【发布时间】:2019-11-12 19:49:30
【问题描述】:
当我按下“继续”按钮时,我被重定向到表单的 php 函数文件 (localhost/install/hamburgher.php),但必须检查代码是否正确,否则会显示错误。
hamburgher.php(点击按钮的功能):
<?php
session_start();
// connect to database
$db = mysqli_connect('localhost', 'root', '');
mysqli_select_db($db,"licensecode");
// escape string
function e($val){
global $db;
return mysqli_real_escape_string($db, trim($val));
}
$errors = array();
function display_error() {
global $errors;
if (count($errors) > 0){
echo '<div class="alert alert-danger">';
foreach ($errors as $error){
echo $error .'<br>';
}
echo '</div>';
}
}
if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1))
{
checkkey();
}
else
{
array_push($errors, "License key is invalid.");
}
// USER
function checkkey(){
global $db, $username, $errors;
// grap form values
$key = e($_POST['key-get']);
// make sure form is filled properly
if (empty($key)) {
array_push($errors, "A license key is required.");
}
// attempt login if no errors on form
if (count($errors) == 0)
{
$password = md5($password);
$query = "SELECT * FROM licenses WHERE code='$key' LIMIT 1";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1)
{ // found
// check
$keycode = mysqli_fetch_assoc($results);
if($keycode['expired'] == 1)
{
array_push($errors, "This license has expired.");
}
else
{
header('location: step_4.php');
}
}
else
{
array_push($errors, "License key is invalid.");
}
}
else {
array_push($errors, "Some errors there.");
}
}
表单文件-step_3.php:
<?php
include('hamburgher.php');
require_once("settings.inc");
if (file_exists($config_file_path)) {
header("location: ".$application_start_file);
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title><?php echo $application_name;?> Instalation Wizard - 3</title>
<link rel="icon" href="images/brand/favicon.png" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="styles/basic.css">
<link href="https://fonts.googleapis.com/css?family=Muli&display=swap" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="styles/bootstrap.min.css">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
</head>
<body>
<center>
<div class="card">
<img src="../images/brand/logo_wide.png" alt="Thos Host Complete Solutions">
<form method="post" action="hamburgher.php">
<input type="hidden" name="submit" value="step2" />
<div class="container">
<b><div style="font-family: 'Muli', sans-serif;">Step 3: Insert your license key</div></b><br>
<div class="form-group">
<label for="key-get" style="margin-right: 80%">Code:</label>
<input type="text" class="form-control" name="key-get" placeholder='38904ADSUFH8ADS7FH8ASHFASHF8ASHUFHA8SUFHU8ASHF8UHA' size="30">
</div>
</div>
<?php echo display_error(); ?>
<span class="step_active" >1</span>
<span class="step_active">2</span>
<span class="step_active">3</span>
<span class="step_inactive">4</span>
<span class="step_inactive">5</span>
<button type="submit" class="button button_black" name="btn_lic" value="1" style="margin-left : 60%; color: white; text-decoration: none; font-family: 'Muli', sans-serif;"><b>Continue</b></button>
</form><br>
</div>
</center>
<?php include_once("footer.php"); ?>
</body>
</html>
如果出现以下情况,代码必须显示错误: - 输入代码为空; - 输入代码已过期; - 输入代码不存在;
显示错误时,页面必须相同,但页面上有<?php echo display_error(); ?>,会有错误信息。
如果代码在数据库中找到并且未过期,则必须在页面 step_4.php 上重定向
我知道,我知道,我会修改代码以避免 SQL 注入,这是一个 beta 代码。
谢谢。
【问题讨论】:
-
好的,那么问题是什么?提交表单时,display_error() 什么都不显示?
-
当我按下按钮(并且代码未输入或不正确)时,我被重定向到 hamburgher.php,不会在同一页面中创建错误“您没有输入代码”(当代码正确时一切正常)[编辑]
-
但是您的表单转到
<form method="post" action="hamburgher.php">,一旦提交它就会加载该页面,您不再是step_3.php。如果要返回,则必须重定向回 step_3.php,header("Location: step_3.php"); -
虽然,在那种情况下,你丢失了错误输出,让我考虑一下
-
如果按下按钮,我添加了调试:``` if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1) { checkkey(); } else { header("位置:step_3.php"); array_push($errors, "许可证密钥无效。"); }```即使我按下按钮我被重定向到step_3.php,这意味着如果按下btn_lic,hamburgher.php没有检测到,但我都正确,为什么?