单击按钮运行PHP并隐藏下载链接

时间:2013-04-07 05:35:43

标签: php

使用此代码我希望在用户点击按钮时将其转换为首先验证他们是否要下载文件,如果他们单击是,则从$ userpoints中减去100个点(然后更新mysql表,但我知道如何做到这一点),我需要帮助的是在有人点击按钮时运行代码。此外,我想给他们下载,而不会得到他们可以重用的网址。通过不向他们显示网址或使其成为唯一的一次性代码。

<?php                       
                    //If submit form was clicked
                    if(isset($_POST['submit'])) {
                        //Server side validation for security purposes
                        if($userpoints >= 100) {
                            mysqli_query($con,"UPDATE users SET points = points - 100 WHERE users.user_name = '$username' LIMIT 1");
                            $filename = 'ibelongwithyou.mp3';
                            $filepath = '/home4/saintfiv/downloads/';
                            header("Content-Length: ".filesize($filepath.$filename));
                            header("Content-Disposition: attachment; filename=I Belong With You.mp3");
                            readfile($filepath.$filename);
                        }else {
                            header("Location: index.php?error=1");
                        }
                    }
                    ?>
                    <form method="post" action="index.php">
                    <?php
                        if ($userpoints >= 100) {
                            echo '<input type="submit" name="submit" value="100pts">';
                        } else {
                            echo '<input type="submit" name="submit" value="100pts" disabled title="You need at least 100 points for this download">';
                        }
                        if(isset($_GET['error']) && $_GET['error'] == 1) {
                            echo "Error, you must have atleast 100points";
                        }
                    ?>
                    </form>

使用这个更新的代码,它似乎仍然在刷新后在提交上注册了一个点击。还有一些奇怪的事情发生在一堆随机字符上,只是继续沿着页面走。

1 个答案:

答案 0 :(得分:0)

我没有包含Javascript / jQuery来验证按钮点击,所有由您决定是否包含客户端验证。此外,您必须存储用户的 user_id 用户名会话以用于将来的sql语句,就像我所做的那样,我假设您正在使用 $ _ SESSION [' user_id'] 找到真实用户。

<?php
session_start();

function getPoints() {
    //you must store the user_id atleast for a session or even the username on how you db really done
    //find the data where the USER_ID is the same as $_SESSION['user_id']
    //then we need to get the 'points' field to pass into a variable $userpoints
    $result = mysqli_query($con,"SELECT * FROM users WHERE user_id = ".$_SESSION['user_id']);
    $row = mysqli_fetch_array($result);
    return $row['points'];
}
//If submit form was clicked
if(isset($_POST['submit'])) {
    //Server side validation for security purposes
    if(getPoints() >= 100) {
        mysqli_query($con,"UPDATE users SET points = points - 100 WHERE users.user_name = '$username' LIMIT 1");
    }else {
        header("Location: index.php?error=1");
    }
}
?>
<html>
    <head>
        <title>Sample Point Downloading</title>
        <script><!-- Javascript here for Validation --></script>
    </head>
    <form method="post" action="index.php">
        <?php
        if (getPoints() >= 100) {
            echo '<input type="submit" name="submit" value="100pts">';
        } else {
            echo '<input type="submit" name="submit" value="100pts" disabled title="You need at least 100 points for this download">';  
        }
        if(isset($_GET['error']) && $_GET['error'] == 1) {
            echo "Error, you must have atleast 100points";
        }
        ?>
    </form>
</html>
相关问题
最新问题