我正在创建一个页面,用户可以在其中通过银行数据库的注册表单输入详细信息。如果数据库中存在输入值,则会将其重定向到下一页。与以下代码相关的问题是,当用户输入详细信息时,它会重定向到同一注册页面。页面是通过一个单独的文件访问的,在该文件中已经建立了与数据库的连接。连接没有问题。我创建了一个文件"index.php",它调用注册页面和下面显示的php代码。另一个文件core.php被引用到index.php,其中包含session_start()。当我将表单限制为只有两个字段(即cust_name&card_no。请回复。提前谢谢。这是我的代码:
<?php
//require 'core.php';
//echo $current_file;
if (isset($_POST['cust_name']) && isset($_POST['card_no']) && isset($_POST['cvv']) && ($_POST['exp_month']) && ($_POST['exp_year'])) //error possibly in this part
{
$cust_name = $_POST['cust_name'];
$card_no = $_POST['card_no'];
$cvv = $_POST['cvv'];
$exp_month = $_POST['exp_month'];
$exp_year = $_POST['exp_year'];
if(!empty($cust_name) && !empty($card_no) && !empty($cvv) && !empty($exp_month) && !empty($exp_year)) //error possible in this part
{
$query = "SELECT id FROM bank WHERE cust_name='$cust_name', card_no='$card_no',cvv='$cvv', exp_month='$exp_month',exp_year='$exp_year' ";
if($query_run = mysql_query($query))
{
$query_num_rows = mysql_num_rows($query_run);
if($query_num_rows==0)
{
echo 'Invalid Card details';
}
else if($query_num_rows==1)
{
//echo 'OK!!';
$user_id = mysql_result($query_run,0,'id');
$_SESSION['user_id']=$user_id; //starts the session
header('Location:login2.php');/*redirects if the details are present in database*/
}
}
}
else
{
echo 'PLEASE ENTER DETAILS';
}
}
?>
<form action ="<?php echo $current_file; ?>" method="POST">//registration form
Card Name:<input type = "text" name = "cust_name"><br/>
Card No:<input type = "text" name = "card_no"><br/>
CVV:<input type = "text" name = "cvv"><br/>
Expiry Month & Year<select name="exp_month"><br/>
<option selected value="janauary">January</option>
<option value="february">February</option>
<option value="march">March</option>
<option value="april">April</option>
<option value="may">May</option>
<option value="june">June</option>
<option value="july">July</option>
<option value="august">August</option>
<option value="september">September</option>
<option value="october">October</option>
<option value="november">November</option>
<option value="december">December</option>
</select>
<select name="exp_year"><br/>
<option selected value="2014">2014</option>
<option value="2015">2015</option>
<option value="2016">2016</option>
<option value="2017">2017</option>
<option value="2018">2018</option>
<option value="2019">2019</option>
<option value="2020">2020</option>
<option value="2021">2021</option>
<option value="2022">2022</option>
<option value="2023">2023</option>
<option value="2024">2024</option>
<option value="2025">2025</option><br/>
</select><br/>
<input type="submit" value="submit">
<input type="reset" value="reset"><br/>
</form>
<----index.php---->
<?php
require 'database.php'; //establishes database connection
require 'core.php'; //uses core.php
include 'login_form.php';//redirects to login_form
?>
<----core.php-----?
<?php
ob_start();
session_start(); // starts the session
$current_file = $_SERVER['SCRIPT_NAME'];//used at login_form
?>
--------------------------------------
IF语句使用两个字段的原因是因为您只能有一个&;PHP中IF语句中的表达式。你将不得不把你的&;声明。不过,如果你只单独检查每个POST,那会更好、更安全:
if(isset($_POST['name']){}
然后运行您希望它执行的操作。
我已经运行了您的代码。您没有'else'子句来处理查询失败。我还倾向于使用"var_dump"answers"die(‘I am here’)语句来确保程序在我期望的时候至少达到了我期望的点。
我发布了我的代码,包括"调试代码",这样你至少可以确认这些测试对你自己来说是正确的。他们工作得很好。
您还应该在发送标头以更改位置后退出脚本。
var_dump($_POST);
if (isset($_POST['cust_name']) && isset($_POST['card_no']) && isset($_POST['cvv']) && ($_POST['exp_month']) && ($_POST['exp_year'])) //error possibly in this part
{
$cust_name = $_POST['cust_name'];
$card_no = $_POST['card_no'];
$cvv = $_POST['cvv'];
$exp_month = $_POST['exp_month'];
$exp_year = $_POST['exp_year'];
// die('iam here '. __FILE__.__LINE__);
if(!empty($cust_name) && !empty($card_no) && !empty($cvv) && !empty($exp_month) && !empty($exp_year)) //error possible in this part
{
// die('i am here '. __FILE__.__LINE__);
$query = "SELECT id FROM bank WHERE cust_name='$cust_name', card_no='$card_no',cvv='$cvv', exp_month='$exp_month',exp_year='$exp_year' ";
if($query_run = mysql_query($query))
{
$query_num_rows = mysql_num_rows($query_run);
if($query_num_rows==0)
{
echo 'Invalid Card details';
}
else if($query_num_rows==1)
{
//echo 'OK!!';
$user_id = mysql_result($query_run,0,'id');
$_SESSION['user_id']=$user_id; //starts the session
header('Location:login2.php');/*redirects if the details are present in database*/
exit(); // should exit the script
}
}
else { // unmatched else
echo 'THE SQL QUERY FAILED';
}
}
else
{
echo 'PLEASE ENTER DETAILS';
}
}
?>