有了这段代码,我想把它变成当用户点击按钮时,它首先验证他们想要下载文件,如果他们点击是,它从$userpoints减去100点(然后更新mysql表,但我知道如何做到这一点),我需要帮助的是让代码运行时有人点击按钮。我也想给他们下载没有他们得到一个网址,他们可以重用。要么不显示url,要么使其成为唯一的一次性代码。
<?php
//If submit form was clicked
if(isset($_POST['submit'])) {
//Server side validation for security purposes
if($userpoints >= 100) {
mysqli_query($con,"UPDATE users SET points = points - 100 WHERE users.user_name = '$username' LIMIT 1");
$filename = 'ibelongwithyou.mp3';
$filepath = '/home4/saintfiv/downloads/';
header("Content-Length: ".filesize($filepath.$filename));
header("Content-Disposition: attachment; filename=I Belong With You.mp3");
readfile($filepath.$filename);
}else {
header("Location: index.php?error=1");
}
}
?>
<form method="post" action="index.php">
<?php
if ($userpoints >= 100) {
echo '<input type="submit" name="submit" value="100pts">';
} else {
echo '<input type="submit" name="submit" value="100pts" disabled title="You need at least 100 points for this download">';
}
if(isset($_GET['error']) && $_GET['error'] == 1) {
echo "Error, you must have atleast 100points";
}
?>
</form>
有了这个更新的代码,刷新后它似乎仍然在注册一个提交的点击。还有一些奇怪的事情发生了,一堆随机的字符一直沿着页面向下。
我没有包含Javascript/jQuery来验证按钮点击,这完全取决于您是否包含客户端验证。此外,您必须存储用户的会话user_id或用户名,以便将来像我所做的那样,我假设您正在使用$_SESSION['user_id']来查找真正的用户。
<?php
session_start();
function getPoints() {
//you must store the user_id atleast for a session or even the username on how you db really done
//find the data where the USER_ID is the same as $_SESSION['user_id']
//then we need to get the 'points' field to pass into a variable $userpoints
$result = mysqli_query($con,"SELECT * FROM users WHERE user_id = ".$_SESSION['user_id']);
$row = mysqli_fetch_array($result);
return $row['points'];
}
//If submit form was clicked
if(isset($_POST['submit'])) {
//Server side validation for security purposes
if(getPoints() >= 100) {
mysqli_query($con,"UPDATE users SET points = points - 100 WHERE users.user_name = '$username' LIMIT 1");
}else {
header("Location: index.php?error=1");
}
}
?>
<html>
<head>
<title>Sample Point Downloading</title>
<script><!-- Javascript here for Validation --></script>
</head>
<form method="post" action="index.php">
<?php
if (getPoints() >= 100) {
echo '<input type="submit" name="submit" value="100pts">';
} else {
echo '<input type="submit" name="submit" value="100pts" disabled title="You need at least 100 points for this download">';
}
if(isset($_GET['error']) && $_GET['error'] == 1) {
echo "Error, you must have atleast 100points";
}
?>
</form>
</html>