具有多个同名隐藏控制元素的 HTML 表单
在 HTML 表单中包含多个同名“隐藏”控制元素是否合法? 我希望在服务器上获取所有这些元素的值。 如果合法,主流浏览器是否正确实现了该行为?
Is it legal to have an HTML form with more than one "hidden" control element with the same name? I expect to get the values of all of these elements at the server. If it is legal, do the major browsers implement the behavior correctly?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
浏览器对此没问题。 但是,应用程序库解析它的方式可能会有所不同。
程序应该将具有相同名称的项目分组在一起。 虽然 HTML 规范没有明确说明这一点,但在 有关复选框的文档:
The browsers are OK with it. However, how the application library parses it may vary.
Programs are supposed to group identically named items together. While the HTML specification doesn't explicitly say this, it is implicitly stated in the documentation on checkboxes:
不同的服务器端技术会有所不同。 使用 PHP,您可以使用数组样式的名称语法来强制在服务器端创建集合。 如果发布到服务器,
$_POST['colors']将是一个包含两个值的数组,#003366和#00FFFF:一般来说,您需要使用不带方括号的标准名称。 大多数服务器端技术将能够解析结果数据,并提供某种类型的集合。 Node.js 通过
querystring.parse提供有用的功能:Different server-side technologies will vary. With PHP, you can use an array-style syntax for the name to force a collection to be created on the server-end. If posted to the server,
$_POST['colors']will be an array with two values,#003366and#00FFFF:Generally speaking, you'll want to use a standard name without square brackets. Most server-side technologies will be able to parse the resulting data, and provide a collection of some type. Node.js provides helpful functionality via
querystring.parse:如果您有这样的内容:
您的查询字符串将类似于
x=1&x=2&x=3... 取决于您用来解析查询的服务器软件字符串这可能效果不好。If you have something like this:
Your query string is going to turn out looking like
x=1&x=2&x=3... Depending on the server software you are using to parse the query string this might not work well.是的,大多数应用程序服务器将收集匹配的元素并用逗号将它们连接起来,这样这样的形式:
...将解析为 URL(在 GET 情况下 - POST 将以相同的方式工作),如下所示:
...并将在如下代码中向您公开:(例如,遵循 Response.Write(Request.QueryString("myHidden")):
1, 2 , 3
因此,要获取这些值,您只需拆分字符串并将它们作为数组访问(或您选择的语言中的任何类似数组)
(应该澄清:在 PHP 中,它略有不同(正如 Johnathan 指出的,括号 )。表示法将项目作为数组公开给 PHP 代码),但 ASP、ASP.NET 和 ColdFusion 都将值公开为逗号分隔的列表,所以是的,重复命名是完全有效的。)
Yes, and most application servers will collect the matching elements and concatenate them with commas, such that a form like this:
... would resolve to a URL (in the GET case -- POST would work the same way, though) like this:
... and would be exposed to you in code like this: (e.g., following something like Response.Write(Request.QueryString("myHidden")):
1, 2, 3
So to grab the values, you'd just split the string and access them as an array (or whatever's comparable in your language of choice).
(Should be clarified: In PHP, it's slightly different (as Johnathan points out, bracket notation exposes the items as an array to your PHP code), but ASP, ASP.NET, and ColdFusion all expose the values as a comma-separated list. So yes, the duplicate naming is completely valid.)
HTML5
非规范部分4.10.1.3 配置表单与服务器通信 明确表示它是有效的:
其规范版本很简单,在任何地方都不会禁止它,并且表单提交算法准确地说明了应该生成什么请求:
application/x-www-form-urlencoded循环遍历“表单数据集”并吐出多个key=valhttps://www .w3.org/TR/html5/forms.html#url-encoded-form-dataHTML5
The non-normative section 4.10.1.3 Configuring a form to communicate with a server explicitly says that it is valid:
The normative version of this is simply that it is not forbidden anywhere, and the form submission algorithm says exactly what request should be generated:
application/x-www-form-urlencodedloop over the "form data set" and spit out multiplekey=valhttps://www.w3.org/TR/html5/forms.html#url-encoded-form-data特别是对于 PHP,我在隐藏输入中使用数组名称进行了一些测试,我在这里分享我的结果:
提交表单会生成下一个结果:
查看此结果后,我进行了更多测试,寻找更好的数组值排列,并以此结束(我将仅显示新的隐藏输入):
提交表单后获取此结果:
我希望这有助于很少。
Specifically for PHP I made some tests with array names in hidden inputs and I share here my results:
Submitting the form generates the next result:
After viewing this result I made more tests looking a better arrange of array values and ended with this (I will show only the new hidden inputs):
Obtaining this result after submitting form:
I hope this helps a few.
我相信这是合法的,至少在单选按钮和复选框的情况下是如此。 当我必须在 XSLT 中动态添加文本框输入时,我给它们赋予相同的名称; 在 ASP.NET 中,Request.Form["whatever_name"] 是所有这些值的字符串,以逗号分隔。
I believe it is legal, at least in cases of radio buttons and check boxes. When I have to dynamically add textbox inputs in XSLT, I give them all the same name; in ASP.NET, Request.Form["whatever_name"] is a string of all these values comma-seperated.
我刚刚尝试对多个 SELECT 输入使用相同的控件名称 counties[],以便英格兰、苏格兰、威尔士和爱尔兰的每个县都作为同一参数的值传递。 PHP 可以很好地处理它,但 HTML 验证器会发出警告。 我不知道是否所有浏览器都会以同样的方式处理这个问题。
I have just tried using the same control name, counties[] for several SELECT inputs so that counties in England, Scotland, Wales and Ireland in each are are all passed as values for the same parameter. PHP handles it fine, but HTML validator gives a warning. I don't know if all browsers would handle this the same way.