PHP 最简单的表单验证库? [关闭]
Posted
技术标签:
【中文标题】PHP 最简单的表单验证库? [关闭]【英文标题】:Easiest Form validation library for PHP? [closed] 【发布时间】:2010-10-18 18:04:31 【问题描述】:我需要一个简单的 php 库,它可以用来轻松地将规则和字段名称传递给,然后可以轻松地执行验证。还应该有一种简单的方法来检索错误。
有什么建议吗?
【问题讨论】:
你可以试试github.com/skpaul/legitimate 【参考方案1】:我自己编写了一个简单的类,将我多年来收集的一些正则表达式与 PHP 的 sanatize 和 filter 函数结合起来。
<?
/**
* Pork Formvalidator. validates fields by regexes and can sanatize them. Uses PHP filter_var built-in functions and extra regexes
* @package pork
*/
/**
* Pork.FormValidator
* Validates arrays or properties by setting up simple arrays
*
* @package pork
* @author SchizoDuckie
* @copyright SchizoDuckie 2009
* @version 1.0
* @access public
*/
class FormValidator
public static $regexes = Array(
'date' => "^[0-9]4[-/][0-9]1,2[-/][0-9]1,2\$",
'amount' => "^[-]?[0-9]+\$",
'number' => "^[-]?[0-9,]+\$",
'alfanum' => "^[0-9a-zA-Z ,.-_\\s\?\!]+\$",
'not_empty' => "[a-z0-9A-Z]+",
'words' => "^[A-Za-z]+[A-Za-z \\s]*\$",
'phone' => "^[0-9]10,11\$",
'zipcode' => "^[1-9][0-9]3[a-zA-Z]2\$",
'plate' => "^([0-9a-zA-Z]2[-])2[0-9a-zA-Z]2\$",
'price' => "^[0-9.,]*(([.,][-])|([.,][0-9]2))?\$",
'2digitopt' => "^\d+(\,\d2)?\$",
'2digitforce' => "^\d+\,\d\d\$",
'anything' => "^[\d\D]1,\$"
);
private $validations, $sanatations, $mandatories, $errors, $corrects, $fields;
public function __construct($validations=array(), $mandatories = array(), $sanatations = array())
$this->validations = $validations;
$this->sanatations = $sanatations;
$this->mandatories = $mandatories;
$this->errors = array();
$this->corrects = array();
/**
* Validates an array of items (if needed) and returns true or false
*
*/
public function validate($items)
$this->fields = $items;
$havefailures = false;
foreach($items as $key=>$val)
if((strlen($val) == 0 || array_search($key, $this->validations) === false) && array_search($key, $this->mandatories) === false)
$this->corrects[] = $key;
continue;
$result = self::validateItem($val, $this->validations[$key]);
if($result === false)
$havefailures = true;
$this->addError($key, $this->validations[$key]);
else
$this->corrects[] = $key;
return(!$havefailures);
/**
*
* Adds unvalidated class to thos elements that are not validated. Removes them from classes that are.
*/
public function getScript()
if(!empty($this->errors))
$errors = array();
foreach($this->errors as $key=>$val) $errors[] = "'INPUT[name=$key]'";
$output = '$$('.implode(',', $errors).').addClass("unvalidated");';
$output .= "alert('there are errors in the form');"; // or your nice validation here
if(!empty($this->corrects))
$corrects = array();
foreach($this->corrects as $key) $corrects[] = "'INPUT[name=$key]'";
$output .= '$$('.implode(',', $corrects).').removeClass("unvalidated");';
$output = "<script type='text/javascript'>$output </script>";
return($output);
/**
*
* Sanatizes an array of items according to the $this->sanatations
* sanatations will be standard of type string, but can also be specified.
* For ease of use, this syntax is accepted:
* $sanatations = array('fieldname', 'otherfieldname'=>'float');
*/
public function sanatize($items)
foreach($items as $key=>$val)
if(array_search($key, $this->sanatations) === false && !array_key_exists($key, $this->sanatations)) continue;
$items[$key] = self::sanatizeItem($val, $this->validations[$key]);
return($items);
/**
*
* Adds an error to the errors array.
*/
private function addError($field, $type='string')
$this->errors[$field] = $type;
/**
*
* Sanatize a single var according to $type.
* Allows for static calling to allow simple sanatization
*/
public static function sanatizeItem($var, $type)
$flags = NULL;
switch($type)
case 'url':
$filter = FILTER_SANITIZE_URL;
break;
case 'int':
$filter = FILTER_SANITIZE_NUMBER_INT;
break;
case 'float':
$filter = FILTER_SANITIZE_NUMBER_FLOAT;
$flags = FILTER_FLAG_ALLOW_FRACTION | FILTER_FLAG_ALLOW_THOUSAND;
break;
case 'email':
$var = substr($var, 0, 254);
$filter = FILTER_SANITIZE_EMAIL;
break;
case 'string':
default:
$filter = FILTER_SANITIZE_STRING;
$flags = FILTER_FLAG_NO_ENCODE_QUOTES;
break;
$output = filter_var($var, $filter, $flags);
return($output);
/**
*
* Validates a single var according to $type.
* Allows for static calling to allow simple validation.
*
*/
public static function validateItem($var, $type)
if(array_key_exists($type, self::$regexes))
$returnval = filter_var($var, FILTER_VALIDATE_REGEXP, array("options"=> array("regexp"=>'!'.self::$regexes[$type].'!i'))) !== false;
return($returnval);
$filter = false;
switch($type)
case 'email':
$var = substr($var, 0, 254);
$filter = FILTER_VALIDATE_EMAIL;
break;
case 'int':
$filter = FILTER_VALIDATE_INT;
break;
case 'boolean':
$filter = FILTER_VALIDATE_BOOLEAN;
break;
case 'ip':
$filter = FILTER_VALIDATE_IP;
break;
case 'url':
$filter = FILTER_VALIDATE_URL;
break;
return ($filter === false) ? false : filter_var($var, $filter) !== false ? true : false;
现在,对于您在此处看到的某些 javascript,这需要 mootools,但您可以轻松地将其更改为您最喜欢的 javascript 框架。它所做的只是查找元素,并向其添加“未验证”的 CSS 类。
使用就像我一直想要的一样简单:
例子:
$validations = array(
'name' => 'anything',
'email' => 'email',
'alias' => 'anything',
'pwd'=>'anything',
'gsm' => 'phone',
'birthdate' => 'date');
$required = array('name', 'email', 'alias', 'pwd');
$sanatize = array('alias');
$validator = new FormValidator($validations, $required, $sanatize);
if($validator->validate($_POST))
$_POST = $validator->sanatize($_POST);
// now do your saving, $_POST has been sanatized.
die($validator->getScript()."<script type='text/javascript'>alert('saved changes');</script>");
else
die($validator->getScript());
只验证一个元素:
$validated = new FormValidator()->validate('blah@bla.', 'email');
只净化一个元素:
$sanatized = new FormValidator()->sanatize('<b>blah</b>', 'string');
这个类最酷的地方在于,您可以发送带有 ajax 或 iframe 目标的表单并执行生成的脚本。无需刷新页面或将相同的表单数据重新发送回浏览器 :) 此外,如果脚本需要更改,没有难以分析的过度设计框架,只需按您想要的方式更改即可 :)
哦,是的,您可以随意在任何您想要的地方使用它。没有许可证
【讨论】:
请注意,这不适用于 5.2 之前的 PHP 版本,因为您使用的是 filter_var 我猜你应该用array_key_exists ($key,$this->validations)替换array_search($key, $this->validations)。对吗?
不是每个人都使用 moo-tools。
@kta 看看这篇文章的发布日期。 6 岁了
@ŕ̷͉ge̸ḓ̶̅i̷t:绝对不是。使用 Laravel、Symfony 等框架或除此之外的任何其他框架。【参考方案2】:
上面 SchizoDuckie 的回答太棒了。在获得作者许可的情况下,我在我正在从事的项目中使用了他的代码。我使用此代码时遇到的一个问题是,如果未提交必填字段,则不会注册错误。我已经修改了代码以涵盖这种情况。我还删除了生成 html 和 javascript 的代码,因为我的项目要求将 UI 与每个 MVC 模式的逻辑分开。修改后的代码只返回 JSON 编码的结果。我在这里重新发布修改后的代码,以防对其他人有用。
<?
/**
* Pork Formvalidator. validates fields by regexes and can sanatize them. Uses PHP filter_var built-in functions and extra regexes
* @package pork
*/
/**
* Pork.FormValidator
* Validates arrays or properties by setting up simple arrays
*
* @package pork
* @author SchizoDuckie
* @copyright SchizoDuckie 2009
* @version 1.0
* @access public
*/
class FormValidator
public static $regexes = Array(
'date' => "^[0-9]4[-/][0-9]1,2[-/][0-9]1,2\$",
'amount' => "^[-]?[0-9]+\$",
'number' => "^[-]?[0-9,]+\$",
'alfanum' => "^[0-9a-zA-Z ,.-_\\s\?\!]+\$",
'not_empty' => "[a-z0-9A-Z]+",
'words' => "^[A-Za-z]+[A-Za-z \\s]*\$",
'phone' => "^[0-9]10,11\$",
'zipcode' => "^[1-9][0-9]3[a-zA-Z]2\$",
'plate' => "^([0-9a-zA-Z]2[-])2[0-9a-zA-Z]2\$",
'price' => "^[0-9.,]*(([.,][-])|([.,][0-9]2))?\$",
'2digitopt' => "^\d+(\,\d2)?\$",
'2digitforce' => "^\d+\,\d\d\$",
'anything' => "^[\d\D]1,\$",
'username' => "^[\w]3,32\$"
);
private $validations, $sanatations, $mandatories, $equal, $errors, $corrects, $fields;
public function __construct($validations=array(), $mandatories = array(), $sanatations = array(), $equal=array())
$this->validations = $validations;
$this->sanatations = $sanatations;
$this->mandatories = $mandatories;
$this->equal = $equal;
$this->errors = array();
$this->corrects = array();
/**
* Validates an array of items (if needed) and returns true or false
*
* JP modofied this function so that it checks fields even if they are not submitted.
* for example the original code did not check for a mandatory field if it was not submitted.
* Also the types of non mandatory fields were not checked.
*/
public function validate($items)
$this->fields = $items;
$havefailures = false;
//Check for mandatories
foreach($this->mandatories as $key=>$val)
if(!array_key_exists($val,$items))
$havefailures = true;
$this->addError($val);
//Check for equal fields
foreach($this->equal as $key=>$val)
//check that the equals field exists
if(!array_key_exists($key,$items))
$havefailures = true;
$this->addError($val);
//check that the field it's supposed to equal exists
if(!array_key_exists($val,$items))
$havefailures = true;
$this->addError($val);
//Check that the two fields are equal
if($items[$key] != $items[$val])
$havefailures = true;
$this->addError($key);
foreach($this->validations as $key=>$val)
//An empty value or one that is not in the list of validations or one that is not in our list of mandatories
if(!array_key_exists($key,$items))
$this->addError($key, $val);
continue;
$result = self::validateItem($items[$key], $val);
if($result === false)
$havefailures = true;
$this->addError($key, $val);
else
$this->corrects[] = $key;
return(!$havefailures);
/* JP
* Returns a JSON encoded array containing the names of fields with errors and those without.
*/
public function getJSON()
$errors = array();
$correct = array();
if(!empty($this->errors))
foreach($this->errors as $key=>$val) $errors[$key] = $val;
if(!empty($this->corrects))
foreach($this->corrects as $key=>$val) $correct[$key] = $val;
$output = array('errors' => $errors, 'correct' => $correct);
return json_encode($output);
/**
*
* Sanatizes an array of items according to the $this->sanatations
* sanatations will be standard of type string, but can also be specified.
* For ease of use, this syntax is accepted:
* $sanatations = array('fieldname', 'otherfieldname'=>'float');
*/
public function sanatize($items)
foreach($items as $key=>$val)
if(array_search($key, $this->sanatations) === false && !array_key_exists($key, $this->sanatations)) continue;
$items[$key] = self::sanatizeItem($val, $this->validations[$key]);
return($items);
/**
*
* Adds an error to the errors array.
*/
private function addError($field, $type='string')
$this->errors[$field] = $type;
/**
*
* Sanatize a single var according to $type.
* Allows for static calling to allow simple sanatization
*/
public static function sanatizeItem($var, $type)
$flags = NULL;
switch($type)
case 'url':
$filter = FILTER_SANITIZE_URL;
break;
case 'int':
$filter = FILTER_SANITIZE_NUMBER_INT;
break;
case 'float':
$filter = FILTER_SANITIZE_NUMBER_FLOAT;
$flags = FILTER_FLAG_ALLOW_FRACTION | FILTER_FLAG_ALLOW_THOUSAND;
break;
case 'email':
$var = substr($var, 0, 254);
$filter = FILTER_SANITIZE_EMAIL;
break;
case 'string':
default:
$filter = FILTER_SANITIZE_STRING;
$flags = FILTER_FLAG_NO_ENCODE_QUOTES;
break;
$output = filter_var($var, $filter, $flags);
return($output);
/**
*
* Validates a single var according to $type.
* Allows for static calling to allow simple validation.
*
*/
public static function validateItem($var, $type)
if(array_key_exists($type, self::$regexes))
$returnval = filter_var($var, FILTER_VALIDATE_REGEXP, array("options"=> array("regexp"=>'!'.self::$regexes[$type].'!i'))) !== false;
return($returnval);
$filter = false;
switch($type)
case 'email':
$var = substr($var, 0, 254);
$filter = FILTER_VALIDATE_EMAIL;
break;
case 'int':
$filter = FILTER_VALIDATE_INT;
break;
case 'boolean':
$filter = FILTER_VALIDATE_BOOLEAN;
break;
case 'ip':
$filter = FILTER_VALIDATE_IP;
break;
case 'url':
$filter = FILTER_VALIDATE_URL;
break;
return ($filter === false) ? false : filter_var($var, $filter) !== false ? true : false;
?>
【讨论】:
【参考方案3】:如果您想自己编写一些程序并且您拥有 PHP 5.2.0 或更高版本。然后你可以查看filter functions.
【讨论】:
【参考方案4】:github上也有这个库:https://github.com/blackbelt/php-validation
【讨论】:
【参考方案5】:Zend Forms不用整个Zend框架也可以使用
【讨论】:
【参考方案6】:Code Igniter 框架中包含一个,看看here
我建议开始使用其中一个 PHP 框架;)
【讨论】:
链接返回 404【参考方案7】:你有一个名为 symfony forms 的 symfony 框架的一部分,它可以与整个框架分开使用。
看看the framework documentation。
【讨论】:
【参考方案8】:这个 phpro.org 验证类看起来非常适合简单的数据验证:
https://phpro.org/classes/Validation-Class.html
支持长度等规则
【讨论】:
您给定的链接显示无法访问此站点消息 链接已修复 链接又被破坏了以上是关于PHP 最简单的表单验证库? [关闭]的主要内容,如果未能解决你的问题,请参考以下文章