和更多
2017/04/20 全球购物
ZWILLING双立人英国网上商店:德国刀具锅具厨具品牌
2018/05/15 全球购物
美国Jeep配件购物网站:Morris 4×4 Center
2019/05/01 全球购物
Elizabeth Gage官网:英国最好的珠宝设计之一
2020/09/26 全球购物
linux面试相关问题
2013/04/28 面试题
白酒市场开发计划书
2014/01/09 职场文书
手机被没收检讨书
2014/02/22 职场文书
个人买房协议书范本
2014/10/06 职场文书
2014年音乐教师工作总结
2014/12/03 职场文书
小学班主任事迹材料
2014/12/17 职场文书
高二数学教学反思
2016/02/18 职场文书
利用Python将list列表写入文件并读取的方法汇总
2022/03/25 Python