I'm a PHP noob and I need some help if you can.
I have a little website similar to a survey in witch i click on a link and in the next page I have get the previous variable and store it through all the survey.
In the first page I have 5 buttons to choose:
in the second page I use $_GET to have the first variable
<?php
// Starting session
session_start();
if (isset($_GET['q1'])){
$question_1 = $_GET['q1'];
$_SESSION['q1'] = $question_1;
echo '<br>';
echo $_SESSION['q1'];
}
else{
header('location: index.php');
exit();
}
?>
My problem is that is someone change the url (question-2.php?q1=ANYTHING-ELSE)
I need to redirect them to the home page.
Basically I need to have an If statement in witch I only echo the five results of the 5 href
So I can have one session $_SESSION['q1'] with dynamic content but restricted to this five.
I know it's wrong but i need to restrict the get to this:
if (isset($_GET['q1']) && (($_GET['q1'])= '1' or '2' or '3' or '4' or '5'){}
Thank you!
What you can do here is have an array of allowed values and check if q1 value is one of the values in the given array:
<?php
// Starting session
session_start();
$allowed = array(1, 2, 3, 4, 5);
if (isset($_GET['q1'])) {
$question = (int) $_GET['q1'];
if(in_array($question, $allowed, true)){
$_SESSION['q1'] = $question;
echo '<br>';
echo $_SESSION['q1'];
} else {
header('Location: index.php');
exit();
}
} else {
header('Location: index.php');
exit();
}
Related
I'm making a login attempt checker, so if user inputs wrong key (witch was send via email) then It add +1 on the attempt meter. I stored it in a session did quite a lot of research but it just doesn't work. here is my PHP code.
session_start();
$_SESSION['poskusi'] = 0;
$kljuc = $_SESSION['rand_kljuc'];
if(isset($_POST['vpis_kljuc'])){
$vpis_kljuc = $_POST['vpis_kljuc'];
if($vpis_kljuc == $kljuc){
echo "You are in";
}
else {
echo "Wrong key";
$_SESSION['poskusi']+1;
if($_SESSION['poskusi'] == 3){
echo "locked";
}
}
}
You are setting the counter to 0 every time the page loads.
Try this:
if(!isset($_SESSION['poskusi'])) {
$_SESSION['poskusi'] = 0;
}
You are also incrementing it wrong. It should be
$_SESSION['poskusi']++; or
$_SESSION['poskusi']+=1; if you prefer.
<?php
if(isset($_POST['MarkaSinifi'])) {
$MarkaSinifi = $_POST['MarkaSinifi'];
echo "https://www.xxxxx.com/cart.php?a=add&pid=3&configoption[1]=2&customfield[10]=webx";
foreach($MarkaSinifi as $marka) {
echo '&configoption[' . $marka . ']=1';
}
}
?>
I made that code for redirect user every $marka has a value like 1,2,3 this is the result for the link i want to redirect: "https://www.xxxxx.com/cart.php?a=add&pid=3&configoption[1]=2&customfield[10]=webx&configoption[51]=1&configoption[52]=1"
This is just text, but i want to redirect users to that link. How can i do that?
This is what i did: https://coinearn.shop/marka.php
If you know all index of $marka, you can use
<?php
header('Location: '. "https://www.xxxxx.com/cart.php?a=add&pid=3&configoption$marka[0]=2&customfield[10]=webx&configoption$marka[1]=1&configoption$marka[2]=1");
This can help too
<?php
$args[0] = 'Location: https://www.xxxxx.com/cart.php?a=add&pid=3&configoption%s=2&customfield[10]=webx&configoption%s=1&configoption%s=1';
$args = array_merge($args, $marka);
header(call_user_func_array('sprintf', $args);
Ok ive asked this question on here today but this code is much easier to follow. i still dont understand why this page would redirect in a loop?
<?php
ini_set('display_errors', 1);
session_start();
$_SESSION['passw'] = "word";
$_POST['passw'] = "word";
if($_POST['passw'] === "word" ){
echo 'post ok';
$_SESSION['passw'] = "word";
unset($_POST);
session_write_close();
header('Location: '.$_SERVER['PHP_SELF']);
}
if($_SESSION['passw'] === "word") {
echo 'password checked ok<br>';
}
?>
Well, let's show just the relevant lines:
$_POST['passw'] = "word";
if($_POST['passw'] === "word" ){
header('Location: '.$_SERVER['PHP_SELF']);
}
Basically you are saying
if (true) {
reloadThePage();
}
Because you are setting the value to "word" immediately before your IF statement.
$_POST['passw'] = "word";
if($_POST['passw'] === "word" ){
So, to fix, remove this:
$_POST['passw'] = "word";
The page im posting to has the following code, and echo's the cookie correctly:
/* verify.php */
if ($age >= "21" && $location == "USA" && $cookie == "Y") {
$value = "1";
setcookie("age_verified", $value, time()+60*60*24*30);
header("Location: ../portal.php?cookieset");
}
elseif ($age >= "21" && $location == "USA") {
session_start();
$_SESSION['age_verified'] = "1";
header("Location: ../portal.php?sessionset");
}
On portal.php i am not able to echo the cookie, but the session shows up fine if that option is chosen.
/* portal.php */
session_start();
echo $_SESSION["age_verified"];
Result is "1"
/* portal.php */
echo $_COOKIE["age_verified"];
No Result
I'm trying to achieve something like the code block below, but it's not working properly since cookie doesn't echo a result
/* portal.php */
session_start();
if($_SESSION['age_verified']!="1"){
header("Location: index.php?no_session");
}
elseif ($_COOKIE['age_verified']!="1"){
header("Location: index.php?no_cookie");
}
else{
echo "";
}
What am i missing?
It would seem to me that $_SESSION['age_verified']!="1"||$_COOKIE['age_verified']!="1" is checking against EITHER session or cookie values. Cookie values are more persistent as they are stored on the user's machine, and session values only persist to a browsing session. They may not both be set.
In fact, looking at your logic on verify.php you are performing one action OR the other, not both. Hope this helps.
I am trying to create something like a lock and unlock pages feature. The user has to go thorugh the pages in this order:
$steps = array(1 =>'create_session.php',2 => 'QandATable.php',3 => 'individualmarks.php',4 => 'penalty.php',5 => 'penaltymarks',6 => 'complete.php');
So what should happen is that if the user is on a page a they SHOULD BE on, then that page shold be unlocked (or in other words the if statement is met where it shows the page's code), if the user accesses a page which they should not be on, then that page beocmes locked (the else statement is met where it displays the div with the Continue hyperlink`).
The problem is that even though the user is on the correct page, the page is still "locked" when it should be unlocked so the user can use the page. At moment all pages accessed are locked so my question is that how can I unlock a page when the user is on a correct page?
Below is an example create_session.php:
<?php
session_start();
include ('steps.php'); //exteranlised steps.php
?>
<head>
...
</head>
<body>
<?php
if ((isset($username)) && (isset($userid))) { //checks if user is logged in
if (allowed_in() === "Allowed") {
//create_session.php code:
} else {
$page = allowed_in() + 1;
?>
<div class="boxed">
Continue with Current Assessment
<?php
}
} else {
echo "Please Login to Access this Page | <a href='./teacherlogin.php'>Login</a>";
//show above echo if user is not logged in
}
?>
Below is the full steps.php:
<?php
$steps = array(1 =>'create_session.php',2 => 'QandATable.php',3 => 'individualmarks.php',4 => 'penalty.php',5 => 'penaltymarks',6 => 'complete.php');
function allowed_in($steps = array()){
// Track $latestStep in either a session variable
// $currentStep will be dependent upon the page you're on
if(isset($_SESSION['latestStep'])){
$latestStep = $_SESSION['latestStep'];
}
else{
$latestStep = 0;
}
$currentStep = basename(__FILE__);
$currentIdx = array_search($currentStep, $steps);
$latestIdx = array_search($latestStep, $steps);
if ($currentIdx - $latestIdx == 1 )
{
$currentIdx = $_SESSION['latestStep'];
return 'Allowed';
}
return $latestIdx;
}
?>
Something like this, though this probably won't work as is:
$allowed_page = $_SESSION['latestStep'];
if ($steps[$allowed_page] == $_SERVER['SCRIPT_NAME']) {
... allowed to be here ...
}
Basically, given your array of "steps", you store the index of the allowed page in the session as you. As they complete a page and "unlock" the next page, you increment that index value in your session and redirect to the next page in the sequence.
if ($page_is_done) {
$_SESSION['latestStep']++;
header("Location: " . $steps[$_SESSION['latestStep']]);
}
Keep it simple, seems that you are over complicating the goal. It seems like you simply want to ensure that the user completes previous steps of a process before they can continue on to the next. Why not try something more like...
// General Idea
$completedArr = array('1' => false, '2' => false ...);
$pageMap = array('page1.php' => '1', 'page2.php' => '2' ...);
// On Page1
$completedArr = $_SESSION['completedArr'];
$locked = true;
$currentStep = $pageMap[$_SERVER['SCRIPT_NAME']]; // '1'
if($currentStep > 1)
{
if($completedArr[$currentStep - 1] === true)
$locked = false;
}
else
{
$locked = false;
}
$completedArr[$currentStep] = true;
$_SESSION['completedArr'] = $completedArr;
Use this as needed for continuous pages also. The idea is that the pageMap you would define to give index numbers to script names. Then you would simply check to see that the previous index was marked as completed before "unlocking" this page.