Ajax 提交表单数据到入库的全盘操作流程分享
2024-09-01 08:28:54
供稿:网友
*******php项目中当我们要对数据库进行写入操作时,有时会因为代码没有做防sql注入工作,导致各种不可预知的错误*******
1,index.htm 这是一个很简单的注册页面l 我这是以ajax形式提交数据
代码如下:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>RegisterForm</title>
<script type="text/javascript" src='jquery-1.3.1.js'></script>
</head>
<body>
<h1>This is a test form! </h1>
<font color="#8b0000"><table class='tb' border="0" cellpadding="5" cellspacing=0>
<form action='_process.php' method='post' enctype='multipart/form-data'>
<tr><td class="tdleft"><em>user :</em></td><td><input type='text' id='name' name='name' value='' size=15/></td></tr>
<tr><td class="tdleft"><em>ages : </em></td><td><input type='text' id='ages' name='ages' value='' size=15/></td></tr>
<tr><td class="tdleft"><em>pass : </em></td><td><input type='password' id='password' name='password' value='' size=15/></td></tr>
<tr><td class="tdleft"><em>addr : </em></td><td><input type='text' id='addr' name='addr' value='' size=15/></td></tr>
<tr><td class="tdleft"><em>email : </em></td><td><input type='text' name='email' id='email' value='' size=15/></td></tr>
<tr><td class="tdleft"><input type='button' value='register' id="but"/></td><td><input type='reset' value='reseting'/></td></tr>
</form>
</table></font>
<span id='msg' style='display:none'>正在加载... ...</span>
<p id="result" class=""></p>
<style type="text/css">
body{text-align:center;}
.error{color:red;}
.tb{margin:0 auto;width:350px;height:200px;text-align:center;}
.tdleft{width:150px;text-align:left;}
</style>
<script type='text/javascript'>
$("#but").click(function(){
var name = $.trim($("#name").val());
var ages = $.trim($("#ages").val());
var pn = /^/d+$/;
var addr = $.trim($("#addr").val());
var pass = $.trim($("#password").val());
var email = $.trim($("#email").val());
var reg = /^[a-zA-Z0-9_]+@[a-zA-Z0-9_]+(/.[a-zA-Z]+)+$/gi;
if(name.length==0){
alert("请认真填写姓名!");return false;
}
if(ages.length==0){
alert("请填写年龄!");return false;
}
if(!pn.test(ages)){
alert("请填写有效数字!");return false;
}
if(pass.length==0||pass.length>6){
alert("请认真填写密码!");return false;
