<?php
header('Content-Type: text/html; charset=utf-8');
//初始化
$username=$password=$content='';
//判断是否是POST提交过来的数据
if($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['userForm'])){
$username = baseFilter($_POST["username"]);
$password = baseFilter($_POST["password"]);
$content = baseFilter($_POST["content"]);
}
//过滤多余的内容,便于成功提交到数据库
function baseFilter($data) {
//移除字符串两侧的空白字符
$data = trim($data);
//用于清理从数据库中或者从 HTML 表单中取回的数据
//删除由 addslashes()函数添加的反斜杠
//$data = stripslashes($data); //例如:123\'456 变成 123'456
//把预定义的字符转换为 HTML 实体
//$data = htmlspecialchars($data);
$data = htmlspecialchars($data,ENT_QUOTES); //不管是双引号还是单引号都编码
return $data;
}
?>
<!DOCTYPE html>
<html lang="zh">
<head>
<meta charset="UTF-8">
<title>PHP POST提交</title>
</head>
<body>
<!-- POST 提交给自身 -->
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<p>姓名:<input type="text" name="username"></p>
<p>密码:<input type="text" name="password"></p>
<p>内容:<textarea name="content"></textarea></p>
<input type="submit" name="userForm" value="提交" />
</form>
<?php
if($username!=null || $password!=null || $content!=null){
echo 'POST提交成功!<br>';
echo "姓名:$username 密码:$password <br>内容:$content";
}
?>
</body>
</html>
效果图: