我希望开发一个包含各个阶段的网站。我想例如仅当我点击阶段1页面中的完成按钮时才通过阶段2,因此阶段2页面无法通过其URL访问,或者只有当用户通过另一页面时才能访问。
有没有办法做到这一点???我是安全的初学者,所以请尽量帮助我,先谢谢编码员
答案 0 :(得分:2)
利用sessions开发此模型。
<强> index.php
<?php
@extract($_POST);
if(isset($sub))
{
session_start();
$_SESSION['authenticate']=true;
header("location:test1.php");
exit;
}
?>
<form action='' method="post">
<input type="SUBMIT" name="sub" value="Finish" />
</form>
<强> open.php
<?php
session_start();
if(!isset($_SESSION['authenticate']))
{
echo "You are not allowed to access";
}
else { echo "You came from index.php ! so you are a valid user"; }
session_destroy(); //<-- I added this so you can test your example multiple times.
答案 1 :(得分:0)
我认为,这个节目工作:)
使用可以将用户直接从index.php重定向到open.php
header('Location : open.php');
或者, 在open.php中,把这个
if($_SERVER['HTTP_REFERER'] == 'index.php page's full link') {
//Do or Show whatever you want to show here
} else {
// Tell the user that you are not authorized
}
如果这不起作用,请回显$ _SERVER ['HTTP_REFERER']并查看它为您提供的链接。并将该链接放在上面指定的位置。
冷却? :)
编辑(根据评论) -
假设您在stage1.php
中的表单中有表单<form method="post" action="">
<span class="error"><?php echo $error; ?></span>
Name: <input type="text" name="name"><br/>
Email: <input type="text" name="email"><br/>
<input type="submit" name="submit" value="Submit">
</form>
在stage1.php中使用此php
if (isset($_POST['name'])||isset($_POST['email'])) {
if (!empty($_POST["name"])||!empty($_POST["email"])) {
$error = "Please fill in all the fields correctly";
}
else {
$name = $_POST['name'];
$email = $_POST['email'];
//You can also save the above Variables Globally by $GLOBALS['name'] = $_POST['name'];
//So that you can use the details when you reach the final stage
header('Location : stage2 page's link');
}
}
?>
并且在第2页中假设您有另一种形式,然后还要检查
<?php
if(!empty($name)||!empty($email)) {
//the above is check for global variables email and name are not empty - means stage 2 was filled properly
//Do things for the second page's form like you did for stage 1
} else {
header('Location : stage1 page's link');
//redirect back to stage 1.
}
?>