html form input value, will not echo php object function htmlspecialchars
I have implemented child classes to process user input inherited from a parent class which handles the database connections, read and write.
In my parent class I have a function called 'hsc' which handles 'htmlspecialchars' and the function filters user input and returns the string.
hsc function
public function hsc($string) {
return htmlspecialchars($string);
}
I am having a problem with my signup form. When I call the above function on the sign_up object, even before the form is submited the form breaks, then will only output the first label.
output
Your First Name (rest of the form is missing)
problem code
value="<?php echo $sign_up->hsc($_POST['name']);?>" />
if I remove the above php code from value, the form displays correctly, also i can echo out text within the php tags, so the problem seems to be with the function?
While trying to figure this out, am I using the correct approach, ie, using classes too validate user input?
Hope someone can help
Thanks
please see the code I am using for the form below
<?php
include('./classes/signup_class.php');
if(isset($_POST['submit'])) {
//require('./classes/signup_class.php');
try {
$sign_up = new Signup_User();
$sign_up->processUserInput();
$errors = $sign_up->getErrorMessages();
}catch (Exception $e) {
echo $e->getMessage();
}
}
?>
<form id="sign_up" method="post" action="">
<p>
<label for="name">Your First Name</label>
<input name="name" id="name" type="text"
value="<?php echo $sign_up->hsc($_POST['name']);?&开发者_Go百科gt;" />
</p>
<p>
<label for="surname">Your Last Name</label>
<input name="surname" id="surname" type="text" />
</p>
<p>
<label for="email">Your Email Address</label>
<input name="email" id="email" type="text"/>
</p>
<p>
<label for="emailconf">Confirm Your Email Address</label>
<input name="emailconf" id="emailconf" type="text"/>
</p>
<p>
<label for="gender">Your Gender</label>
<select class="gender_select" name="gender">
<option value="female">Female</option>
<option value="male">Male</option>
</select>
</p>
<p>
<label for="password">Choose Your Password (8 characters)</label>
<input name="password" id="password" type="password">
</p>
<p>
<label for="passconf">Confirm Your Password</label>
<input name="passconf" id="passconf" type="password">
</p>
<input name="submit" id="submit" type="submit" value="signup" class="sign_up" >
</form>
Here to have defined the class new Signup_User();
in a condition that is true after submitting form.
try moving $sign_up = new Signup_User();
before that if condition:-
$sign_up = new Signup_User();
if(isset($_POST['submit'])) {
//require('./classes/signup_class.php');
try {
$sign_up->processUserInput();
$errors = $sign_up->getErrorMessages();
}catch (Exception $e) {
echo $e->getMessage();
}
}
精彩评论