PHP if / else 语句帮助
在我的网站上,表单通过 AJAX 引入并根据 sessionid 进行检查。我知道这不是最佳选择,但它对我们有用。如果引荐来源网址没有会话 ID,它们将被重定向回“另一个页面”。我需要允许一些外部 URL 直接访问表单。 我们在带有表单链接的页面上设置sessionid。
这是表单页面上现在的内容:
<?php
$code = $_GET['sessionid'];
if(strcmp( $code , 'XXXXX' ) != 0) {
header("Location: http://www.domain.com/anotherpage.php");
}
?>
我需要允许一些外部域直接访问表单页面,但遇到了问题: (我把它放在表单页面上的 head 标签上方)
<?php
$code = $_GET['sessionid'];
$referrer = $_SERVER['HTTP_REFERER'];
if(strcmp( $code , 'XXXXX' ) !=0) {
header("Location: http://www.domain.com/anotherpage.php");
} else {
if (preg_match("/site1.com/",$referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
}
}
?>
这仍然让我回到“anotherpage.php”,有什么想法吗?
********编辑 >******* 感谢您的帮助,它可以按照我的要求工作。现在我发现我问的并不完全正确。这会在 URL 后面附加 =sessionid?=XXXXX。这在我的网站上不是问题,因为我使用 .jquery .load 加载内容,因此 URL 不会更改。我不希望 sessionid 可见,但现在它是可见的。我可以 a) 以某种方式“修剪” url 或 b) 将这两个函数分开,使它们互斥吗?
On my site, forms are brought in via AJAX and checked against a sessionid. I know this is not optimal, but it's working for us. If the referrer doesn't have the session ID they are redirected back to "anotherpage". I need to allow some outside URL's access the form directly.
we set the sessionid on the page with the link to the form.
Here is what we have now on the form page:
<?php
$code = $_GET['sessionid'];
if(strcmp( $code , 'XXXXX' ) != 0) {
header("Location: http://www.domain.com/anotherpage.php");
}
?>
I need to allow some outside domains direct access to the form page and am having issues with this:
(I'm putting it above the head tag on the form page)
<?php
$code = $_GET['sessionid'];
$referrer = $_SERVER['HTTP_REFERER'];
if(strcmp( $code , 'XXXXX' ) !=0) {
header("Location: http://www.domain.com/anotherpage.php");
} else {
if (preg_match("/site1.com/",$referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
}
}
?>
this still bounces me back to "anotherpage.php" any ideas?
********EDIT*******
thx for the help, it works ad I requested. Now I see what I asked wasn't entirely correct. This appends the URL with =sessionid?=XXXXX. This isn't an issue on my site because I'm loading the content with .jquery .load so the URL doesn't change. I don't want the sessionid to be visible, and now it is. Can I either a) "trim" the url somehow or b) separate the two functions so they are exclusive?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
当我阅读您的帖子时,您希望
preg_match中的任何人都能获得所需的页面,无论sessionID状态如何,因此您不想首先测试sessionID。使用
preg_match测试启动if 块。As I read your post, you want anyone from the
preg_matchto get the desired page regardless ofsessionIDstatus, so you don't want to test sessionID first.Start the
if blockwith thepreg_matchtest.您的第一个
if正在检查它们是否没有$code并重定向它们。情况永远如此。您可能应该首先检查$referrer,然后再进行$code检查。Your first
ifis checking to see if they don't have the$codeand redirecting them. This will always be the case. You should probably check the$referrerfirst and then do the$codecheck.尝试使用 else if 反转
Try reverse if with else
如果我没有误解的话,问题出在你检查事物的顺序上。
如果您希望允许某些推荐人访问该网站即使他们没有会话 ID,您也必须之前进行检查检查会话 ID。否则,他们最终会像其他人一样受到对待。
您可以切换条件的顺序(首先检查引荐来源网址,然后检查会话 ID),或者在您已经知道会话 ID 无效的分支内检查引荐来源网址。
If I'm not misunderstanding this, the problem is in the order in which you are checking things.
If you want to allow some referrers to access the site even if they don't have the session id, you have to check for that before checking for the session id. Otherwise, they will end up being treated just like everyone else.
You can either switch the order of the conditions (first check for the referrer and then check fo the session id) or check for the referrer inside the branch in which you already know the session id is not valid.
问题可能出在您的正则表达式中,应该是:
注意转义点 (.)
The issue could be in your regex, it should be:
notice escaping the dot (.)