提交表单前请包含一页

时间:2014-01-30 20:27:19

标签: php

我有test.php,用户可以在其中填写表单以更新限制。 提交后,页面将重定向到example.php,用户必须输入一次密码。如果成功,页面将重定向到更新限制的doTest.php,如果输入了错误的OTP,则用户必须在test.php中再次完成表单。

如何将页面从test.php重定向到example.php到doTest.php?

请注意:在我test.php的表单中,输入会POSTdoTest.php

在test.php中

            <form method="POST" action=""> 
                <table id="table">
                    <tr>
                        <td class="alt">Existing Daily Limit</td> 
                        <td>S$ <?php echo $dailylimit; ?> </td>
                        <input type="hidden" name="dailylimit" value="<?php echo $dailylimit ?>"/>
                    </tr> 
                    <tr>
                        <td class="alt"><label for="newdailylimit">New Daily Limit</label></td>
                        <td>$ <select name="newdailylimit">
                                <option value="100.00">100.00</option>
                                <option value="500.00">500.00</option>
                                <option value="1000.00">1000.00</option>
                                <option value="5000.00">5000.00</option>
                            </select></td>
                    </tr>
                    <tr>
                        <td class="alt">Amount Debited Today</td>
                        <td>S$ <?php echo $debited_today; ?></td>
                    </tr>
                    <tr>
                        <td class="alt">Amount Debited Left</td>
                        <td>S$ <?php echo ($dailylimit - $debited_today); ?> </td>
                    </tr>
                </table>
                <br/>
                <input type="submit" name="submit" value="Submit">
            </form>
在doTest.php中

 <?php
          if(isset($_POST['submit'])){
              $dailylimit = $_POST['dailylimit'];
              $newdailylimit = $_POST['newdailylimit'];

               if ($dailylimit != $newdailylimit){
                   $query = "UPDATE user SET daily_limit='$newdailylimit' WHERE user_id='$user_id'";
                   $result = mysqli_query($link, $query) or die(mysqli_error($link));
                   echo "<script>alert('You have successfully updated your daily limit');</script>";
                   echo '<meta http-equiv="refresh" content="0">';

                   }
                   elseif ($dailylimit == $newdailylimit){
                       echo "<script>alert('You have selected the same daily limit as your previous one. Please choose a different one. ');</script>";

                       }
                       else{

                       }         

                       }
            ?>

在example.php中,

            <center>

        <form method="POST" action="" onSubmit="return validate(this)" >
            <input type="button" value="Click for OTP" onclick="openotp()" />  <br/>  <br/> 

                <table id="table">
                    <tr>
                        <td class="alt"><label for="otp">Enter the 6-digit iBanking OTP </label></td>
                        <td><input type="password" name="otp" maxlength="6"></td>
                    </tr>
                </table>
            <br/>
            <input type="submit" name="submit" value="Click to submit OTP">
        </form>
            </center> 

            <?php
            $user_id = $_SESSION['user_id'];
         if(isset($_POST['submit'])){
             $otp = $_POST['otp'];

             $query = "SELECT otp FROM user where user_id='$user_id'";
             $result = mysqli_query($link, $query) or die(mysqli_error($link));
             $row = mysqli_fetch_array($result);
             $rand = $row['otp'];

if ($otp == $rand) {
$query = "SELECT * FROM user WHERE user_id='$user_id' AND otp='$otp'";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
echo "<script>location.href='doDailyLimit.php'</script>";


} else  {
    echo "<script>alert('You have keyed in an invalid OTP. Please try again.'); location.href='example.php';</script>";
}

         }

         ?>

2 个答案:

答案 0 :(得分:1)

首先将数据保存在test.php中的会话中。只有在检查otp是否正确后才能将它们添加到数据库中。

在test.php的开头添加以下代码并设置action =&#34; test.php&#34;

通过这种方式,您不会需要第三个文件。

if(isset($_POST['submit'])){ //form has been submitted
    if($_POST['dailylimit'] == $_POST['newdailylimit']){
        echo "<script>alert('You have selected the same daily limit as your previous one. Please choose a different one. ');</script>";
    } else {
        //you can store 'dailylimit' the same way, but i suppose you won't be needing it anymore.
        $_SESSION['newdailylimit'] = $_POST['newdailylimit'];
        header("Location : example.php"); //this will take you to example.php
    }
}

在example.php中,您需要检查otp是否正确。所以设置action =&#34; example.php&#34;并将以下代码添加到example.php的开头

if(isset($_POST['submit'])){  // form has been submitted.
    $otp = $_POST['otp'];
    //now check $otp against your database to see if its correct.
    //your database code goes here.
    if(//otp is right ){
        $newdailylimit = $_SESSION['newdailylimit'];  //it was stored in test.php
        //similarly store your user_id from session.
        //insert newdailylimit into database.
    } else { // which means otp is wrong
        header("Location : test.php?otp=0");
        /* by seding otp=0 you can let the user in test.php know that you were redirected back because your otp was wrong.
        you can add the following code in the beginning of test.php , which will show the message that otp was wrong.
        and they have to go through the whole process again.

        if(isset($_GET['otp'])){
            if($_GET['otp']==0){
                echo "<script>alert('You have provided wrong otp. blah bla...');</script>";
            }
        }
        */
    }
}

答案 1 :(得分:0)

将您的数据保存在$_SESSION中,使用header('Location: next-page.php')转到下一页检查密码,如果密码正常,会话数据可用保存数据,否则会清除会话并重定向到第一页