Using $_POST += array() for default values

时间:2022-07-01 12:33:13

I'm finishing up a small contact form and had a question about providing default values for $_POST. The reason I'm asking about default values is because within my form I have fields like this:

我正在填写一份小型联系表格,并提出了一个关于为$ _POST提供默认值的问题。我询问默认值的原因是因为在我的表单中我有这样的字段:

<input type="text" name="fullname" value="<?php echo $_POST['fullname']; ?>" />

Clearly I would like to retain the submitted value if I do not permit the data to clear. This raises errors when the page is first loaded, since there is no value for $_POST['fullname'].

显然,如果我不允许数据清除,我想保留提交的值。这会在首次加载页面时引发错误,因为$ _POST ['fullname']没有值。

To my question: is there anything I should be concerend about providing default values to the $_POST array like I'm doing in the next code-sample:

对于我的问题:对于为$ _POST数组提供默认值,有什么我应该承认的,就像我在下一个代码示例中所做的那样:

$_POST += array(
  'fullname' = '',
);

If $_POST['fullname'] already exists, it will be retained - if it doesn't, it will be created within the array. This way, upon loading the form, blank values will be presented in the input fields.

如果$ _POST ['fullname']已经存在,它将被保留 - 如果不存在,它将在数组中创建。这样,在加载表单时,空白值将显示在输入字段中。

Don't worry, all
I sanitize my data
Thank you for the help

别担心,我只是清理我的数据谢谢你的帮助

3 个解决方案

#1


2  

Even if you are doing so, put that data in your container, do not modify superglobals. Create class that'll contain your data - then you'll have the interface do sanitize, manipulate and get it te proper way. Import data from $_POST and then validate, if all necessary values are in.

即使您这样做,也要将这些数据放入容器中,不要修改超级全局。创建将包含您的数据的类 - 然后您将使接口执行清理,操作并以正确的方式获取它。从$ _POST导入数据,然后验证是否包含所有必需值。

As for code:

至于代码:

<?php
class PostData
    {
    private $data;

    public function __construct(array $data)
        {
        $this->data = is_array($data)
            ? $data
            : array();
        }

    public function set($key, $value)
        {
        $this->data[$key] = $value;
        }

    public function get($key, $default, $escaping)
        {
        if(isset($this->data[$key]))
            {
            switch($escaping)
                {
                case 'htmlspecialchars':
                    {
                    return htmlspecialchars($this->data[$key]);
                    break;
                    }
                case 'mysql_real_escape_string':
                    {
                    return mysql_real_escape_string($this->data[$key]);
                    break;
                    }
                // and so on, your invention goes here
                default:
                    {
                    return $this->data[$key];
                    }
                }
            }
        else
            {
            return $default;
            }
        }
    }

$postData = new PostData($_POST);

#2


2  

Create function:

创建功能:

function displayValue($field) {
  if(isset($_POST[$field])) {
    echo 'value="' . htmlentities($_POST[$field]) . '"';
  }
}

And then use like:

然后使用像:

<input type="text" name="fullname" <?php displayValue('fullname'); ?> />

#3


0  

You can also do it like this:

你也可以这样做:

<?php echo empty($_POST['fullname']) ? null : $_POST['fullname']; ?>

#1


2  

Even if you are doing so, put that data in your container, do not modify superglobals. Create class that'll contain your data - then you'll have the interface do sanitize, manipulate and get it te proper way. Import data from $_POST and then validate, if all necessary values are in.

即使您这样做,也要将这些数据放入容器中,不要修改超级全局。创建将包含您的数据的类 - 然后您将使接口执行清理,操作并以正确的方式获取它。从$ _POST导入数据,然后验证是否包含所有必需值。

As for code:

至于代码:

<?php
class PostData
    {
    private $data;

    public function __construct(array $data)
        {
        $this->data = is_array($data)
            ? $data
            : array();
        }

    public function set($key, $value)
        {
        $this->data[$key] = $value;
        }

    public function get($key, $default, $escaping)
        {
        if(isset($this->data[$key]))
            {
            switch($escaping)
                {
                case 'htmlspecialchars':
                    {
                    return htmlspecialchars($this->data[$key]);
                    break;
                    }
                case 'mysql_real_escape_string':
                    {
                    return mysql_real_escape_string($this->data[$key]);
                    break;
                    }
                // and so on, your invention goes here
                default:
                    {
                    return $this->data[$key];
                    }
                }
            }
        else
            {
            return $default;
            }
        }
    }

$postData = new PostData($_POST);

#2


2  

Create function:

创建功能:

function displayValue($field) {
  if(isset($_POST[$field])) {
    echo 'value="' . htmlentities($_POST[$field]) . '"';
  }
}

And then use like:

然后使用像:

<input type="text" name="fullname" <?php displayValue('fullname'); ?> />

#3


0  

You can also do it like this:

你也可以这样做:

<?php echo empty($_POST['fullname']) ? null : $_POST['fullname']; ?>