PHP + MySQL - 如何在進行結賬前檢查是否已登錄

Question

我正在做一個學校項目，我必須創建一個網站。我不擅長PHP，發現它很混亂。我需要做的是，當客戶點擊「立即購買」按鈕並輸入他們的電子郵件地址時，該頁面將只在他們已經登錄後纔將他們的訂單寫入數據庫。如果客戶未登錄，他們將被重定向到登錄頁面。

<?php 
    // Start a PHP session 
    session_start(); 

    // Check to see if user is already logged in 
    if(isset($_SESSION["sname"])) 
    { 
     header('Location: custwelcome.php'); 
     exit; 
    } 

?> 

正如我想，這應該確保該會話變量從客戶的日誌中存在存儲。

我會在將客戶訂單寫入數據庫的php代碼之前放置這段代碼嗎？或者我會把它放在「產品」的詳細頁面上。 （對於作業而言，網頁在點擊「立即購買」按鈕之前或之後檢查並不重要，只需檢查）。

如果沒有提供足夠的細節，這是我的產品頁面：

<!DOCTYPE html> 

<!-- XXXX 
project 
athletic1.htm --> 

<html lang="en"> 

    <head> 
    <!-- Meta tag --> 
    <meta name="robots" content="noindex.nofollow" /> 
    <meta charset="utf-8" /> 

    <!-- Link tag for CSS --> 
    <link type="text/css" rel="stylesheet" href="../stylesheet/project.css" /> 

    <!-- Javascript tags --> 
    <script type="text/javascript" src="../js/projectmessages.js"></script> 


    <!-- Web Page Title --> 
    <title>Shoe Source Unlimited - Athletic Shoe Sale</title> 

    </head> 

    <body> 
    <div id="header"> 

       <img src="../images/logo.png" alt="Logo" /> 

    <p class="sh1">Shoe Source Unlimited</p> 
    <p class="sh2">Your source for lightning sales of this season's hot shoes! </p> 

     <p class="sh3">XXXXX </p> 
    </div> 

    <div id="navbar"> 
     <ul id="nav"> 
      <li> 
       <a href="../homepage.htm">Home</a>       
      </li> 

      <li> 
       <a href="#">Men's</a> 
        <ul> 
         <li><a href="../sneakers.htm">Sneakers</a></li> 
         <li><a href="../loafers.htm">Loafers</a></li> 
         <li><a href="../athletic.htm">Athletic</a></li> 
        </ul>      
      </li> 

      <li> 
       <a href="#">Women's</a> 
        <ul> 
         <li><a href="../boots.htm">Boots</a></li> 
         <li><a href="../heels.htm">Heels</a></li> 
         <li><a href="../sandals.htm">Sandals</a></li>  
        </ul>    
      </li> 

      <li> 
       <a href="../about.htm">About Us</a>   

      </li> 

      <li> 
       <a href="../signup.htm">Sign Up</a> 

      </li> 

      <li> 
       <a href="../login.php">Log In</a> 

      </li> 

     </ul> 
    </div> 




    <div id="external"> 

    <p> 

      <a href="https://twitter.com/XXXXX" onclick="window.open(this.href); return false;"> 
       <img src="../images/twitter.jpg" alt="twitter" /> 
      </a> 
    </p> 
      <p>Follow us on Twitter!</p> 
     <br/> 


    <p> 

      <a href="http://www.facebook.com/ShoeSourceUnlimited" onclick="window.open(this.href); return false;"> 
       <img src="../images/facebook.png" alt="facebook" /> 
      </a> 
    </p> 
      <p>Like us on Facebook!</p> 
       <br/> 


     <a href="../em/projectem.htm"> 
     <img src="../images/email.jpg" alt="pinkemail" /> 
     </a> 
    </p>  
      <p> Send us an email!</p> 
    </div> 




<form id="joinform" action="../purchaseconfirm.php" method="post"> 
    <div id="about"> 

     <p class="abouttitle">Grey Athletic Shoe with Orange Enhancements</p> 
     <p class="abouttitle"><img src="../images/shoes/athletic1.jpg" alt="athletic1" /></p> 
     <p class="description">This low-top athletic shoe is designed for comfort during long-use. 
    The bright orange color is just bright enough to show some flash without going over the top!</p> 

    <p class="price">Price: $22.00 - tax included </p><br/><br/>  

     <!--Email --> 
       <p class="size"> 
       <label for="email">Email:</label> 
       <input type="email" id="email" name="email" required 
       title="Email: 6-59 characters, lowercase, valid email  only!" 
       pattern="[a-z0-9.-_]+@[a-z0-9-]+\.[a-z]{2,6}" 
       maxlength="60" 
       onfocus="emailmsg()" /> 
       </p> 

     <!-- Pick a size --> 

       <select name="size" id="size" required title="Select a size" > 
       <option value="">Select a size...</option> 
       <option value="athletic1size10">Grey and Orange Mens 10</option> 
       <option value="athletic1size10.5">Grey and Orange Mens 10.5</option> 
       </select> 


     <p class="submit"> 
       <input type="submit" 
       value=" Buy Now! "/> 
      <br/><br/> 
     </p>   
    </div> 

</form> 





    <div id="footer"> 

     <p> 

      &copy;2014, XXXXX 

     </p> 
    </div> 

    </body> 

</html> 

這裏是我的 「確認頁面」 爲所有購買：

<!-- 
project 
purchaseconfirm.php --> 

<!-- this will write to DB --> 



<?php 
// Connect to LOCAL or SERVER MySQL Database. Just change between local and server 
    include('connect/local-connect.php'); 

// initialize and populate PHP variables from user-entered data 

    $email = $_POST['email']; 
    $size = $_POST['size']; 



//Build a MySQL statement to populate the database table 
    $query = 
    "INSERT INTO shopping (email, size) 
    VALUES ('$email', '$size')"; 

// Run the query we just built 
    $result = mysqli_query($dbc,$query) or die('Unable to write to database'); 

// Close the database connection 
    mysqli_close($dbc); 

?> 






<html lang="en"> 

    <head> 
    <!-- Meta tag --> 
    <meta name="robots" content="noindex.nofollow" /> 
    <meta charset="utf-8" /> 

    <!-- Link tag for CSS --> 
    <link type="text/css" rel="stylesheet" href="stylesheet/project.css" /> 

    <!-- Javascript tags --> 
    <script type="text/javascript" src="js/projectmessages.js"></script> 


    <!-- Web Page Title --> 
    <title>Shoe Source Unlimited - Purchase Confirmation</title> 

    </head> 

    <body> 
    <div id="header"> 

       <img src="images/logo.png" alt="Logo" /> 

     <p class="sh1">Shoe Source Unlimited</p> 
     <p class="sh2">Your source for lightning sales of this season's hot shoes!</p> 

     <p class="sh3">XXXXX</p> 
    </div> 

    <div id="navbar"> 
     <ul id="nav"> 
      <li> 
       <a href="homepage.htm">Home</a>       
      </li> 

      <li> 
       <a href="#">Men's</a> 
        <ul> 
         <li><a href="sneakers.htm">Sneakers</a></li> 
         <li><a href="loafers.htm">Loafers</a></li> 
         <li><a href="athletic.htm">Athletic</a></li> 
        </ul>      
      </li> 

      <li> 
       <a href="#">Women's</a> 
        <ul> 
         <li><a href="boots.htm">Boots</a></li> 
         <li><a href="heels.htm">Heels</a></li> 
         <li><a href="sandals.htm">Sandals</a></li>  
        </ul>    
      </li> 

      <li> 
       <a href="about.htm">About Us</a>    

      </li> 

      <li> 
       <a href="signup.htm">Sign Up</a> 

      </li> 

      <li> 
       <a href="login/login.php">Log In</a> 

      </li> 

     </ul> 
    </div> 


    <div id="external"> 

    <p> 

      <a href="https://twitter.com/XXXXX" onclick="window.open(this.href); return false;"> 
       <img src="images/twitter.jpg" alt="twitter" /> 
      </a> 
    </p> 
      <p>Follow us on Twitter!</p> 
     <br/> 


    <p> 

      <a href="http://www.facebook.com/ShoeSourceUnlimited" onclick="window.open(this.href); return false;"> 
       <img src="images/facebook.png" alt="facebook" /> 
      </a> 
    </p> 
      <p>Like us on Facebook!</p> 
     <br/> 


     <a href="email/projectem.htm"> 
     <img src="images/email.jpg" alt="pinkemail" /> 
     </a> 

      <p> Send us an email! </p> 
    </div>  

    <div id="main"> 
    <p>Purchase Confirmed!</p> 

    </div> 

    <div id="about"> 
     <p class="bold"> 


     </p> 

     <p> Your payment has been approved and your purchase shall be shipped to  you shortly </p> 
     <br/> 
     <p> Feel free to contact us with any further questions.</p> 
     <br/> 
<form id="joinform" action="homepage.htm" method="get"> 
     <p class="submit"> 
       <input type="submit" 
       value=" Home Page "/> 

    </div> 







    <div id="footer"> 

     <p> 

      &copy;2014, XXXXX 

     </p> 
    </div> 

    </body> 

</html> 

我已嘗試將第一個代碼應用於這些文檔中的每一個，但沒有運氣 - 我仍然可以「購買」而無需登錄。謝謝您！

Answer 1

你可以像

if (!isset($_SESSION)) 
    { 
    session_start(); 
    } 

// Check to see if user is already logged in 
    if(isset($_SESSION["sname"])) 
    { 
     header('Location: custwelcome.php'); 
    }