我正在制作一个纯粹用于学习的付款系统,而且时间有限。我意识到我的安全性没有达到应有的水平。并非所有都是正确的。我没有足够的时间看一切。通常,我需要使其正常运行。
我的余额视图表中有一个余额,其中包含user_id和balance。我可以在屏幕等上输出余额。
我要这样做,以便如果您从一个转移到另一个,如果余额不足0,则他们将无法转移任何东西。这最好与MySQL代码或if语句一起使用。到目前为止,我已经知道了。
<?php
session_start();
require_once('verbinding.php');
if(!isset($_SESSION['username']) & empty($_SESSION['username'])){
header('location:index.php'); //redirect naar index.php als je niet ingelogd bent.
}
$username = $_SESSION['username'];
$user_id = $_SESSION['user_id'];
?>
<!DOCTYPE html>
<?php
require_once('verbinding.php');
?>
<!doctype html>
<html lang="en">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-
scale=1, shrink-to-fit=no">
<!-- Bootstrap CSS -->
<link rel="stylesheet"
href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min
.css" integrity="sha384-
MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO"
crossorigin="anonymous">
<title>Kameleon</title>
<style>.carousel-inner > .item > img { width:100%;
height:570px; } </style>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<nav class="navbar navbar-dark bg-dark">
<!-- Navbar content -->
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarText" aria-controls="navbarText" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarText">
<ul class="navbar-nav mr-auto">
<li class="nav-item">
<a class="nav-link" href="register.php">Register</a>
</li>
<li class="nav-item active">
<a class="nav-link" href="login.php">My Account <span class="sr-only">(current)</span></a>
</li>
<li class="nav-item">
<a class="nav-link" href="#">Customer Service</a>
</li>
</ul>
</div>
<a class="navbar-brand" href="index.php">Kameleon</a>
</nav><br><br>
<h1 class="display-3">Members area </h1>
<br>
<?php
$sql = "SELECT * FROM users WHERE id='$user_id'";
$result = mysqli_query($conn, $sql);
if($row = mysqli_fetch_array($result))
{
$username = $row["username"];
$sql = "SELECT balance FROM balanceview WHERE
user_id=$user_id";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result);
echo "Hallo $username, jouw balans is: "
.$row["balance"] . " euro";
}
?>
<br><br>
<form action='transfer.php' method='REQUEST'
enctype="multipart/form-data">
<div class="test">
<b>Transfer amount</b><br><br>
<label>Amount</label> <input type='text'
name='amount' value=''><br>
</div>
<div class="test">
<label>To which Kameleon account</label> <input
type='text' name='touser' value=''><br>
</div>
<input type='submit' name='submit' class='knop'
value='send'><br>
</div>
</form>
<br>
<a href='logout.php'> Logout </a>
<!-- jQuery first, then Tether, then Bootstrap JS. -->
<script src="https://code.jquery.com/jquery-3.1.1.slim.min.js"
integrity="sha384-
A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n"
crossorigin="anonymous"></script>
<script
src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js
" integrity="sha384-
DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb"
crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-
alpha.6/js/bootstrap.min.js" integrity="sha384-
vBWWzlZJ8ea9aCX4pEW3rVHjgjt7zpkNpZk+02D9phzyeVkE+jo0ieGizqPLForn"
crossorigin="anonymous"></script>
<script
src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.
js" integrity="sha384-
ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy"
crossorigin="anonymous"></script>
</body>
<footer>
<nav class="navbar fixed-bottom navbar-dark bg-dark">
<a class="navbar-brand" href="register.php">Register</a>
<a class="navbar-brand" href="login.php">My Account</a>
<a class="navbar-brand" href="about.php">About Us</a>
</nav>
</footer>
</html>
这是不起作用的代码,我试图从头开始进行操作,我不知道该怎么做。它给出了一个错误。有人可以建议如何应用乘车代码以及寻找什么吗?
<?php
session_start();
require_once('verbinding.php');
$value = $_REQUEST['amount'];
$touser = $_REQUEST['touser'];
$fromuser = $_SESSION['user_id'];
$balance = $_SESSION['balance']
/*
die code hier van net en dan de if else
*/
$sql = "SELECT * FROM users WHERE id='$user_id'";
$result = mysqli_query($conn, $sql);
if($row = mysqli_fetch_array($result))
{
$username = $row["username"];
$sql = "SELECT balance FROM balanceview WHERE user_id=$user_id";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result);
}
if($row["balance"] < 0 )) {
echo "No way not enough credits";
} else {
$sql = "INSERT into transactions (from_user, to_user, amount)
VALUES ('$fromuser', '$touser','$value')";
$result = mysqli_query($conn, $sql) or
die(mysqli_error($conn));
echo $sql;
echo "$result";
}
?>
答案 0 :(得分:-1)
<?php
session_start();
require_once('verbinding.php');
$value = $_REQUEST['amount'];
$touser = $_REQUEST['touser'];
$fromuser = $_SESSION['user_id'];
$balance = $_SESSION['balance'];
/*
die code hier van net en dan de if else
*/
$sql = "SELECT * FROM users WHERE id='$user_id'";
$result = mysqli_query($conn, $sql);
if($row = mysqli_fetch_array($result))
{
$username = $row["username"];
$sql = "SELECT balance FROM balanceview WHERE user_id=$user_id";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result);
}
if($row["balance"] < 0 )) {
echo "No way not enough credits";
} else {
$sql = "INSERT into transactions (from_user, to_user, amount)
VALUES ('$fromuser', '$touser','$value')";
$result = mysqli_query($conn, $sql) or
die(mysqli_error($conn));
echo $sql;
echo "$result";
}
?>
固定代码^^ ....您缺少“;”在$ _session ['balance']之后;