检查表单上用户的经度和纬度

时间:2017-07-17 11:32:11

标签: javascript php

我是PHP的初学者。 我在表单中遇到问题,我必须验证用户是否向我发送了巴黎的地址。

<?php
    $msg="";
    $db = mysqli_connect("localhost", "root", "", "dbname");
    if (isset($_FILES["image"]) AND !empty($_FILES['image']['name']))
    {
        $tailleMax = 3097152;
        $extensionsValides = array('jpg', 'jpeg', 'png');
        if($_FILES['image']['size'] <= $tailleMax)
        {
            $extensionUpload = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1));
            if(in_array($extensionUpload, $extensionsValides))
            {
                $newName =  uniqid(mt_rand(1, 5));
                $imageName = $newName.".".$extensionUpload;
                $chemin = "images/".$imageName;
                $resultat = move_uploaded_file($_FILES['image']['tmp_name'],$chemin);
            }else{
                $msg = "Le format doit être jpg, jpeg ou png";
            }
        }else{
            $msg = "Photo trop grande";
        }
    }
    if (isset($_POST['upload'])) {
        $image = $_FILES["image"]["name"];
        $about = $_POST["about"];
        $name = $_POST["name"];
        $adress = $_POST["adress"];
        $category = $_POST["category"];
        $latitude = $_POST["lat"];
        $longitude = $_POST["lng"];
        if($longitude > 48.7 and $longitude < 49 and $latitude > 2.2 and $latitude < 2.5){
            $sql = "INSERT INTO paristable 
                                (picture, name, about, adress, category, latitude, longitude) 
                        VALUES ('$imageName', '$name', '$about', '$adress', '$category', '$latitude', '$longitude')";
            mysqli_query($db, $sql);
            $msg = "Envoi réussi";
        }else{
            $smg= "Veuillez rentrer une adresse parisienne";
        }
    }else{
        $msg= "L'envoi a échoué";
    }
?>

所以我添加了这一行

if($longitude > 48.7 and $longitude < 49 and $latitude > 2.2 and $latitude < 2.5){

因为当用户发布地址时,我有一个脚本,它将纬度和经度输入隐藏输入。所以我试着用这条线来检查他是否在巴黎境内。因为如果地址不在巴黎,我不想发送数据。

今天我的表格无论如何发送它,所以我想我在这一行有一个错误。但我找不到它。

这是我的剧本

<script>
function showAlert(){
 var getLocation = function (address) {
    var geocoder = new google.maps.Geocoder();
    geocoder.geocode({
        'address': address
    }, function (results, status) {

        if (status == google.maps.GeocoderStatus.OK) {
            var latitude = results[0].geometry.location.lat();
            var longitude = results[0].geometry.location.lng();
            console.log(latitude, longitude);
    document.getElementById('lat').value = latitude;
            console.log(latitude);
    document.getElementById('lng').value = longitude;
            console.log(longitude);
        }
    });
};
document.getElementById('location').value = getLocation(document.getElementById('adress').value);
console.log(document.getElementById('location').value);
    document.getElementById('lat').value = latitude;
    document.getElementById('lng').value = longitude;
    console.log(document.getElementById('lat').value);
}
</script>

1 个答案:

答案 0 :(得分:1)

  

因为当用户发布地址时,我会有一个脚本出来   经纬度为隐藏输入。所以我试着检查一下   他在巴黎或不在这条线上。因为如果地址不是   在巴黎,我不想发送数据。

现在您已拥有用户的Latlongs,现在您可以使用Google的geocode API获取坐标所在城市的名称,然后如果城市是巴黎,您可以发布或显示错误还使用预准备语句来防止sql注入:

<?php
$msg = "";
$db  = mysqli_connect("localhost", "root", "", "dbname");
if (isset($_FILES["image"]) AND !empty($_FILES['image']['name'])) {
    $tailleMax         = 3097152;
    $extensionsValides = array(
        'jpg',
        'jpeg',
        'png'
    );
    if ($_FILES['image']['size'] <= $tailleMax) {
        $extensionUpload = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1));
        if (in_array($extensionUpload, $extensionsValides)) {
            $newName   = uniqid(mt_rand(1, 5));
            $imageName = $newName . "." . $extensionUpload;
            $chemin    = "images/" . $imageName;
            $resultat  = move_uploaded_file($_FILES['image']['tmp_name'], $chemin);
        } else {
            $msg = "Le format doit être jpg, jpeg ou png";
        }
    } else {
        $msg = "Photo trop grande";
    }
}
if (isset($_POST['upload'])) {
    $image     = $_FILES["image"]["name"];
    $about     = $_POST["about"];
    $name      = $_POST["name"];
    $adress    = $_POST["adress"];
    $category  = $_POST["category"];
    $latitude  = $_POST["lat"];
    $longitude = $_POST["lng"];

    //get geographical info of the latlongs
    $geocode = file_get_contents('http://maps.googleapis.com/maps/api/geocode/json?latlng=' . $latitude . ',' . $longitude . '&sensor=false');
    $output  = json_decode($geocode);
    for ($j = 0; $j < count($output->results[0]->address_components); $j++) {

        $city = array(
            $output->results[0]->address_components[$j]->types[0]
        );
        //get the city name
        if (in_array("locality", $city)) {
            $cityName = $output->results[0]->address_components[$j]->long_name;
        }
    }

    if ($cityName == "Paris") {
        $sql  = "INSERT INTO paristable (picture, name, about, adress, category, latitude, longitude) VALUES(?,?,?,?,?,?,?)";
        $stmt = mysqli_prepare($db, $sql);
        mysqli_stmt_bind_param($stmt, 'sssssss', $imageName, $name, $about, $adress, $category, $latitude, $longitude);

        if (mysqli_stmt_execute($stmt)) {

            $msg = "Envoi réussi";
        } else {

            $msg = mysqli_stmt_error($stmt);
        }

    } else {

        $msg = "L'envoi a échoué";
    }


} else {
    $msg = "L'envoi a échoué";
}
?>
相关问题
最新问题