任何从客户端发送来的数据,后端都是不信任的。
表单传送过程:客户端--->flask(request)--->取出
注册表单
<!--{{url_for()}}代表form表单将要发送到后端的路由-->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>注册</title>
</head>
<body>
<!--{{url_for()}}代表form表单将要发送到后端的路由-->
<form action="{{url_for('register')}}" method="post">
<label>用户名:</label><input name="name" type="text">
<br>
<label>手机号:</label><input name="phone" type="text">
<br>
<label>密码:</label><input name="pwd" type="password">
<br>
<label>确认密码:</label><input name="confirm_pwd" type="password">
<br>
<br>
<input type="submit" value="立即注册">
<br>
</form>
</body>
</html>
后端校验方式(1):
import re
from flask import Flask, request, render_template, Response
from werkzeug.exceptions import abort
app = Flask(__name__)
@app.route('/register',methods=["GET","POST"])
def register():
if request.method == 'GET':
return render_template('register.html')
name = request.form.get('name')
phone = request.form.get('phone')
pwd = request.form.get('pwd')
pwd_confirm = request.form.get('confirm_pwd')
# 表单验证
if not name:
res = Response(render_template('register.html', msg='用户名不能为空'), status='412', content_type='text/html;charset=utf-8')
abort(res)
if not re.match(r'^1[3,4,5,6,7,8,9]\d{9}import re
from flask import Flask, request, render_template, Response
from werkzeug.exceptions import abort
app = Flask(__name__)
@app.route('/register',methods=["GET","POST"])
def register():
if request.method == 'GET':
return render_template('register.html')
name = request.form.get('name')
phone = request.form.get('phone')
pwd = request.form.get('pwd')
pwd_confirm = request.form.get('confirm_pwd')
# 表单验证
if not name:
res = Response(render_template('register.html', msg='用户名不能为空'), status='412', content_type='text/html;charset=utf-8')
abort(res)
if not re.match(r'^1[3,4,5,6,7,8,9]\d{9}$', phone):
res = Response(render_template('register.html', msg='手机号码格式错误'), status='412', content_type='text/html;charset=utf-8')
abort(res)
if len(pwd)<6:
res = Response(render_template('register.html', msg='密码必须大于6位'), status='412', content_type='text/html;charset=utf-8')
abort(res)
if pwd_confirm != pwd:
res = Response(render_template('register.html', msg='密码不一致'), status='412',content_type='text/html;charset=utf-8')
abort(res)
return Response(render_template('login.html', msg='注册成功'), status='200',content_type='text/html;charset=utf-8')
if __name__ == '__main__':
app.run(debug=True)
#x27;, phone):
res = Response(render_template('register.html', msg='手机号码格式错误'), status='412', content_type='text/html;charset=utf-8')
abort(res)
if len(pwd)<6:
res = Response(render_template('register.html', msg='密码必须大于6位'), status='412', content_type='text/html;charset=utf-8')
abort(res)
if pwd_confirm != pwd:
res = Response(render_template('register.html', msg='密码不一致'), status='412',content_type='text/html;charset=utf-8')
abort(res)
return Response(render_template('login.html', msg='注册成功'), status='200',content_type='text/html;charset=utf-8')
if __name__ == '__main__':
app.run(debug=True)
后端校验方式(2):
import re
from flask import Flask, request, render_template, Response
from werkzeug.exceptions import abort
app = Flask(__name__)
def form_check(form):
name = form.get('name')
phone = form.get('phone')
pwd = form.get('pwd')
pwd_confirm = form.get('confirm_pwd')
# 表单验证
if not name:
res = Response(render_template('register.html', msg='用户名不能为空'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
if not re.match(r'^1[3,4,5,6,7,8,9]\d{9}import re
from flask import Flask, request, render_template, Response
from werkzeug.exceptions import abort
app = Flask(__name__)
def form_check(form):
name = form.get('name')
phone = form.get('phone')
pwd = form.get('pwd')
pwd_confirm = form.get('confirm_pwd')
# 表单验证
if not name:
res = Response(render_template('register.html', msg='用户名不能为空'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
if not re.match(r'^1[3,4,5,6,7,8,9]\d{9}$', phone):
res = Response(render_template('register.html', msg='手机号码格式错误'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
if len(pwd) < 6:
res = Response(render_template('register.html', msg='密码必须大于6位'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
if pwd_confirm != pwd:
res = Response(render_template('register.html', msg='密码不一致'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
@app.route('/register',methods=["GET","POST"])
def register():
if request.method == 'GET':
return render_template('register.html')
form = request.form
form_check(form)
return Response(render_template('login.html', msg='注册成功'), status='200', content_type='text/html;charset=utf-8')
if __name__ == '__main__':
app.run(debug=True)
#x27;, phone):
res = Response(render_template('register.html', msg='手机号码格式错误'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
if len(pwd) < 6:
res = Response(render_template('register.html', msg='密码必须大于6位'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
if pwd_confirm != pwd:
res = Response(render_template('register.html', msg='密码不一致'), status='412',
content_type='text/html;charset=utf-8')
abort(res)
@app.route('/register',methods=["GET","POST"])
def register():
if request.method == 'GET':
return render_template('register.html')
form = request.form
form_check(form)
return Response(render_template('login.html', msg='注册成功'), status='200', content_type='text/html;charset=utf-8')
if __name__ == '__main__':
app.run(debug=True)
后端校验方式(3):
import re
from flask import Flask, request, render_template, Response
from werkzeug.exceptions import abort
app = Flask(__name__)
@app.route('/register',methods=["GET","POST"])
def register():
if request.method == 'GET':
return render_template('register.html')
name = request.form.get('name')
phone = request.form.get('phone')
pwd = request.form.get('pwd')
pwd_confirm = request.form.get('confirm_pwd')
# 表单验证
if not name:
return render_template('register.html', msg='用户名不能为空'),412, {"content_type":'text/html;charset=utf-8'}
if not re.match(r'^1[3,4,5,6,7,8,9]\d{9}import re
from flask import Flask, request, render_template, Response
from werkzeug.exceptions import abort
app = Flask(__name__)
@app.route('/register',methods=["GET","POST"])
def register():
if request.method == 'GET':
return render_template('register.html')
name = request.form.get('name')
phone = request.form.get('phone')
pwd = request.form.get('pwd')
pwd_confirm = request.form.get('confirm_pwd')
# 表单验证
if not name:
return render_template('register.html', msg='用户名不能为空'),412, {"content_type":'text/html;charset=utf-8'}
if not re.match(r'^1[3,4,5,6,7,8,9]\d{9}$', phone):
return render_template('register.html', msg='手机号码格式错误'), 412, {"content_type": 'text/html;charset=utf-8'}
if len(pwd)<6:
return render_template('register.html', msg='密码应大于6位'), 412, {"content_type": 'text/html;charset=utf-8'}
if pwd_confirm != pwd:
return render_template('register.html', msg='密码不一致'), 412, {"content_type": 'text/html;charset=utf-8'}
return Response(render_template('login.html', msg='注册成功'), status='200',content_type='text/html;charset=utf-8')
if __name__ == '__main__':
app.run(debug=True)
#x27;, phone):
return render_template('register.html', msg='手机号码格式错误'), 412, {"content_type": 'text/html;charset=utf-8'}
if len(pwd)<6:
return render_template('register.html', msg='密码应大于6位'), 412, {"content_type": 'text/html;charset=utf-8'}
if pwd_confirm != pwd:
return render_template('register.html', msg='密码不一致'), 412, {"content_type": 'text/html;charset=utf-8'}
return Response(render_template('login.html', msg='注册成功'), status='200',content_type='text/html;charset=utf-8')
if __name__ == '__main__':
app.run(debug=True)
效果