嗨,我是新来的,我的问题可能看起来很烦,但很抱歉
在我的成就中,我想防止多次提交按钮,这样我的客户的交易就不会仅使用php多次运行。
我成功使用代码捕获了客户的“提交”按钮
if(empty($_POST['key']) OR $_POST['key'] != $_SESSION['key'])
但是它总是返回true
elseif(empty($_POST['key']) OR $_POST['key'] != $_SESSION['key'])
{
$form= 'multiples transaction accur either you double click the options or transaction is already in progress please try again ';
exit();
}
//This line also return true when $mey is greater than 1
elseif($mey > 1)
{
exit();
}
因此,我在每一行代码中都添加了exit();,但是它在浏览器中退出,并且在扣除了我的客户电子钱包余额后也返回了true。
我在下面的代码中做错了什么?
非常感谢您的时间和对我的解决方案的影响
这是我的代码:
<?php
require('init.php');
error_reporting(0);
echo $_GET['type'];
if(!isset($_SESSION['count']))
{
$_SESSION['count'] = 0;
}
$vote = isset($_POST['button']) ? $_POST['button'] : false;
if($vote)
{
$mey = $_SESSION['count']++;
}
if($mey>1)
{
echo noo;
unset($_SESSION['count']);
}
$username = $_SESSION['user_name'];
$result = $conn->prepare('select * from users where username=:username');
$result->bindParam(':username', $username);
$result->execute();
while($row = $result->fetch(PDO::FETCH_BOTH))
{
$uid = $row['id'];
$username = $row['username'];
$ip = $row['ip'];
$ban = $row['validated'];
$balance = $row['balance'];
$pin = $row['pin'];
}
if(!empty($_GET['net']) && isset($_GET['number']) && $_GET['type']=='airtime' OR isset($_POST['net']) && isset($_POST['number']) && $_POST['type']=='airtime')
{
$nnet = $_GET['net'];
$nnumber = $_GET['number'];
$net = $_POST['net'];
$number = $_POST['number'];
$wnt = $_POST['amount'];
if($_GET['net'] ==glo)
{
$dis = '3%';
}
else
{
$dis = '1.4%';
}
$urll = "https://m...content-available-to-author-only...g.com/httpapi/?userid=08181808888&pass=d511b7db1f2b8fc67a&network=2&phone=$numberb&amt=$wnt";
$meg = "You are about to carry out <font
color='red'>$nnet</font> VTU airtime transaction on <font
color='red'>$nnumber</font> $dis discount apply";
$frm = '<input type="number" name="amount" placeholder="Amount"/>';
}
elseif(!empty($_GET['net']) && isset($_GET['number']) && $_GET['type']=='data' OR isset($_POST['net']) && isset($_POST['number']) &&
$_POST['type']=='data')
{
$nnet = $_GET['net'];
$nnumber = $_GET['number'];
$net = $_POST['net'];
$number = $_POST['number'];
$wnt = $_POST['amount'];
if($_GET['net']=='mtn' || $_POST['net']=='mtn')
{
$dis='1.4%';
$tag ='<option value="">DATA PLAN</option>
<option value="100">50MB 1day N100</option>
<option value="500">750MB 14days N500</option>
<option value="1000">1GB 30days 1000</option>
<option value="1200">1.5GB 30days 1200</option>
<option value="2000">2.5GB 30days 2000</option>
<option value="1200">1.5GB 30days 1200</option>
submit
<option value="2000">2.5GB 30days 2000</option>
<option value="1200">1.5GB 30days 1200</option>
<option value="2000">2.5GB 30days 2000</option>
1.5GB 30days 1200
<option value="3500">5GB 30days 3500</option>
<option value="3500">5GB 30days 3500</option>
<option value="3500">5GB 30days 3500</option>
<option value="5000">10GB 30days 5000</option>
<option value="10000">22GB 30days 10000</option>
</select>';
}
if($_GET['net']=='airtel' || $_POST['net']=='airtel')
{
$dis = '1.4%';
$tag ='<option value="">DATA PLAN</option>
<option value="100">50MB 1day N100</option>
<option value="200">100MB 3days N200</option>
<option value="500">750MB 14days N500</option>
<option value="1000">1.5GB 30days 1000</option>
<option value="1500">2.5GB 30days 1500</option>
<option value="2000">3.5GB 30days 2000</option>
<option value="2500">5.5GB 30days 2500</option>
<option value="4000">9.5GB 30days 4000</option>
<option value="5000">12GB 30days 5000</option>
</select>';
}
if($_GET['net']=='mobile' || $_POST['net']=='mobile')
{
$dis='1.4%';
$tag ='<option value="">DATA PLAN</option>
<option value="200">150MB 7day N200</option>
<option value="1000">1GB 3days N1000</option>
<option value="1200">1.5GB 3days N1200</option>
<option value="2000">2.5GB 3days N2000</option>
<option value="2500">3.5GB 3days N2500</option>
</select>';
}
if($_GET['net']=='glo' || $_POST['net']=='glo')
{
$dis='10%';
$tag = '<option value="">DATA PLAN</option>
<option value="100">100MB 24hrs N100</option>
<option value="200">262MB 7days N200</option>
<option value="500">1GB 14days N500</option>
<option value="1000">2GB 30days N1000</option>
<option value="2000">4.5GB 30days N2000</option>
<option value="2500">7.2GB 30days N2500</option>
<option value="3000">8.75GB 30days N3000</option>
<option value="4000">12.5GB 30days N4000</option>
<option value="5000">15.6GB 30days N5000</option>
<option value="8000">25GB 30days N8000</option>
<option value="10000">32.5GB 30days N10000</option>
</select>';
}
$urll = "https://m...content-available-to-author-only...g.com/httpapi/datatopup.php?userid=08181808888&pass=d511b7db11f2b8fc67a&network=2&phone=$number&amt=$wnt";
$meg="You are about to carry out <font
color='red'>$nnet</font> VTU DATA transaction on <font
color='red'>$nnumber</font> $dis discount apply";
$frm ="<b>SELECT BUNDLE</b><br/><select name='amount'/>$tag<br/><br/>";
}
if(!empty($_POST['amount']))
{
$wnt = $_POST['amount'];
$typ = $_GET['type'];
$ch = curl_init('https://API-url');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 3);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json'));
$data=curl_exec($ch);
if(($wnt>$data)||($data==$wnt) && $balance>$wnt)
{
$form="<font
color='red'>$wnt VTU is not available at this time please try again in few minuit</font></div>";
exit();
}
//This line of code below returns true always
elseif(empty($_POST['key']) OR $_POST['key'] != $_SESSION['key'])
{
$form= 'multiples transaction accur either you double click the options or transaction is already in progress please try again ';
exit();
}
elseif($wnt > $balance)
{
$form= 'Insufficient balance to complete transactions Please fund your account And Try again';
exit();
}
//This line also return true when $mey is greater than 1
elseif($mey > 1)
{
exit();
}
else
{
$ch = curl_init("$urll");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 3);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json'));
$data=curl_exec($ch);
$arr = explode("|", $data);
$baa = $arr[0];
curl_close($ch);
echo $errors;
$dutt =$wnt-$dis;
$dedut =$balance-$dutt;
$pad = $conn->prepare("UPDATE users SET balance=:redut WHERE id=:uid");
$pad->bindParam(":redut", $dedut);
$pad->bindParam(":uid", $uid);
$pad->execute()
or die(print_r($pad->errorInfo(), true));
$tme ="insert into books (book, item_name, quantity, msg, used, seen, take) values (:book, :item_name, :quantity, :msg, :used, :seen, :take)";
$me = $conn->prepare($tme);
$me->bindParam(':book', $book);
$me->bindParam(':item_name', $typ);
$me->bindParam(':quantity', $qty);
$me->bindParam(':msg', $number);
$me->bindParam(':used', $load);
$me->bindParam(':seen', $seen);
$me->bindParam(':take', $take);
$book=RAND(1000000, 2000000);
$typ = $_POST["type"];
$qty="1";
$number = $_POST["number"];
$load="load";
$seen = rand_string(7);
$take="checking";
$me->execute()
or die(print_r($me->errorInfo(), true));
$_SESSION['msg']="your $net $wnt $typ transfer to $number was successfully";
$form="your $net $wnt $typ transfer to $number was successfully";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...content-available-to-author-only...3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://w...content-available-to-author-only...3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type="text/css">
{
font-family:Arial, Helvetica, sans-serif;
font-size:14px;
}
</style>
<title>VTU TRANSACTIONS PAGE</title>
</head>
<body bgcolor="#FFFFFF">
<div style="width:100%; border: solid 2px #663333; " align="left">
<div style="background-color:#663333; color:#FFFFFF; padding:3px;"><img src="../image/newmsg.png" alt="new" border="0" /><b>VTU <? echo $_GET["type"]; ?> TRANSACTION</b></div><div class='info_post'><? echo $meg; ?></div><div style="margin:30px">
<?php
$_SESSION['key'] = mt_rand(1, 1000);
?><? echo $form; ?>
<!-- Form -->
<form action="<?php echo $_SERVER['PHP_SELF'] ?>#center" method="post"><? echo $frm; ?><input type="hidden" name="key" value="<?php echo $_SESSION['key'] ?>" /><input type="text" name="net" value="<?php echo $_GET['net'] ?>" /><input type="hidden" name="number" value="<?php echo $_GET['number'] ?>" /><input type="hidden" name="type" value="<?php echo $_GET['type'] ?>" />
<input type="submit" name="button" value="TRANSFER NOW" />
</form></div></div>
<div class="b_head" align="left"><img src="/image/man_key.png" width="14" height="14" style="border-radius:5px" /> WE HELP:- </div><div class="awa" align="left"><img src="image/fb.png" width="35" height="35" style="border-radius:5px" /> <font color="grey"><a href="https://f...content-available-to-author-only...k.com/solink.ml"><b> 08181808888
</b></a></font><br/><img src="image/phone.png" width="35" height="35" style="border-radius:5px" /> <font color="grey"><a href="tel:07010710811"><b> CUSTOMER CARE
</b></a></font></div>
</div>
</body>
</html>
<?php
require("foot.php");
?>
答案 0 :(得分:0)
除非您在init.php中调用了session_start()
$_POST['key'] != $_SESSION['key'])
始终为真,因为$_SESSION['key']为空。
还要将此error_reporting(0)更改为error_reporting(1),并给自己一些错误以供使用(直到您消除了所有错误为止)