我遇到<?php echo $_SERVER['PHP_SELF']; ?>时遇到问题。出于某种原因,我的HTML表单中的这一行从URL中删除了我的$ _GET变量(我手动放置)。
要理解我的问题,这是我的register.php代码:
<?php
session_start();
// IF USER NOT REMEMBERED(DID NOT CLICK REMEBER ME BUTTON) OR NO SESSION IS FOUND THEN THROW HIM OUT TO LOGIN
//SECURITY SO THAT USERS CANT ACCESS WEB URL DIRECTLY
$host="localhost"; // Host name
$username="user"; // Mysql username
$password="password"; // Mysql password
$db_name="database"; // Database name
$tbl_name="temp_table"; // Table name
// Connect to server and select databse.
$link_temp = mysql_connect("$host", "$username", "$password") or die("cannot connect");
mysql_select_db($db_name, $link_temp);
$results=mysql_query("SELECT temporary_password, temporary_username FROM $tbl_name WHERE temporary_username = '".$_GET['temp_username']."'");
$row = mysql_fetch_array($results);
if($_GET['temp_password'] != $row['temporary_password'] || $_GET['temp_username'] != $row['temporary_username']){
mysql_close();
header("Location: index.php?invalid_user=1");
}
elseif (empty($_GET['temp_password']) || empty($_GET['temp_username']) || empty($_GET)) {
mysql_close();
header("Location: index.php?invalid_user=1");
}
if(isset($_POST['submit']))
{
//retrieve our data from POST
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$username = $_POST['username'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
if($pass1 != $pass2){
echo '<div class="alert">Passwords do not match!</div>';
die();
}
$encrypted_mypassword = md5($pass1);
$dbhost = "localhost";
$dbname = "dbname";
$dbuser = "user";
$dbpass = "password"; //not really
$link_users = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname, $link_users);
//sanitize values before entering into database
$firstname = mysql_real_escape_string($firstname);
$lastname = mysql_real_escape_string($lastname);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$firstname = ucfirst(strtolower($firstname));
$lastname = ucfirst(strtolower($lastname));
$query = "INSERT INTO users ( firstname, lastname, username, password)
VALUES ('$firstname' , '$lastname' , '$username' , '$encrypted_mypassword');";
mysql_query($query);
mysql_close();
echo '<div class="info">User Successfully Created!</div>';
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Secure Customer Login</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0" />
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-status-bar-style" content="black" />
<link rel="stylesheet" type="text/css" href="css/reset.css">
<link rel="stylesheet" type="text/css" href="css/structure_register.css">
<link href='https://fonts.googleapis.com/css?family=Nothing+You+Could+Do' rel='stylesheet' type='text/css'>
<script>document.createElement('footer');</script>
</head>
<body>
<div class="img">
<img src="images/logo.png" />
</div>
<form class="box login" style="max-width:334px;" name="register" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset class="boxBody">
<label>First Name</label>
<input type="text" name="firstname" maxlength="50" tabindex="1" placeholder="First Name" required />
<label>Last Name</label>
<input type="text" name="lastname" maxlength="50" tabindex="2" placeholder="Last Name" required />
<label>Username</label>
<input type="email" name="username" maxlength="50" tabindex="3" placeholder="Email" required/>
<label>Password</label>
<input type="password" required pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\w{6,}" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Password must contain at least 6 characters, including UPPER and lowercase and numbers' : ''); if(this.checkValidity()) form.pass2.pattern = this.value;" placeholder="Password" name="pass1" tabindex="4" />
<label>Repeat Password</label>
<input type="password" required pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\w{6,}" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" placeholder="Repeat Password" name="pass2" tabindex="5" />
</fieldset>
<footer>
<center><input type="submit" name="submit" value="Register" class="btnLogin" /></center>
</footer>
</form>
<footer id="main">
© 2014 Rye High Group. All rights reserved.</a>
</footer>
</body>
</html>
基本上我网站上的register.php页面从包含两个get变量的链接获取输入:temp_username和temp_password。因此,用于访问该站点的链接如下所示:my_domin.ca/register.php?temp_username = SomeUser1&amp; tempc / password = Somepassword1
将get变量与数据库中的条目进行比较,如果它们返回true,则授予用户访问register.php的权限,否则将转发给index.php。访问register.php没问题,但是一旦提交表单,就会从URL中删除$ _GET变量,从而将用户转发到index.php
我的问题是:如何修改<?php echo $_SERVER['PHP_SELF']; ?>以停止删除GET变量
P.S。一旦我在我的网站上运行基本功能,我就会转换到mysqli(因为我知道mysql_ *是最好的,并希望减少过渡期间的错误)
答案 0 :(得分:3)
$_SERVER['REQUEST_URI']:为访问此页面而提供的URI。
您的表单应该是:
<form action="<?php echo $_SERVER['REQUEST_URI'] ?>">
your inputs
</form>