受密码保护的页面不会将变量传递到 php 中的数据库

问题描述 投票:0回答:1

好吧……我知道我已经快要让它发挥作用了……但事实并非如此……

我使用二维码通过 URL 传递变量......到“secure.php”页面

secure.php 是简单的密码保护......当用户输入正确的密码时,我希望页面将变量从 url 传递到数据库......这是我的代码

        

>     <?php

// Prepare variables for database connection

$dbusername = "username";  // enter database username
$dbpassword = "password";  // enter database password
$server = "0.0.0.0"; 
$db =   "mydatabase";
// Connect to your database

//$mysqli = mysqli_connect($server,$dbusername,$dbpassword,$db) or die("Error " . mysqli_error($mysqli));
//$FN = $_GET['FirstName'];
//$LN = $_GET['LastName'];
//$DL = $_GET['DLNumber'];
//$date = date('Y-m-d');


$user = $_POST['user'];
$pass = $_POST['pass'];



if($user == "user"
&& $pass == "pass")
{
 if (!empty($_GET)) 


$mysqli = mysqli_connect($server,$dbusername,$dbpassword,$db) or die("Error " . mysqli_error($mysqli));
$FN = $_GET['FirstName'];
$LN = $_GET['LastName'];
$DL = $_GET['DLNumber'];
$date = date('Y-m-d');






//$sql = "INSERT INTO attendance(FirstName,LastName,DLNumber,Date) VALUES ('$FN','$LN', '$DL','$date')";
    $sql = "INSERT INTO attendance(FirstName) VALUES ('$FN')";
    mysqli_query($mysqli, $sql);
    header("Location: http://www.mywebpage.com/"); 
    exit;

}
else
{
    if(isset($_POST))


    {?>

            <form method="POST" action="secure.php">
            User <input type="text" name="user"></input><br/>
            Pass <input type="password" name="pass"></input><br/>
            <input type="submit" name="submit" value="Go"></input>
            </form>
        
    <?}
}

  
  Can someone point me in the right direction?
php database variables passwords
1个回答
0
投票

您应该添加查询字符串(

<?=$_SERVER['QUERY_STRING']?>
)来发布网址,因此代码如下:

    <?php

// Prepare variables for database connection

$dbusername = "username";  // enter database username
$dbpassword = "password";  // enter database password
$server = "0.0.0.0"; 
$db =   "mydatabase";
// Connect to your database

//$mysqli = mysqli_connect($server,$dbusername,$dbpassword,$db) or die("Error " . mysqli_error($mysqli));
//$FN = $_GET['FirstName'];
//$LN = $_GET['LastName'];
//$DL = $_GET['DLNumber'];
//$date = date('Y-m-d');


$user = $_POST['user'];
$pass = $_POST['pass'];



if($user == "user"
&& $pass == "pass")
{
 if (!empty($_GET)) 


$mysqli = mysqli_connect($server,$dbusername,$dbpassword,$db) or die("Error " . mysqli_error($mysqli));
$FN = $_GET['FirstName'];
$LN = $_GET['LastName'];
$DL = $_GET['DLNumber'];
$date = date('Y-m-d');






//$sql = "INSERT INTO attendance(FirstName,LastName,DLNumber,Date) VALUES ('$FN','$LN', '$DL','$date')";
    $sql = "INSERT INTO attendance(FirstName) VALUES ('$FN')";
    mysqli_query($mysqli, $sql);
    header("Location: http://www.mywebpage.com/"); 
    exit;

}
else
{
    if(isset($_POST))


    {?>

            <form method="POST" action="secure.php<?=$_SERVER['QUERY_STRING']?>">
            User <input type="text" name="user"></input><br/>
            Pass <input type="password" name="pass"></input><br/>
            <input type="submit" name="submit" value="Go"></input>
            </form>
        
    <?php }
}

?>
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.