更改用户在订单提交 PHP/JS 期间提交的变量
因此,我的客户有一个旧的订单门户,允许用户输入每种材料的订单金额,然后提交该订单。 我的错误日志抛出警告 PHP 警告:未知:输入变量超过 1000。要增加限制,请更改 php.ini 中的 max_input_vars。
所以我决定 var_dump()当用户点击提交按钮时,我的 $_REQUEST 变量。
当我发现我的 $_REQUEST 变量不仅包含用户为其输入金额的材料,而且还包含数百种没有订单金额/数量的其他材料时,我很高兴。
array(1001) { ["CSRFToken"]=> string(69) "nice" ["submitbutton"]=> string(12) "Submit Order" ["material1006360"]=> string(1) "1" ["material1875"]=> string(1) "1" ["material1000987"]=> string(1) "0" ["material8800"]=> string(1) "0" ["material8703"]=> string(1) "0" ["material8799"]=> string(1) "0"...
对于数百种材料来说,这种情况确实存在。更奇怪的是,我们实际上有一个漂亮的小购物车,一旦您输入数量,它就会在页面顶部自动生成。很明显,正在为购物车创建和更新变量,所以奇怪的是,购物车没有通过,而是整页材料。
我想我的问题是,如何准确控制用户提交的变量?如何让 $_REQUEST 包含更少的垃圾数据?
我对它有一个高层次的概念理解,但正如你所知,我不知道用户何时/何地/如何提交这些数据。我对此还是有点陌生,老实说我不确定这是否都是由 PHP 完成的,或者 JS 是否与它有关。
我确实可以在这方面运用一些智慧,因为我确信用户输入的数据提交将在我未来的 Web 开发之旅中经常发生。
编辑:该页面似乎使用普通 HTML 输入表单的元素列表:
因此,每种材料都有一个这样的输入表单,提交后只需运行每个表单。
编辑2:因此,经过调查,我的整个材料清单由一种形式的所有材料输入组成。因此,在提交该表单后,它会读取数百个空的材料输入。 然后我尝试禁用输入元素,并运行“var_dump($_REQUEST)”。令我惊讶的是,它确实清除了提交的变量。 我在这里找到了这篇很棒的文章:禁用输入上的事件 关于禁用输入进行了精彩的讨论。我的想法是让输入有一个单击事件侦听器,该事件侦听器将触发它们处于活动状态。它并不完美,但应该使我提交的变量更加清晰。
So my client has this old order portal that allows users to put in an order amount per material, and submit that order.
My error log was tossing out a warning PHP Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini.
So I decided to var_dump() my $_REQUEST variable when the user hits the submit button.
Hilarity ensued when I found that not only did my $_REQUEST variable contain the materials a user put an amount input for, but also the HUNDREDS of other materials with no order amount/quantity.
array(1001) { ["CSRFToken"]=> string(69) "nice" ["submitbutton"]=> string(12) "Submit Order" ["material1006360"]=> string(1) "1" ["material1875"]=> string(1) "1" ["material1000987"]=> string(1) "0" ["material8800"]=> string(1) "0" ["material8703"]=> string(1) "0" ["material8799"]=> string(1) "0"...
And this literally goes on for a few hundred materials. What's even weirder is we actually have a nice little cart that auto generates at the top of the page once you put a quantity in. So obviously a variable is getting created and updated for the cart, so it is odd that the cart isn't getting passed, but rather the whole page of materials.
I suppose my question is, how do I control exactly what vars are getting submitted by the user? How can I make $_REQUEST contain a lot less junk data?
I have a high level conceptual understanding of it, but as you can tell, I don't know where exactly to look for when/where/how this data is getting submitted by the user. I'm still sort of new to this, and I'm honestly not sure if this is all done by PHP, or if the JS has anything to do with it either.
I could really use some wisdom with this, because I'm sure data submission from a user input will be a common occurrence in my future web dev journey.
edit: The page seems to be using a list of elements using vanilla HTML input forms: <input type="number" class="quantity form-control" name="material1006360" id="material1006360" value="0" style="user-select: auto;">
So each material has an input form like that, and upon submission just runs through every single form.
edit 2: So upon investigation, my entire material list consists of every material input in ONE form. So upon submission for that form, it reads hundreds of empty material inputs.
I then tried to disable the input element, and ran the `var_dump($_REQUEST). To my surprise, it did actually clear the submitted var.
I found this awesome post here: Event on a disabled input
That had a great discussion on disabling input. My idea is to have the input have an on-click event listener that will trigger them active. It's not perfect, but should make my submission vars much cleaner.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论