开发者

How to add a Keyword Filter for a php jquery database insert?

问答 作者:

I want to make a PHP database insert with jQuery. How do I add a Keyword Filter in the code? If I write all the forbidden words in a xml out file forbidden.xml Thanks.

insert page:

<script type="text/java开发者_如何学编程script" src="../jquery-1.4.2.min.js"></script>
<script>
function send(){
    var toUrl = "Data.php";
    var method = 'GET';
        $.ajax({
        type:"POST",
        url:"Data.php",
        data:{
            name:$("#name").val(),
            sex:$("#sex").val()
        },
        beforeSend:function(){
            $("#display").html("Loading...");
        },
        success:function(data){
            $("#display").html(decodeURI(data));
            document.getElementById("display").innerHTML = "insert success";
        },
        error:function(data){
            document.getElementById("display").innerHTML = "insert error";
        }
    });
}
</script>
<form name="input">
    name: <input type="name" name="name" id="name" />
    sex: <input type="sex" name="sex" id="sex" />
    <input type="button" id="Submit" value="Submit" onclick="send()" />
</form> 
<div id="display"></div>

forbidden.xml

<?xml version="1.0" encoding="utf-8"?>
<dictionary language="EN">
    <string>aaa</string>
    <string>bbb</string>
    ...
</dictionary>

your best of doing this server side, whenever your handling validation or sanitation you always handle server side so that it reduces risks.

Firstly you need to understand that your code should be abstract in a way that you do not need to write specific error messages within javascript.

so what you want to do is send all information to the server, get it checked out and return success/error + message from the server like so:

$.ajax({
        type:"POST",
        url:"Data.php",
        data:{
            name:$("#name").val(),
            sex:$("#sex").val()
        },
        beforeSend:function(){
            $("#display").html("Loading...");
        },
        success:function(data)
        {
            if(data.error)
            {
                //Use data.error to alert the user
            }else
            {
                //Use data.message to alert the user
            }
        },
        error:function(data){
            alert("Server Error");
        }
});

so your javascript is basically right but your setting static message with javascript, its its not the best idea in the long run.

so with your php, you would validate the data like sio:

$name = !empty($_REQUEST['name']) ? $_REQUEST['name'] : false;
$sex = !empty($_REQUEST['sex']) ? $_REQUEST['sex'] : false;
$response = array();
if($name && $sex)
{
    //Load your xml into an array
    foreach($badword as $word)
    {
        if(strstr($name,$word))
        {
            $response["error"] = "Name contains a restricted word (" . $word . ")";
            break 2; //Get out the foreach
        }
    }

    //Validate other items
}

if(!isset($responce["error"]))
{
    $response["success"] = true;
    $response["message"] = "Data has been validated";
}

echo json_encode($response);
exit;

继续阅读:databaseinsertjqueryphp

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9