我有一段代码,用于将用户输入表单的信息发布到数据库。在将数据提交给DB的最后一行PHP之后:
header("location:http://www.site.com/page.htm");
这似乎没有做任何事情。它仍然将所有用户信息发布到数据库,但页面清除了就可以了。没有重定向。
以下是整个片段:
<?php
if(isset($_POST['register'])){
$username = ($_POST['username']);
$password = ($_POST['password']);
$email = ($_POST['email']);
$email2 = ($_POST['email2']);
$password2 = ($_POST['password2']);
$commname = ($_POST['commname']);
$outpostname = ($_POST['outpost']);
$special = ($_POST['specialty']);
if($username == "" || $password == "" || $email == "" || $password2 == "" || $email2 == "" || $commname == "" || $outpostname == "" || $special == "no"){
echo "Please supply all required fields!";
}elseif(strlen($username) > 20){
echo "Username must be less than 20 characters!";
}elseif(strlen($email) > 100){
echo "E-mail must be less than 100 characters!";
}elseif(strlen($email2) > 100){
echo "E-mail verify must be less than 100 characters!";
}elseif(strlen($commname) > 20){
echo "Your Commander's name must be less than 20 characters!";
}elseif(strlen($outpostname) > 20){
echo "Your Outpost's name must be less than 20 characters!";
}else{
$register1 = mysqli_query($myConnection,"SELECT `id` FROM `user` WHERE `username`='$username'") or die(mysqli_error($myConnection));
$register2 = mysqli_query($myConnection,"SELECT `id` FROM `user` WHERE `email`='$email'") or die(mysqli_error($myConnection));
if(mysqli_num_rows($register1) > 0){
echo "That username is already in use!";
}elseif(mysqli_num_rows($register2) > 0){
echo "That e-mail address is already in use!";
}else{
$spec = ($_POST['specialty']);
$comnam = ($_POST['commname']);
$postnam = ($_POST['outpost']);
$rand_col = rand(1,5); /*Number of Colonies that exist in the game*/
$ins1 = mysqli_query($myConnection,"INSERT INTO `stats` (`username`,`credits`,`food`,`land`,`energy`,`turns`,`turns_max`,`gas`,`ore`,`population`,`buildeff`,`offpts`,`defpts`,`score`,`specialty`) VALUES ('$username',2000,2000,100,2000,30,30,2000,2000,500,100,0,0,0,'$spec')") or die(mysqli_error($myConnection));
$ins2 = mysqli_query($myConnection,"INSERT INTO `unit` (`username`,`trainee`,`juggernaut`,`infantry`,`marauder`,`terminator`,`reconsq`,`prisoner`,`destroyer`,`colossus`) VALUES ('$username',100,0,50,0,0,0,0,0,0)") or die(mysqli_error($myConnection));
$ins3 = mysqli_query($myConnection,"INSERT INTO `user` (`colonynum`,`username`,`password`,`email`,`specialty`,`commname`,`outpostname`) VALUES ('$rand_col','$username','".md5($password)."','$email','$spec','$comnam','$postnam')") or die(mysqli_error($myConnection));
$ins4 = mysqli_query($myConnection,"INSERT INTO `structure` (`username`,`agridome`,`spaceport`,`barrack`,`researchfac`,`laserbat`,`factory`,`infirmary`,`trainingfac`) VALUES ('$username',1,0,5,0,0,0,1,1)") or die(mysqli_error($myConnection));
header("location:http://www.site.com/page.php");
}
}
}
?>
是的,我知道,我应该使用一些SQL注入保护,但不能让它正常工作......稍后会出现;)
答案 0 :(得分:1)
更改
header("location:http://www.site.com/page.php");
到
header("location: http://www.site.com/page.php");
此外,如果你甚至在header命令(即http请求的主体)之前输出一个字符,它将失败。 启用PHP错误报告以查看是否属于这种情况。
输出字符甚至可以是白色字符,在<?php和页面开头之间。
像: ======页面从这行开始=======
<?php
请注意<?php
答案 1 :(得分:1)
如果您的标头不起作用,那是因为您的脚本在发送标头之前产生了输出(例如,由于未经检查的GET参数而出现错误消息)。检查您的网络服务器的错误日志,其中应包含信息,究竟是什么失败。
答案 2 :(得分:1)
在任何其他类型的输出(错误消息,HTML,Javascript等)之前,需要将所有标头发送到浏览器。
在您的情况下,在调用header()之前,脚本中有很多内容,并且这些代码行中的一个或多个正在生成输出。一旦发生这种情况,您将无法再发送标题信息。
要解决此问题,请确定生成输出的内容并将其删除,或者在header()语句,echo语句之前将mysqli*调用更靠近脚本顶部,或者任何其他可以产生输出的行。
答案 3 :(得分:0)
使用它来工作:
$url = '/page.php';
echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">';