我不知道到底是什么你问所以这里的两个方向的答案:
如果你有,你试图解析一个完整的URL,使用parse_url
:
$url = 'http://username:[email protected]/path?arg=value#anchor';
print_r(parse_url($url));
echo parse_url($url, PHP_URL_PATH);
上面的例子将输出:
Array
(
[scheme] => http
[host] => hostname
[user] => username
[pass] => password
[path] => /path
[query] => arg=value
[fragment] => anchor
)
如果只有的查询部分网址可以使用parse_str
:
parse_str($str, $output);
echo $output['first']; // value
echo $output['arr'][0]; // foo bar
echo $output['arr'][1]; // baz
如果你试图构建使用http_build_query
一个网址:
$data = array('foo'=>'bar',
'baz'=>'boom',
'cow'=>'milk',
'php'=>'hypertext processor');
echo http_build_query($data); // foo=bar&baz=boom&cow=milk&php=hypertext+processor
如果您需要做数据验证,一旦你已经得到了它,你可以使用内置的使用验证filter_input
功能/ PHP消毒选择:
http://us2.php.net/manual/en/ref.filter.php
http://us2.php.net/manual/en/function.filter-input-array.php
http://us2.php.net/manual/en/filter.filters.validate.php
http://us2.php.net/manual/en/filter.filters.sanitize.php
实施例从filter_validate_array
页:
/* data actually came from POST
$_POST = array(
'product_id' => 'libgd<script>',
'component' => '10',
'versions' => '2.0.33',
'testscalar' => array('2', '23', '10', '12'),
'testarray' => '2',
);
*/
$args = array(
'product_id' => FILTER_SANITIZE_ENCODED,
'component' => array('filter' => FILTER_VALIDATE_INT,
'flags' => FILTER_REQUIRE_ARRAY,
'options' => array('min_range' => 1, 'max_range' => 10)
),
'versions' => FILTER_SANITIZE_ENCODED,
'doesnotexist' => FILTER_VALIDATE_INT,
'testscalar' => array(
'filter' => FILTER_VALIDATE_INT,
'flags' => FILTER_REQUIRE_SCALAR,
),
'testarray' => array(
'filter' => FILTER_VALIDATE_INT,
'flags' => FILTER_REQUIRE_ARRAY,
)
);
$myinputs = filter_input_array(INPUT_POST, $args);
var_dump($myinputs);
echo "\n";
上面的示例将输出:
array(6) {
["product_id"]=>
array(1) {
[0] => string(17) "libgd%3Cscript%3E"
}
["component"]=>
array(1) {
[0] => int(10)
}
["versions"]=>
array(1) {
[0] => string(6) "2.0.33"
}
["doesnotexist"]=>
NULL
["testscalar"]=>
bool(false)
["testarray"]=>
array(1) {
[0] => int(2)
}
}
是否“令牌”是指什么在`$ post_data`? – BoltClock 2011-01-11 20:35:23
是的,__EVENTVALIDATION和__VIEWSTATE是令牌。 – Chenelle 2011-01-11 20:36:19