如何使用请求方法发布$ _GET变量值

时间:2019-04-19 17:05:49

标签: php

我正在尝试发布$ _GET值,因此它无法使用$ _SERVER [“ REQUEST_METHOD”]将变量值插入数据库。

<?php require_once("../includes/initialize.php"); ?>
<?php include("../includes/form_validation_card.php"); ?>
<?php $username = $_SESSION['username']; ?>
<?php
if(!isset($_GET['total']) && !isset($_GET['order_id'])){
    redirect_to('order_summary.php');
}
$total    = $_GET['total'];
$order    = $_GET['order_id'];
?>

<?php
$username       = $_SESSION['username'];
$sql            = "SELECT * FROM customers WHERE username='$username'";
$result_set     = $database->query($sql);
$found_user     = $database->fetch_array($result_set);
?>

<?php include_layout_template('header2.php'); ?>
<div class="container">
<div class="row">
<br/><br/><?php echo output_message($message); ?>
</div>
    <div class="row ">
    <div class="jumbo jumbotron-fluid mx-auto d-block" style="height: 500px; width: 440px; background-color:#DCDCDC; border-radius: 5px;" >
    <div class="text-center" style="margin: 3px;"><img src="logo/eden_petshop_logo.png" width="32" height="32"/><?php echo $found_user['first_name']; ?> <?php echo $found_user['last_name']; ?></div>
    <p class="text-center">order id: #<?php echo $order; ?></p>
  <h4 class="display-4 lead text-center">N<?php echo $total; ?></h4>
   <div class="col-sm-6 col-sm-offset-3 mx-auto d-block">
    <?php echo output_message($message); ?>
       <form action="<?= $_SERVER['PHP_SELF']; ?>" method="post" class="form-horizontal">
        <div class="form-group">
        <div class="col">
        <input type="text" name="card_number" onchange="trim(this)" placeholder="Card Number" class="form-control" id="card_number"/>
        <span style="color: #EA4335"><?= $card_number_error; ?></span>
        </div>
       </div>
    <div class="form-group">
    <div class="row">
    <div class="col">
      <input type="text" name="mm_yy" class="form-control" onchange="trim(this)" placeholder="MM/YY">
      <span style="color: #EA4335"><?= $mm_yy_error; ?></span>
    </div>
    <div class="col">
      <input type="password" name="cvv" class="form-control" onchange="trim(this)" placeholder="CVV">
      <span style="color: #EA4335"><?= $cvv_error; ?></span>
    </div>
     </div>
           </div>
       <div class="col-sm-12 col-sm-push-3">
        <button type="submit" name="submit" value="Pay" class="btn bg-info btn-sm btn-block" onClick="return confirm('Are you sure your details are correct?');">Pay</button>
           </div>
       </form>
   </div>
    </div>
</div>

<?php include_layout_template('footer2.php'); ?>

这是输入显示页面,但是我试图将$ total和$ order $ _GET变量插入数据库中。请注意,代码分配的其他每个部分都工作正常。

<?php 
//define variables and set them to empty values
$total_error = $order_error = $card_number_error = $mm_yy_error = $cvv_error = "";
$timestamp = strftime("%Y-%m-%d %H:%M:%S", time()); 
//form is submitted with post method
if($_SERVER["REQUEST_METHOD"] == "POST"){

if(empty($_POST["card_number"])){
    $card_number_error = "<div class=''>Card number is required</div>";
}else{
    $card_number = test_input($_POST["card_number"]);
    //Check if name only contains letters and whitespaces
    if(!preg_match("/^(?=.*?[0-9]).{16,}$/",$card_number)){
        $card_number_error = "<div>Only 16 numbers allowed</div>";
    }
}

if(empty($_POST["mm_yy"])){
    $mm_yy_error = "<div class=''>Card expiry is required</div>";
}else{
    $mm_yy = test_input($_POST["mm_yy"]);
    //Check if name only contains letters and whitespaces
    if(!preg_match("/^(?=.*?[0-9]).{3,}$/",$mm_yy)){
        $mm_yy_error = "<div class=''>Only numbers allowed</div>";
    }
}   

if(empty($_POST["cvv"])){
    $cvv_error = "<div class=''>Card verification is required</div>";
}else {
    $cvv = test_input($_POST["cvv"]);
    //check if username is atleast 7 characters
    if(!preg_match("/^(?=.*?[0-9]).{3,}$/",$cvv)){
        $cvv_error = "<div class=''>Card verification must not be more than 3 numbers</div>";
    }
}


if($card_number_error == "" && $mm_yy_error == "" && $cvv_error == ""){
    $token = 'vfjhvbkebecbjDRCWVJEcbkrvlnke24tir7c_zdvbejw968350124';
    $token = str_shuffle($token);
    $token = substr($token, 0, 15);

    $username       = $_SESSION['username'];
    $sql            = "SELECT * FROM customers WHERE username='$username'";
    $result_set     = $database->query($sql);
    $found_user     = $database->fetch_array($result_set);
    $email          = $found_user['email_address'];

    $pay = new Payment();
    $pay->username           = $username;
    $pay->order_id           = $order;
    $pay->total              = $total;
    $pay->card_number        = $card_number;
    $pay->expiry             = $mm_yy;
    $pay->cvv                = $cvv;
    $pay->transaction_id     = $token;
    $pay->status             = 0;
    $pay->created_at         = $timestamp;
    if($pay->save()){
        //$mail = new Mail();
        //$mail->email_address  =  $email_address;
        //$mail->send_transaction_confirmation();
    unset($_SESSION['shopping_cart']);  
    $session->message('<div class="btn bg-success">Congratulations!!! Your order has been processed.</div>');
    redirect_to('photos.php');
    }
}

if(empty($_POST["message"])){
    $message = "";
}   else{
    $message = test_input($_POST["message"]);
}
}


function test_input($data){
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    $data = htmlentities($data);
    return $data;
}
?>

请注意,我的$ order和total不会插入到我的数据库中...对preg_match的任何帮助将不胜感激...

1 个答案:

答案 0 :(得分:0)

您需要在破损的代码中使用$ _POST而不是$ _GET。请注意,您的工作代码改用$ _POST,这就是它起作用的原因。

相关问题
最新问题