我已经构建了一个地图脚本,用户可以在地图上捕获怪物。 有一个地图页面,然后他们点击捕获,他们转到另一个页面,将怪物插入团队。 问题是用户点击然后再次点击catch然后再次添加相同的怪物。
所以我的问题是,如果你有两个页面,那么阻止用户点击返回然后前进并再次获得相同的结果?
这是我的地图脚本
<?php
$con = mysql_connect("localhost","blah","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("blah", $con);
$qry = mysql_query("SELECT * FROM pokemon
WHERE type1='fire' AND swap='1' ");
$max = mysql_num_rows($qry) - 3; // i.e.: 5 rows would be 0,1,2,3,4
$random_number = mt_rand(0, $max);
$result = mysql_query("SELECT * FROM pokemon
WHERE type1='fire' AND swap='1' LIMIT ".$random_number.", 1");
$resultarray = mysql_fetch_array($result);
echo "<br>";
echo "<br>";
?>
<center>
<br />
<?php
$username = strip_tags( addSlashes( $_SESSION['username'] ) ); // Remove any nasties
$pokeID = strip_tags( addSlashes( $resultarray['id'] ) ); // Remove any nasties
$pokeNAME = strip_tags( addSlashes( $resultarray['type1'] ) ); // Remove any nasties
$pokePIC = strip_tags( addSlashes( $resultarray['pic'] ) ); // Remove any nasties
$_SESSION['runonce'] == 1
?>
<span class="style7"><strong>Pokemon Name :</strong> <?php echo $resultarray['name'] ?>
<br />
<strong>Pokemon Type :</strong> <?php echo $resultarray['type1'] ?> </span><br />
<?php echo '<img src="http://myurl.net/'.$resultarray['pic'].'" width="100" height="100" />'; ?>
</center>
<center>
<form action="test678.php" method="post">
<input type="hidden" name="username" value="<?php echo $_SESSION['username']; ?>" />
<input type="hidden" name="id" value="<?php echo $resultarray['id']; ?>" />
<input type="hidden" name="poke_name" value="<?php echo $resultarray['name']; ?>" />
<input type="hidden" name="poke_type" value="<?php echo $resultarray['type1']; ?>" />
<input type="hidden" name="poke_pic" value="<?php echo $resultarray['pic'] ?>" />
<input type="hidden" name="token" value="<?php echo md5($resultarray['name'].$salt.$resultarray['id']);?>" />
<input type="submit" name="Catch" value="Catch" />
</form>
然后这是test678.php
<?php
session_set_cookie_params(1200,'/','.pokemontoxic.net');
$salt = "jsdhgkjshgg";
?>
<?php
$error = Array();
$username = isset($_POST['username']) ? $_POST['username'] : $error[] = "No Username defined";
$id = isset($_POST['id']) ? $_POST['id'] : $error[] = "No ID defined";
$poke_name = isset($_POST['poke_name']) ? $_POST['poke_name'] : "No Pokeman Data defined (name)";
$poke_type = isset($_POST['poke_type']) ? $_POST['poke_type'] : "No Pokemon Data defined (type)";
$poke_pic = isset($_POST['poke_pic']) ? $_POST['poke_pic'] : "No Pokemon Data defined (picture)";
if ( !empty ( $error ) )
{ $html = <<<ERROR_HTML
<html>
<head>
<title>Errors Detected</title>
</head>
<body>
<H3>Errors Have Been Detected</H3>
<p>
[ERRORS]
</p>
</body>
</html>
ERROR_HTML;
$str = "<ol>";
for ( $i = 0; $i < count($errors); $i++ )
{ $str .= "<li>". $errors[$i] ."</li>";
}
$str .= "</ol>";
$html = str_replace("[ERRORS]", $str, $html);
die($html);
}
$con = mysql_connect("localhost","ghgh","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("iuiiui", $con);
mysql_query("INSERT INTO user_pokemon
(pokemon, belongsto, exp, time_stamp, slot, level) VALUES('$poke_name','".$_SESSION['username']."', 100,'".time()."','0' ,'5' )
") or die(mysql_error());
echo $poke_name."<br>";
unset($_POST['username'] );
unset($_POST['id'] );
unset($_POST['poke_name'] );
unset($_POST['poke_type'] );
unset($_POST['poke_pic'] );
unset($id );
unset($poke_name );
unset($poke_type );
unset($poke_pic );
/*
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
*/
?>
所以用户在map.php上提交表单,然后将它们带到test678.php并添加怪物,然后用户点击它然后它可以再次单击捕获的同一个怪物它将添加相同的怪物...... 。 有没有办法阻止这个?
答案 0 :(得分:0)
你可以为此添加一个$ _SESSION变量,表明它已被捕获。然后在标题部分只检查$ _SESSION是否存在?
答案 1 :(得分:0)
在POST之后重定向用户(通过header("Location: [url]");)应该修复后退&amp;刷新双数据问题。