我有以下代码在服务器端提交之前检查表单,我想要包括(如果可能)是检查URL的消息和是否存在以防止消息被发送。
if (!empty($_POST['name']) && !empty($_POST['fromemail']) && !empty($_POST['message']) && $go == TRUE)
{
//data has been filled
$name = Filter::no_html($_POST['name']);
$from = Filter::no_html($_POST['fromemail']);
$start_dt = Filter::no_html($_POST['start_dt']);
$end_dt = Filter::no_html($_POST['end_dt']);
$comments = Filter::no_html($_POST['message']);
$validate->isEmpty($name, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_YOUR_NAME);
$validate->isEmpty($from, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_YOUR_EMAIL);
$validate->isSingleEmail($from, LANG_JAVASCRIPT_PLEASE_ENTER_EMAIL);
$validate->isEmpty($start_dt, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_START_DATE);
$validate->isEmpty($end_dt, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_END_DATE);
$validate->isEmpty($comments, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_YOUR_MESSAGE);
$modules->call_hook('contact_owner_submit', ''); // Call any module functions
$id = (int) @$_POST['ownerid'];
$vehicle = (int) @$_POST['listingid'];
if ($validate->isError())
{
您可以使用stristr方法在字符串中的某些条件下搜索消息:
$has_url = (stristr($comments, 'http') || stristr($comments, 'www.'));
if($has_url) {
// prevent submit
}
关于stristr方法的更多信息:https://www.php.net/manual/en/function.strstr.php
所以你的代码看起来像这样:
if (!empty($_POST['name']) && !empty($_POST['fromemail']) && !empty($_POST['message']) && $go == TRUE) {
$has_url = (stristr($_POST['message'], 'http') || stristr($_POST['message'], 'www.'));
if($has_url) {
// whatever happens if contains url
}
$name = Filter::no_html($_POST['name']);
$from = Filter::no_html($_POST['fromemail']);
$start_dt = Filter::no_html($_POST['start_dt']);
$end_dt = Filter::no_html($_POST['end_dt']);
$comments = Filter::no_html($_POST['message']);
$validate->isEmpty($name, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_YOUR_NAME);
$validate->isEmpty($from, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_YOUR_EMAIL);
$validate->isSingleEmail($from, LANG_JAVASCRIPT_PLEASE_ENTER_EMAIL);
$validate->isEmpty($start_dt, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_START_DATE);
$validate->isEmpty($end_dt, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_END_DATE);
$validate->isEmpty($comments, LANG_JAVASCRIPT_PLEASE_ENTER . " " . LANG_YOUR_MESSAGE);
$modules->call_hook('contact_owner_submit', ''); // Call any module functions
$id = (int) @$_POST['ownerid'];
$vehicle = (int) @$_POST['listingid'];
if ($validate->isError())
// whatever goes here
{
}