dream0614 2011-12-24 22:45
浏览 45
已采纳

不理解PHP中的这些$ _POST,数组和验证技术

I'm learning by way of tutorials, and the instructor used a validation routine that I'm confused about.

On the form page, he has input fields with the following names:

  • menu_name
  • position
  • visible

On the form processing page, he has the following block of php (let's call it block A):

$menu_name = mysql_prep($_POST['menu_name']);
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);

Below this block is another php block that inserts the data into MySQL -- this all works fine.

He then added the following php block above block A (let's call it block B):

$errors = array();
$required_fields = array('menu_name', 'position', 'visible');

foreach ($required_fields as $fieldname) {
    if (!isset($_POST[$fieldname]) || empty($_POST[$fieldname])) {
        $errors[] = $fieldname;
    } 
}   
if (!empty($errors)) {
    redirect_to("new_subject.php");
    exit;
}

Question 1

I'm confused why in his $required_fields array, he is referencing the field names directly. Why not move block A above block B and then just reference the variables that were assigned from the $_POST?

Then just use those variables in the if statement within the foreach loop.

I guess I'm asking if my alternative approach is valid? Is there an apparent reason for why he took his approach?

(FYI the mysql_prep is a custom function he built to remove slashes and such.)

Question 2

If I'm understanding his code correctly, his first if statement is testing if the $fieldname is !isset (i.e. not set) or empty.

What's the difference? Since I don't know the difference, I'm also not clear on why he used the || operator. Can you please explain?

Question 3

And finally, it seems his first if statement is capturing any errors and putting them into the $errors array at the top of block B.

He then uses a second if statement to check if that $errors array has anything in it, and re-directs + exits if it does.

Is there a discernible reason for this approach? In my mind, it seems the first if statement could redirect + exit if any errors were found. Why capture them in that $errors array?

  • 写回答

3条回答 默认 最新

  • dqol6556 2011-12-24 22:56
    关注

    Question 1

    What happens here is he checks for the existence of certain variables first. If they do not exist, you need to redirect.
    I don't know what the prep function does, but it would be illogical to call a prep function on a possible empty variable. You could turn it around, but that would be.. well.. turning stuff around ;)

    First check if you've got all you need, and then start cleaning up.

    Question 2

    Not set means it is not available in the POST. This will happen for checkboxes (if you don't check them , they don't excist. Text inputs will be empty.
    Even if you have only text inputs, it is good for to be sure that they exist (there could be a problem in the calling post, someone might be hacking your form), before you check their contents: PHP is very forgiving ofcourse, but it's not really nice to check the contents of something that does not exist.

    Summary: isset is looking if it is there at all, and empty is checking what it's value is.

    Question 3

    You could put the redirect and exit statements in the if, and this would be a tiny bit faster. But not so much, and what you do is unexpected for some programmers: you change the flow of the program somewhere in the middle of a loop (2 loops). This is readable for me, but I don't see any problem with exiting at the first 'error'.

    Later on you might want to do something with the missing POST values (all of them), like giving them a certain class, so that's a possible reason to do it this way later on?

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 组策略中的计算机配置策略无法下发
  • ¥15 机器学习简单问题解决
  • ¥15 如何绘制动力学系统的相图
  • ¥15 对接wps接口实现获取元数据
  • ¥20 给自己本科IT专业毕业的妹m找个实习工作
  • ¥15 用友U8:向一个无法连接的网络尝试了一个套接字操作,如何解决?
  • ¥30 我的代码按理说完成了模型的搭建、训练、验证测试等工作(标签-网络|关键词-变化检测)
  • ¥50 mac mini外接显示器 画质字体模糊
  • ¥15 TLS1.2协议通信解密
  • ¥40 图书信息管理系统程序编写