所以我知道这是一个基本问题,我试图四处寻找,但我发现的一切都没有真正起作用。
无论如何,我有一个系统,每个人每天只能查看一次页面。现在,我现在有一个可以按下的按钮,它已经更新了MySQL Row ..但显然,他们可以继续刷新页面,并且他们可以无限制地访问它。
它的工作方式是,当页面加载时......数据库行将被更新,就像按钮一样。
这是我的第一个项目之一,所以我非常感谢给予的任何帮助。下面是我已经尝试过的东西,但它似乎没有用..
Update.php
<?php
include '../view.php'
mysqli_query($con, "UPDATE `users` SET `viewedtd`=`viewedtd`+1 WHERE `username` = '$username'") or die("Please contact us.");
JS部分
<script>
$(document).ready(function(){
$.ajax({
type: "GET",
url: "inc/update.php"
success: function(data) {
//blah
}
});
});
</script>
View.php
<?php
session_start();
include 'inc/config.php';
if (!isset($_SESSION['userSession'])) {
header("Location: login.php?access=denied");
}
$query = $con->query("SELECT * FROM users WHERE uid=" . $_SESSION['userSession']);
$userRow = $query->fetch_array();
include 'inc/global-checks.php';
if (isset($_GET['reported']) && $_GET['reported'] == 'true') {
$message = '<div class="alert alert-success"><span>Thanks! Our team will review it.</span></div>';
}
$ip = mysqli_real_escape_string($con, htmlspecialchars($_SERVER['REMOTE_ADDR']));
date_default_timezone_set('America/New_York');
$date = date('Y-m-d H:i:s');
if ($userRow['viewedtd'] >= $userRow['viewlimit']) {
header("Location: membership.php?lr=true");
}
$accounts = $con->query('SELECT epc FROM gen ORDER BY RAND() LIMIT 1;');
$result = $accounts->fetch_assoc();
if (isset($_POST['generate'])) {
$username = $userRow['username'];
$generated = strip_tags($_POST['generated']);
$generated = $con->real_escape_string($generated);
if ($userRow['viewedtd'] >= $userRow['viewlimit']) {
header("Location: membership.php?lr=true");
}
$insert = mysqli_query($con, "UPDATE `users` SET `viewedtd`=`viewedtd`+1 WHERE `username` = '$username'") or die("Please contact us.");
$insert2 = mysqli_query($con, "UPDATE `users` SET `waitperiod`= '$date' WHERE `username` = '$username'") or die("Please contact us.");
}
if (isset($_POST['rba'])) {
$generated = strip_tags($_POST['generated']);
$generated = $con->real_escape_string($generated);
$insert = mysqli_query($con, "UPDATE `gen` SET `working`= 'No' WHERE `epc` = '$generated'") or die("Please contact us.");
header("Location: generator.php?reported=true");
}
?>
<!DOCTYPE html>
<html class="no-focus" lang="en">
<head>
<meta charset="utf-8">
<title>Generator - <?php echo $site_name; ?></title>
<meta name="description" content="<?php echo $description; ?>">
<meta name="author" content="<?php echo $author; ?>">
<meta name="robots" content="noindex, nofollow">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<link rel="shortcut icon" href="assets/img/favicons/favicon.png">
<link rel="icon" type="image/png" href="assets/img/favicons/favicon-16x16.png" sizes="16x16">
<link rel="icon" type="image/png" href="assets/img/favicons/favicon-32x32.png" sizes="32x32">
<link rel="icon" type="image/png" href="assets/img/favicons/favicon-96x96.png" sizes="96x96">
<link rel="icon" type="image/png" href="assets/img/favicons/favicon-160x160.png" sizes="160x160">
<link rel="icon" type="image/png" href="assets/img/favicons/favicon-192x192.png" sizes="192x192">
<link rel="apple-touch-icon" sizes="57x57" href="assets/img/favicons/apple-touch-icon-57x57.png">
<link rel="apple-touch-icon" sizes="60x60" href="assets/img/favicons/apple-touch-icon-60x60.png">
<link rel="apple-touch-icon" sizes="72x72" href="assets/img/favicons/apple-touch-icon-72x72.png">
<link rel="apple-touch-icon" sizes="76x76" href="assets/img/favicons/apple-touch-icon-76x76.png">
<link rel="apple-touch-icon" sizes="114x114" href="assets/img/favicons/apple-touch-icon-114x114.png">
<link rel="apple-touch-icon" sizes="120x120" href="assets/img/favicons/apple-touch-icon-120x120.png">
<link rel="apple-touch-icon" sizes="144x144" href="assets/img/favicons/apple-touch-icon-144x144.png">
<link rel="apple-touch-icon" sizes="152x152" href="assets/img/favicons/apple-touch-icon-152x152.png">
<link rel="apple-touch-icon" sizes="180x180" href="assets/img/favicons/apple-touch-icon-180x180.png">
<link rel="stylesheet" href="http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400italic,600,700%7COpen+Sans:300,400,400italic,600,700">
<link rel="stylesheet" href="assets/js/plugins/slick/slick.min.css">
<link rel="stylesheet" href="assets/js/plugins/slick/slick-theme.min.css">
<link rel="stylesheet" href="assets/css/bootstrap.min.css">
<link rel="stylesheet" id="css-main" href="assets/css/oneui.css">
</head>
<body>
<div id="page-container" class="sidebar-l sidebar-o side-scroll header-navbar-fixed">
<nav id="sidebar">
<div id="sidebar-scroll">
<div class="sidebar-content">
<div class="side-header side-content bg-white-op">
<button class="btn btn-link text-gray pull-right hidden-md hidden-lg" type="button" data-toggle="layout" data-action="sidebar_close">
<i class="fa fa-times"></i>
</button>
<a class="h5 text-white" href="index.php">
<span class="h4 font-w600 sidebar-mini-hide"><?php echo $site_name; ?></span>
</a>
</div>
<div class="side-content">
<ul class="nav-main">
<li>
<a class="" href="index.php"><i class="si si-home"></i><span class="sidebar-mini-hide">Home</span></a>
</li>
<li>
<a class="" href="membership.php"><i class="si si-credit-card"></i><span class="sidebar-mini-hide">Membership</span></a>
</li>
<li>
<a class="active" href="generator.php"><i class="si si-refresh"></i><span class="sidebar-mini-hide">Generator</span></a>
</li>
</ul>
</div>
</div>
</div>
</nav>
<header id="header-navbar" class="content-mini content-mini-full">
<ul class="nav-header pull-right">
<li>
<div class="btn-group">
<button class="btn btn-default btn-image dropdown-toggle" data-toggle="dropdown" type="button">
<img src="assets/img/avatars/avatar10.jpg" alt="Avatar">
<span class="caret"></span>
</button>
<ul class="dropdown-menu dropdown-menu-right">
<li class="dropdown-header">Profile</li>
<li>
<a tabindex="-1" href="settings.php">
<i class="si si-settings pull-right"></i>Settings
</a>
</li>
<li class="divider"></li>
<li class="dropdown-header">Actions</li>
<li>
<a tabindex="-1" href="logout.php">
<i class="si si-logout pull-right"></i>Log out
</a>
</li>
</ul>
</div>
</li>
</ul>
</header>
<main id="main-container">
<div class="content">
<div class="row">
<div class="col-lg-4">
<div class="block block-themed">
<div class="block-header bg-danger">
<h3 class="block-title">Generator</h3>
</div>
<div class="block-content">
<div class="text-center push-10-t push-30">
<img class="img-avatar img-avatar96" src="assets/img/photos/p1.png" alt="">
</div>
<form class="form-horizontal" action="generator.php" method="post">
<div class="form-group">
<label class="col-xs-12" for="lock1-password">Random Info Below</label>
<div class="col-xs-12">
<input class="form-control" type="text" id="generated" name="generated" readonly="" value="<?php echo $result['epc'] ?>" placeholder="Click 'Generate'">
</div>
</div>
<div class="form-group">
<div class="col-xs-4">
<button class="btn btn-sm btn-danger" name="generate" type="submit"><i class="fa fa-refresh push-5-r"></i> Generate</button>
</div>
<div class="col-xs-4">
<button class="btn btn-sm btn-danger" name="rba" type="submit"><i class="si si-ban push-5-r"></i> Report Broken Account</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</main>
<?php include 'inc/footer2.php'; ?>
</div>
<script src="assets/js/core/jquery.min.js"></script>
<script src="assets/js/core/bootstrap.min.js"></script>
<script src="assets/js/core/jquery.slimscroll.min.js"></script>
<script src="assets/js/core/jquery.scrollLock.min.js"></script>
<script src="assets/js/core/jquery.appear.min.js"></script>
<script src="assets/js/core/jquery.countTo.min.js"></script>
<script src="assets/js/core/jquery.placeholder.min.js"></script>
<script src="assets/js/core/js.cookie.min.js"></script>
<script src="assets/js/app.js"></script>
<script src="assets/js/plugins/slick/slick.min.js"></script>
<script src="assets/js/plugins/chartjs/Chart.min.js"></script>
<script>
jQuery(function () {
App.initHelpers('slick');
});
</script>
<script>
$(document).ready(function(){
$.ajax({
type: "GET",
url: "inc/update.php"
success: function(data) {
alert("Page is loaded");
}
});
});
</script>
</body>
</html>
(注意;我在常规页面的初始PHP语句中也有包含'inc / update.php'; ,我不确定是否需要它。
更新:这是我在更新时遇到的错误.php
Parse error: syntax error, unexpected 'mysqli_query' (T_STRING) in C:\xampp\htdocs\gen\inc\update.php on line 3
答案 0 :(得分:1)
您在查询中犯了一个非常基本的错误。
UPDATE `users` SET `viewedtd`=+1 WHERE `username` = '$username';
应该是
UPDATE `users` SET `viewedtd`=viewedtd+1 WHERE `username` = '$username'
您不断向“已查看过的”列分配“+1”整数,而不是将其递增。