重定向到 php 文件的按钮
Button redirecting to php file
当我按下 'continue' 按钮时,我被重定向到表单的 php 函数文件 ( localhost/install/hamburgher.php ),但是必须检查代码是否正确,否则会显示错误。
hamburgher.php(点击按钮的功能):
<?php
session_start();
// connect to database
$db = mysqli_connect('localhost', 'root', '');
mysqli_select_db($db,"licensecode");
// escape string
function e($val){
global $db;
return mysqli_real_escape_string($db, trim($val));
}
$errors = array();
function display_error() {
global $errors;
if (count($errors) > 0){
echo '<div class="alert alert-danger">';
foreach ($errors as $error){
echo $error .'<br>';
}
echo '</div>';
}
}
if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1))
{
checkkey();
}
else
{
array_push($errors, "License key is invalid.");
}
// USER
function checkkey(){
global $db, $username, $errors;
// grap form values
$key = e($_POST['key-get']);
// make sure form is filled properly
if (empty($key)) {
array_push($errors, "A license key is required.");
}
// attempt login if no errors on form
if (count($errors) == 0)
{
$password = md5($password);
$query = "SELECT * FROM licenses WHERE code='$key' LIMIT 1";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1)
{ // found
// check
$keycode = mysqli_fetch_assoc($results);
if($keycode['expired'] == 1)
{
array_push($errors, "This license has expired.");
}
else
{
header('location: step_4.php');
}
}
else
{
array_push($errors, "License key is invalid.");
}
}
else {
array_push($errors, "Some errors there.");
}
}
表单文件 - step_3.php:
<?php
include('hamburgher.php');
require_once("settings.inc");
if (file_exists($config_file_path)) {
header("location: ".$application_start_file);
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title><?php echo $application_name;?> Instalation Wizard - 3</title>
<link rel="icon" href="images/brand/favicon.png" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="styles/basic.css">
<link href="https://fonts.googleapis.com/css?family=Muli&display=swap" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="styles/bootstrap.min.css">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
</head>
<body>
<center>
<div class="card">
<img src="../images/brand/logo_wide.png" alt="Thos Host Complete Solutions">
<form method="post" action="hamburgher.php">
<input type="hidden" name="submit" value="step2" />
<div class="container">
<b><div style="font-family: 'Muli', sans-serif;">Step 3: Insert your license key</div></b><br>
<div class="form-group">
<label for="key-get" style="margin-right: 80%">Code:</label>
<input type="text" class="form-control" name="key-get" placeholder='38904ADSUFH8ADS7FH8ASHFASHF8ASHUFHA8SUFHU8ASHF8UHA' size="30">
</div>
</div>
<?php echo display_error(); ?>
<span class="step_active" >1</span>
<span class="step_active">2</span>
<span class="step_active">3</span>
<span class="step_inactive">4</span>
<span class="step_inactive">5</span>
<button type="submit" class="button button_black" name="btn_lic" value="1" style="margin-left : 60%; color: white; text-decoration: none; font-family: 'Muli', sans-serif;"><b>Continue</b></button>
</form><br>
</div>
</center>
<?php include_once("footer.php"); ?>
</body>
</html>
如果出现以下情况,代码必须显示错误:
- 输入代码为空;
- 输入代码已过期;
- 输入代码不存在;
显示错误时,页面必须相同,但页面上有<?php echo display_error(); ?>,就会出现错误信息。
如果代码在数据库中找到并且未过期,您必须在页面 step_4.php 上重定向
我知道,我知道,我会修改代码以避免 SQL 注入,这是测试代码。
谢谢。
解决问题的最快方法是将代码从 hamburgher.php 移至 step_3.php,然后删除表单的操作,使其返回同一页面。
当我按下 'continue' 按钮时,我被重定向到表单的 php 函数文件 ( localhost/install/hamburgher.php ),但是必须检查代码是否正确,否则会显示错误。
hamburgher.php(点击按钮的功能):
<?php
session_start();
// connect to database
$db = mysqli_connect('localhost', 'root', '');
mysqli_select_db($db,"licensecode");
// escape string
function e($val){
global $db;
return mysqli_real_escape_string($db, trim($val));
}
$errors = array();
function display_error() {
global $errors;
if (count($errors) > 0){
echo '<div class="alert alert-danger">';
foreach ($errors as $error){
echo $error .'<br>';
}
echo '</div>';
}
}
if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1))
{
checkkey();
}
else
{
array_push($errors, "License key is invalid.");
}
// USER
function checkkey(){
global $db, $username, $errors;
// grap form values
$key = e($_POST['key-get']);
// make sure form is filled properly
if (empty($key)) {
array_push($errors, "A license key is required.");
}
// attempt login if no errors on form
if (count($errors) == 0)
{
$password = md5($password);
$query = "SELECT * FROM licenses WHERE code='$key' LIMIT 1";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1)
{ // found
// check
$keycode = mysqli_fetch_assoc($results);
if($keycode['expired'] == 1)
{
array_push($errors, "This license has expired.");
}
else
{
header('location: step_4.php');
}
}
else
{
array_push($errors, "License key is invalid.");
}
}
else {
array_push($errors, "Some errors there.");
}
}
表单文件 - step_3.php:
<?php
include('hamburgher.php');
require_once("settings.inc");
if (file_exists($config_file_path)) {
header("location: ".$application_start_file);
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title><?php echo $application_name;?> Instalation Wizard - 3</title>
<link rel="icon" href="images/brand/favicon.png" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="styles/basic.css">
<link href="https://fonts.googleapis.com/css?family=Muli&display=swap" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="styles/bootstrap.min.css">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
</head>
<body>
<center>
<div class="card">
<img src="../images/brand/logo_wide.png" alt="Thos Host Complete Solutions">
<form method="post" action="hamburgher.php">
<input type="hidden" name="submit" value="step2" />
<div class="container">
<b><div style="font-family: 'Muli', sans-serif;">Step 3: Insert your license key</div></b><br>
<div class="form-group">
<label for="key-get" style="margin-right: 80%">Code:</label>
<input type="text" class="form-control" name="key-get" placeholder='38904ADSUFH8ADS7FH8ASHFASHF8ASHUFHA8SUFHU8ASHF8UHA' size="30">
</div>
</div>
<?php echo display_error(); ?>
<span class="step_active" >1</span>
<span class="step_active">2</span>
<span class="step_active">3</span>
<span class="step_inactive">4</span>
<span class="step_inactive">5</span>
<button type="submit" class="button button_black" name="btn_lic" value="1" style="margin-left : 60%; color: white; text-decoration: none; font-family: 'Muli', sans-serif;"><b>Continue</b></button>
</form><br>
</div>
</center>
<?php include_once("footer.php"); ?>
</body>
</html>
如果出现以下情况,代码必须显示错误: - 输入代码为空; - 输入代码已过期; - 输入代码不存在;
显示错误时,页面必须相同,但页面上有<?php echo display_error(); ?>,就会出现错误信息。
如果代码在数据库中找到并且未过期,您必须在页面 step_4.php 上重定向
我知道,我知道,我会修改代码以避免 SQL 注入,这是测试代码。
谢谢。
解决问题的最快方法是将代码从 hamburgher.php 移至 step_3.php,然后删除表单的操作,使其返回同一页面。