使用PDO发送数据后重定向到空白页

时间:2017-08-01 13:41:37

标签: php mysql pdo

我有一个调查网页,如果用户完成,我会发送他们提供的数据(从其他页面$_SESSION),我会将他/她的状态更改为0(他们不能这样做)之后使用他/她的登录信息进行调查。)。

所有这些都与PDO有关。但为什么页面总是重定向到一个白色的空白页?

这是我的代码

<?php
session_start();
if (!isset($_SESSION['user'])) 
{
header("location:index.php");
}
?>

<?php
require_once "condb.php";
?>

<?php
if (isset($_POST['BTN_P2']))
{
  $_SESSION['problem'] = $_POST['problem'];
  if ($_SESSION['problem'] == "yes"){header("location:survey_3.php");}
else
{
  $sql="INSERT INTO data(time,suggest,phone,eat,problem) VALUES(?,?,?,?,?)";
  $stm=$cn->prepare($sql);
  $stm->bindParam("1",$_SESSION['time']);
  $stm->bindParam("2",$_SESSION['suggest']);
  $stm->bindParam("3",$_SESSION['phone']);
  $stm->bindParam("4",$_SESSION['eat']);
  $stm->bindParam("5",$_SESSION['problem']);

  try 
  {
    $stm->execute();
      try 
      {
       $sqlstatus="INSERT INTO login(status) VALUES(0)";
       $stmt=$cn->prepare($sqlstatus);
       $stmt->execute();
       echo "Finish!";
       header('location:finish.php');
      } 
      catch (Exception $error) 
      {
        echo $error->getTraceAsString();
      }
  } 
  catch (Exception $e) 
  {
    echo $e->getTraceAsString();
  }
}
}
?>

我缺少什么?

编辑#1:验证$_SESSION['user']的来源。

<?php
if (isset($_POST['BTN_ENTER']))
{
  $username=$_POST['username'];
  $password=$_POST['password'];
  $hashed_password=password_hash($password,PASSWORD_DEFAULT);
    try
    {
      $stmt = $cn->prepare("SELECT * FROM login WHERE username=:username LIMIT 1");
      $stmt->execute(array(':username'=>$username));
      $result=$stmt->fetch(PDO::FETCH_ASSOC);
      if($stmt->rowCount() > 0)
        {
          if(password_verify($password, $result['password']))
          {
            if ($result['status']==1)
              {
                $_SESSION['user']=$result['name'];
                header('location:survey.php');
              }
          }
        }
     }
     catch(PDOException $e)
     {
       echo $e->getMessage();
     }
}

1 个答案:

答案 0 :(得分:0)

您应该尝试将脚本分解为函数/方法,以便于使用,读取,重用等。当您创建函数时,您可以在实现之前手动尝试它。一旦你确认该函数本身有效,那么你将它抛入逻辑中,如果某些东西失败,你知道它不是那个函数:

<强> /functions/suggestEatingProblem.php 

<?php
function suggestEatingProblem($con,$array)
    {
        $sql = "INSERT INTO `data` (`time`,`suggest`,`phone`,`eat`,`problem`) VALUES(?,?,?,?,?)";
        $query = $con->prepare($sql);
        # Since you are not really doing anything special with your parameters
        # just do the array into the execute function, it's more straight forward
        $query->execute($array);
    }

<强> /functions/addLoginStatus.php 

<?php
function addLoginStatus($con,$val)
    {
        # Don't need to prepare, just query
        $con->query("INSERT INTO login (`status`) VALUES({$val})");
    }

<强> /functions/verifyUser.php 

<?php
function verifyUser($con,$username,$password)
    {
        $stmt = $con->prepare("SELECT `password`,`name` FROM login WHERE username = ? LIMIT 1");
        $stmt->execute(array($username));
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        if(empty($result['password']))
            return false;

        $isValid = password_verify($password, $result['password']);
        return ($isValid)? $result['name'] : false;
    }

<强> /config.php 

<?php
# Create some helpful constants
define('DS',DIRECTORY_SEPARATOR);
define('ROOT_DIR',__DIR__);
define('FUNCTIONS',ROOT_DIR.DS.'functions');
# Start session
session_start();
# Start database
require_once(ROOT_DIR.DS."condb.php");

<强> /whatever.php 

<?php
# Add config at top
require_once(__DIR__.DIRECTORY_SEPARATOR.'config.php');
# Add our functions to be used
require_once(FUNCTIONS.DS.'suggestEatingProblem.php');
require_once(FUNCTIONS.DS.'addLoginStatus.php');
# If no session, redirect
if (!isset($_SESSION['user'])) {
    header("Location: index.php");
    # Make sure to stop your script if you are done with the page
    exit;
}
# Check if submission
if(isset($_POST['BTN_P2'])) {
    # Assign problem (trim it)
    $_SESSION['problem'] = trim($_POST['problem']);
    # If yes
    if($_SESSION['problem'] == "yes") {
        # Redirect and stop the script execution
        header("Location: survey_3.php");
        exit;
    }
    else {
        # Just do one "try" here...
        try {
            # Run your function here
            suggestEatingProblem($cn,array(
                $_SESSION['time'],
                $_SESSION['suggest'],
                $_SESSION['phone'],
                $_SESSION['eat'],
                $_SESSION['problem']
            ));
            # Run your second function here
            addLoginStatus($cn,'0');
            # Redirect. You can not put content before you redirect, so
            # remove the "Finished" echo
            header('Location: finish.php');
            exit;
        } 
        catch (PDOException $e){
            echo 'Error occurred: '.$e->getTraceAsString();
        }
    }
}
else {
    echo 'No request sent.';
}

验证部分: 

# Add function (see the other example to add the config)
require_once(FUNCTIONS.DS.'verifyUser.php');
# If there is a submission
if(isset($_POST['BTN_ENTER'])) {
    try {
        # Fetch the name (or false)
        $user = verifyUser($cn,trim($_POST['username']),trim($_POST['password']));
        # If not false
        if($user) {
            # Assign the value
            $_SESSION['user'] = $user;
            # Redirect and stop execution of script
            header('Location: survey.php');
            exit;
        }
    }
    catch(PDOException $d) {
        echo $e->getMessage();
    }
}
相关问题
最新问题