php If else 语句重定向到另一个页面
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11668814/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
If else statement that redirects to another page
提问by tenderloin
I'm terrible with PHP/SQL, so any help would be appreciated.
我对 PHP/SQL 很糟糕,所以任何帮助将不胜感激。
Basically I have a form that posts the values 'firstname' & 'surname' to another page. What I want that page to do, is check to see if the user's name is already on the table 'Members'. If it is I want it to continue loading this page, but if they aren't on the database, I want the viewer to be re-directed to an existing sign up page.
基本上,我有一个将值“名字”和“姓氏”发布到另一个页面的表单。我希望该页面执行的是检查用户名是否已经在“成员”表中。如果是我希望它继续加载此页面,但如果它们不在数据库中,我希望查看器被重定向到现有的注册页面。
Here is the code I've been working on, I'm not sure if I'm heading in the right direction or not.
这是我一直在处理的代码,我不确定我是否朝着正确的方向前进。
<?php
$con = mysql_connect("localhost","site","xxxxxxxx");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("site", $con);
$query = "SELECT * FROM Members WHERE firstname='$_POST[firstname]' and surname='$_POST[surname]'";
$result = mysql_query($query);
if ($result==$something)
{
echo "great success"; //user continues loading page
}
else
{
echo "fail"; //user is redirected to sign up page
}
?>
采纳答案by Peon
This will do the trick:
这将解决问题:
<?php
$con = mysql_connect( "localhost", "site", "xxxxxxxx" );
if ( !$con ) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("site", $con);
1st, remove the sql injection part at least like this:
1,至少像这样删除sql注入部分:
$firstname = strip_tags( $_POST[ 'firstname' ] );
$surname = strip_tags( $_POST[ 'surname' ] );
2nd, I didn't change it, but you need to remove the *and enter only specific values you want to load. Even if those are all the values, still write them manually.
第二,我没有更改它,但是您需要删除*并仅输入要加载的特定值。即使这些都是值,仍然手动编写它们。
$query = "SELECT * FROM Members WHERE firstname='" . $firstname . "' and surname=' " . $surname. "'";
$result = mysql_query( $query );
3rd, you can check for row count, if you got some value, there is an entry with those variables
第三,你可以检查行数,如果你有一些值,有一个包含这些变量的条目
if ( mysql_num_rows($result) >= 1 ) {
// the page you want
} else {
// redirect user to another page
header( "Location: signup.php" ); die;
}
?>
Edit:
编辑:
Think adding some uniquerequests to your query. What will happen if two users have identical names and surnames or if a new one wants to join, but the name and lastname is already in the db ...
考虑向unique您的查询添加一些请求。如果两个用户有相同的名字和姓氏,或者如果一个新用户想要加入,但名字和姓氏已经在数据库中,会发生什么...
回答by asprin
if (mysql_num_rows($result) == 1)
{
echo "great success"; //user continues loading page
}
else
{
echo "fail"; //user is redirected to sign up page
}
Also, you're query is prone to SQL injection big time
此外,您的查询很容易受到 SQL 注入的影响
回答by AlphaMale
$rows = mysql_num_rows($results);
if ($rows == 1)
{
echo "login successful"; //user continues loading page
}
else
{
header ('location: signup.php'); //user is redirected to sign up page
}
回答by Sylence
You can simply put a header( "Location: host/site.php" )function call in your else branch followed by a die()
您可以简单地header( "Location: host/site.php" )在 else 分支中放置一个 函数调用,然后是 die()
回答by Shyantanu
if(mysql_num_rows($result) > 0){
echo "great success"; //user continues loading page
}
else
{
echo "fail"; //user is redirected to sign up page
}
use this
用这个
