如何制作一个提交给自己的 PHP 表单?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5826784/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I make a PHP form that submits to self?
提问by user544079
How do I make a self-posting/self-submitting form, i.e. a form that submits the results to itself, instead of submitting to another form?
我如何制作一个自我发布/自我提交的表格,即一个将结果提交给自己而不是提交给另一个表格的表格?
回答by Phphelp
The proper way would be to use $_SERVER["PHP_SELF"](in conjunction with htmlspecialcharsto avoid possible exploits). You can also just skip the action=part empty, which is not W3C valid, but currently works in most (all?) browsers - the default is to submit to self if it's empty.
正确的方法是使用$_SERVER["PHP_SELF"](结合htmlspecialchars以避免可能的漏洞利用)。您也可以跳过action=空白部分,这不是 W3C 有效的,但目前适用于大多数(所有?)浏览器 - 如果为空,默认是提交给 self 。
Here is an example form that takes a name and email, and then displays the values you have entered upon submit:
这是一个示例表单,它采用姓名和电子邮件,然后显示您在提交时输入的值:
<?php if (!empty($_POST)): ?>
Welcome, <?php echo htmlspecialchars($_POST["name"]); ?>!<br>
Your email is <?php echo htmlspecialchars($_POST["email"]); ?>.<br>
<?php else: ?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
Name: <input type="text" name="name"><br>
Email: <input type="text" name="email"><br>
<input type="submit">
</form>
<?php endif; ?>
回答by tere?ko
I guess , you means $_SERVER['PHP_SELF']. And if so , you really shouldn't use it without sanitizing it first. This leaves you open to XSS attacks.
我猜,你的意思是$_SERVER['PHP_SELF']。如果是这样,你真的不应该在没有先消毒的情况下使用它。这让您容易受到 XSS 攻击。
The if(isset($_POST['submit']))condition should be above all the HTML output, and should contain a header()function with a redirect to current page again (only now , with some nice notice that "emails has been sent" .. or something ). For that you will have to use $_SESSIONor $_COOKIE.
该if(isset($_POST['submit']))条件应高于所有的HTML输出,并且应包含一个header()又一个重定向至当前页面功能(仅现在,有了一些不错的通知,“邮件已发送” ..或东西)。为此,您必须使用$_SESSION或$_COOKIE。
And please. Stop using $_REQUEST. It too poses a security threat.
并且请。停止使用$_REQUEST。它也构成了安全威胁。
回答by alex
That will only work if register_globalsis on, and it should never be on(unless of course you are defining that variable somewhere else).
这仅register_globals在打开时才有效,并且永远不应该打开(除非您在其他地方定义该变量)。
Try setting the form's actionattribute to ?...
尝试将form的action属性设置为?...
<form method="post" action="?">
...
</form>
You can also set it to be blank (""), but older WebKit versions had a bug.
您也可以将其设置为空白 ( ""),但较旧的 WebKit 版本有一个错误。
回答by Robot Boy
Try this
尝试这个
<form method="post" id="reg" name="reg" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"
<form method="post" id="reg" name="reg" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"
Works well :)
效果很好 :)
回答by Itay Moav -Malimovka
change
<input type="submit" value="Submit" />
to<input type="submit" value="Submit" name='submit'/>change
<form method="post" action="<?php echo $PHP_SELF;?>">
to<form method="post" action="">- It will perform the code in
ifonly when it is submitted. - It will always show the form (html code).
- what exactly is your question?
更改
<input type="submit" value="Submit" />
为<input type="submit" value="Submit" name='submit'/>更改
<form method="post" action="<?php echo $PHP_SELF;?>">
为<form method="post" action="">- 它
if只会在提交时执行代码。 - 它将始终显示表单(html 代码)。
- 你的问题究竟是什么?
回答by David Fells
Your submit button doesn't have a name. Add name="submit" to your submit button.
您的提交按钮没有名称。将 name="submit" 添加到您的提交按钮。
If you view source on the form in the browser, you'll see how it submits to self - the form's action attribute will contain the name of the current script - therefore when the form submits, it submits to itself. Edit for vanity sake!
如果您在浏览器中查看表单上的源代码,您将看到它如何提交给 self - 表单的 action 属性将包含当前脚本的名称 - 因此当表单提交时,它会提交给自身。为了虚荣而编辑!
