PHP表单验证与数据过滤技术表单验证是Web开发的基础。后端验证是必不可少的不能依赖前端的验证。今天说说PHP中表单验证的实现。filter_var系列函数是PHP内置的验证工具。php$values [email testexample.com,url https://www.example.com,ip 192.168.1.1,];echo 邮箱: . (filter_var($values[email], FILTER_VALIDATE_EMAIL) ?: 无效) . \n;echo URL: . (filter_var($values[url], FILTER_VALIDATE_URL) ?: 无效) . \n;echo IP: . (filter_var($values[ip], FILTER_VALIDATE_IP) ?: 无效) . \n;$intVal filter_var(42, FILTER_VALIDATE_INT, [options [min_range 1, max_range 100]]);echo 整数: . ($intVal ! false ? $intVal : 无效) . \n;$boolVal filter_var(yes, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);echo 布尔值: . ($boolVal ! null ? ($boolVal ? true : false) : 无效) . \n;?一个完整的验证器实现。phpclass Validator{private array $data;private array $rules;private array $errors [];private array $validated [];public function __construct(array $data, array $rules){$this-data $data;$this-rules $rules;$this-validate();}public function fails(): bool { return !empty($this-errors); }public function errors(): array { return $this-errors; }public function validated(): array { return $this-validated; }private function validate(): void{foreach ($this-rules as $field $ruleSet) {$value $this-data[$field] ?? null;$rules is_string($ruleSet) ? explode(|, $ruleSet) : $ruleSet;foreach ($rules as $rule) {$error $this-applyRule($field, $value, $rule);if ($error ! null) {$this-errors[$field] $error;break;}}if (!isset($this-errors[$field])) {$this-validated[$field] $value;}}}private function applyRule(string $field, mixed $value, string $rule): ?string{$params [];if (str_contains($rule, :)) {[$rule, $paramStr] explode(:, $rule, 2);$params explode(,, $paramStr);}if ($value null || $value ) {if ($rule required) return {$field}不能为空;return null;}return match ($rule) {email !filter_var($value, FILTER_VALIDATE_EMAIL) ? {$field}不是有效的邮箱 : null,url !filter_var($value, FILTER_VALIDATE_URL) ? {$field}不是有效的URL : null,numeric !is_numeric($value) ? {$field}必须是数字 : null,integer !filter_var($value, FILTER_VALIDATE_INT) ? {$field}必须是整数 : null,min (float)$value (float)($params[0] ?? 0) ? {$field}不能小于{$params[0]} : null,max (float)$value (float)($params[0] ?? 0) ? {$field}不能大于{$params[0]} : null,min_length mb_strlen((string)$value) (int)($params[0] ?? 0) ? {$field}长度不能小于{$params[0]} : null,max_length mb_strlen((string)$value) (int)($params[0] ?? 0) ? {$field}长度不能大于{$params[0]} : null,in !in_array((string)$value, $params) ? {$field}不在允许的值范围内 : null,default null,};}}$data [name 张, email invalid, age 200];$rules [name required|min_length:2|max_length:50, email required|email, age required|numeric|min:1|max:150];$validator new Validator($data, $rules);if ($validator-fails()) {foreach ($validator-errors() as $field $error) {echo {$field}: {$error}\n;}} else {print_r($validator-validated());}?数据过滤和净化同样重要。php$dirtyInput [email testexa\tmple.com\n,string ,int abc123def456,];echo 净化邮箱: . filter_var($dirtyInput[email], FILTER_SANITIZE_EMAIL) . \n;echo 净化整数: . filter_var($dirtyInput[int], FILTER_SANITIZE_NUMBER_INT) . \n;echo 转义HTML: . htmlspecialchars($dirtyInput[string], ENT_QUOTES, UTF-8) . \n;?表单验证的关键是后端验证不可少不能依赖前端验证。验证规则要覆盖必填、格式、长度、范围等。好的表单系统能让前后端协作更高效也能提升用户体验。
PHP表单验证与数据过滤技术
发布时间:2026/6/8 13:03:34
PHP表单验证与数据过滤技术表单验证是Web开发的基础。后端验证是必不可少的不能依赖前端的验证。今天说说PHP中表单验证的实现。filter_var系列函数是PHP内置的验证工具。php$values [email testexample.com,url https://www.example.com,ip 192.168.1.1,];echo 邮箱: . (filter_var($values[email], FILTER_VALIDATE_EMAIL) ?: 无效) . \n;echo URL: . (filter_var($values[url], FILTER_VALIDATE_URL) ?: 无效) . \n;echo IP: . (filter_var($values[ip], FILTER_VALIDATE_IP) ?: 无效) . \n;$intVal filter_var(42, FILTER_VALIDATE_INT, [options [min_range 1, max_range 100]]);echo 整数: . ($intVal ! false ? $intVal : 无效) . \n;$boolVal filter_var(yes, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);echo 布尔值: . ($boolVal ! null ? ($boolVal ? true : false) : 无效) . \n;?一个完整的验证器实现。phpclass Validator{private array $data;private array $rules;private array $errors [];private array $validated [];public function __construct(array $data, array $rules){$this-data $data;$this-rules $rules;$this-validate();}public function fails(): bool { return !empty($this-errors); }public function errors(): array { return $this-errors; }public function validated(): array { return $this-validated; }private function validate(): void{foreach ($this-rules as $field $ruleSet) {$value $this-data[$field] ?? null;$rules is_string($ruleSet) ? explode(|, $ruleSet) : $ruleSet;foreach ($rules as $rule) {$error $this-applyRule($field, $value, $rule);if ($error ! null) {$this-errors[$field] $error;break;}}if (!isset($this-errors[$field])) {$this-validated[$field] $value;}}}private function applyRule(string $field, mixed $value, string $rule): ?string{$params [];if (str_contains($rule, :)) {[$rule, $paramStr] explode(:, $rule, 2);$params explode(,, $paramStr);}if ($value null || $value ) {if ($rule required) return {$field}不能为空;return null;}return match ($rule) {email !filter_var($value, FILTER_VALIDATE_EMAIL) ? {$field}不是有效的邮箱 : null,url !filter_var($value, FILTER_VALIDATE_URL) ? {$field}不是有效的URL : null,numeric !is_numeric($value) ? {$field}必须是数字 : null,integer !filter_var($value, FILTER_VALIDATE_INT) ? {$field}必须是整数 : null,min (float)$value (float)($params[0] ?? 0) ? {$field}不能小于{$params[0]} : null,max (float)$value (float)($params[0] ?? 0) ? {$field}不能大于{$params[0]} : null,min_length mb_strlen((string)$value) (int)($params[0] ?? 0) ? {$field}长度不能小于{$params[0]} : null,max_length mb_strlen((string)$value) (int)($params[0] ?? 0) ? {$field}长度不能大于{$params[0]} : null,in !in_array((string)$value, $params) ? {$field}不在允许的值范围内 : null,default null,};}}$data [name 张, email invalid, age 200];$rules [name required|min_length:2|max_length:50, email required|email, age required|numeric|min:1|max:150];$validator new Validator($data, $rules);if ($validator-fails()) {foreach ($validator-errors() as $field $error) {echo {$field}: {$error}\n;}} else {print_r($validator-validated());}?数据过滤和净化同样重要。php$dirtyInput [email testexa\tmple.com\n,string ,int abc123def456,];echo 净化邮箱: . filter_var($dirtyInput[email], FILTER_SANITIZE_EMAIL) . \n;echo 净化整数: . filter_var($dirtyInput[int], FILTER_SANITIZE_NUMBER_INT) . \n;echo 转义HTML: . htmlspecialchars($dirtyInput[string], ENT_QUOTES, UTF-8) . \n;?表单验证的关键是后端验证不可少不能依赖前端验证。验证规则要覆盖必填、格式、长度、范围等。好的表单系统能让前后端协作更高效也能提升用户体验。
 智能体独立站架构)
)
)
:多栏目适配开发 - 通用解析规则兼容差异化网页结构)
