我正在创建一个由多个页面组成的进程,我希望用户只能访问" Checkout1.php"通过单击购物车页面(showCart.php)中的按钮。还有一个有效的登录检查。
checkOut1.php:
<article id="content">
<h2>Check Out</h2>
<h3><span class="checkOut">1. Get Delivery Details</span> -> 2. Confirm Order -> 3. Make Payment ->
4. Print Order Confirmation</h3>
<?php
if ((isset($_POST['submitShowCart'])) || (isset($_POST['returnCheckOut2'])) ||
(isset($_POST['submitLogin']))) {
if ($_SESSION['login']=='valid') {
echo "<p>Please modify delivery details as necessary and continue the Check Out process:</p>";
?>
//Blah blah blah (Main Form Code)
<form method="post" action="showCart.php">
<p>
<input type="submit" value="Return To Shopping Cart" name="returnCheckOut1">
</p>
</form>
<br><p>* = Required Fields</p>
<p><a href="#" class="intLink">[Top]</a></p>
<?php
}
else {
echo "<p>Please login to continue the Check Out process.</p>";
}
}
else {
// display no access message
echo "<p>Cannot access this file directly - must come via the Check Out process.</p>";
}
?>
</article>
showCart.php:
<article id="content">
<h2>Your Shopping Cart</h2>
<?php
if (empty($_SESSION['cart'])) {
echo "<p>Your shopping cart is currently empty.</p>";
}
else {
?>
<!-- open form so that qtyOrdered field becomes an input element -->
<form action="updateCart.php" method="post">
<!-- display headings for cart -->
<table class="prod1">
<tr>
<th>Product Name</th>
<th>Quantity On Hand</th>
<th>Quantity Ordered</th>
<th>Unit Price $</th>
<th>Extended Value $</th>
</tr>
<?php
// set up starting value of grand total
$grandTotal = 0;
// read details from the cart session variable and display
foreach($_SESSION['cart'] as $prodNbr=>$value) {
// extract data into separate variable
$prodName = $_SESSION['cart'][$prodNbr]['prodName'];
$price = $_SESSION['cart'][$prodNbr]['price'];
$qtyOnHand = $_SESSION['cart'][$prodNbr]['qtyOnHand'];
$qtyOrdered = $_SESSION['cart'][$prodNbr]['qtyOrdered'];
// do calculation for extended value
$extendedValue = $qtyOrdered * $price;
// accumulate the grand total of extended value column
$grandTotal = $grandTotal + $extendedValue;
// display fields in a table row
echo "<tr>";
echo "<td>$prodName</td>";
echo "<td class='right'>$qtyOnHand</td>";
echo "<td class='right'><input type='text' value='$qtyOrdered' size='2' name='qtyToBuy[$prodNbr]' /></td>";
echo "<td class='right'>$price</td>";
echo "<td class='right'>".number_format("$extendedValue",2)."</td>";
if ($qtyOrdered == $qtyOnHand) {
echo "<td><strong>No further stock available</strong></td>";
}
echo "</tr>";
} // end of foreach loop
// display the grand total
echo "<tr><td colspan='4' class='right'><strong>Grand Total : </strong></td><td class='right highlight'>" .number_format("$grandTotal",2) ."</td></tr>";
echo "</table>";
echo "<br>";
echo "<input type='submit' value='Update Cart'>";
echo "</form>";
echo "<br>";
echo "<h3>Enter a new quantity ordered OR 0 to remove the item from your cart.</h3>";
?>
<input type="button" value="Check Out" onclick="javascript:location.replace('checkOut1.php')" />
<input type="button" value="Continue Shopping" onclick="javascript:location.replace('catalogue.php')" />
<?php
}
?>
</article>
编辑:我想checkout1检查用户是否从showCart进入该页面,我现在没有检查的代码总是给我&#34;无法直接访问此文件 - 必须通过“签出”流程。&#34;消息。
答案 0 :(得分:1)
当用户点击按钮时,您可以设置SESSION变量,并在目标页面上检查是否设置了SESSION变量。如果已设置,则显示页面,否则不显示。
答案 1 :(得分:1)
如果你想确保用户来自showCart.php checkout.php,请将此添加到checkout.php:
if(basename($_SERVER['HTTP_REFERER'])=="showCart.php"){
//do your code of checkout.php
}
else{
//show error message and redirect the page.
}