开发者

Using same php file to show form and receive the form's data

I have a php page that generates a form. The action attribute of the form is the page itself. After the user submits the form, the s开发者_如何学编程ame page is loaded, but this time a POST variable is set, so the page runs another script to deal with the incoming data from the form. I do this by using a conditional fork:

if(isset($_POST['var'])){
    generate form
}else{
    insert $_POST data into database
}

I'd like to know if this is ok or a bad idea.


I agree with Ignacio. Other than that it looks like a fairly standard approach if you don't need more complexity. One very important thing: make sure you are validating and sanitizing that data before it goes into the database.


The bad part is setting the action attribute to the script. Omitting it completely indicates to the browser that it should be posted to the same URL.


You might even want to go to the extent of checking whether the data was submitted thru AJAX to differentiate it from a regular form submission:

if ( $_SERVER['X_REQUESTED_WITH']=='XMLHttpRequest' )
  // AJAX
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜