如果密钥有效,则不重定向

时间:2014-10-22 00:08:38

标签: php html mysql

我正在尝试制作一种beta密钥系统,用于验证系统中的密钥,如果是,则会重定向您。

但是当填写正确的密钥或随机值时,它会将您重定向到同一页面,而不会像它应该做的那样背后的任何东西。

<?php

include("config.php");    
echo "Your IP did not match to a beta key, please fill in one below:<br>";
echo '<form method="post" action="key">';
if (isset($_GET["failed"])) echo "That key has already been used or is invalid.<br>";
echo '<br>';
echo '<input type="text" name="key" placeholder="Beta Key" required=""/>';
echo '<br>';
echo '<button type="submit">Submit</button>';
echo '</form>';

if(isset($_POST['key'])) {
    $retrievekey = $con->prepare("SELECT key FROM keys");
    $retrievekey->execute();
    while ($result = $retrievekey->fetch()) {
        if($_POST['key'] == $result['key']) {
            header("Location: http://admin.gta-o.net/keyvalid");
            // do stuff when the key is valid
            die();
        } else {
            header("Location: http://admin.gta-o.net/key?failed=true");
            die();
        }
    }
}

echo "If you're looking for one please contact us on <i>developers@gta-o.net</i> with your name and reason.<br>";
echo "Chance on not getting a reply back is big, this means we have rejected your request.";
?>

以下是提交密钥或随机值时的样子,请注意,提交时似乎也删除了底部文字。

由于

1 个答案:

答案 0 :(得分:1)

在第一次迭代时,如果它不匹配就会死掉。它在所有行上都没有完整的循环。

只需选择该特定密钥即可。无需每次循环并检查每一行:

的mysqli 

<?php

include 'config.php';

if(isset($_POST['key'])) {

    $retrievekey = $con->prepare("SELECT `key` FROM `keys` WHERE `key` = ?");
    $retrievekey->bind_param('s', $_POST['key']);
    $retrievekey->execute();

    if($retrievekey->num_rows > 0) {
        header("Location: http://admin.gta-o.net/keyvalid");
    } else {
        header("Location: http://admin.gta-o.net/key?failed=true");
    }

    exit;

}

?>

<form method="POST" action=""> <!-- remove that action="key" -->
    <input type="text" name="key" placeholder="Beta Key" required="" /><br/>
    <button type="submit">Submit</button>
</form>

<p>If you're looking for one please contact us on <i>developers@gta-o.net</i> with your name and reason</p><br/>
<p>Chance on not getting a reply back is big, this means we have rejected your request.</p>

旁注:我不知道这是PDO还是mysqli,但如果是PDO:

$retrievekey = $con->prepare("SELECT `key` FROM `keys` WHERE `key` = :key");
$retrievekey->bindParam(':key', $_POST['key']);

然后,

if($retrievekey->rowCount() > 0) {

重要提示:

编辑keykeys都是MySQL reserved keywords,因此必须在查询中用反引号括起来。

相关问题
最新问题