[英]PHP/MYSQL Echo Mysql Data with hyperlink onto next page?
在我的表格中,我有各種要求,每個要求都有自己的參考號。 用戶可以在頁面上看到請求數,但我希望用戶能夠分別單擊每個請求,然后轉到新頁面以查看該請求的特定詳細信息。
我試圖在單擊請求時在超鏈接中回顯引用,而當我運行查詢以檢索該請求的名稱等情況下,在下一頁上,它將僅顯示與該引用號匹配的信息,即'SELECT * WHERE reference = $row['reference'].
但是我不確定如何做到這一點,我也擔心這種安全性,如果我的查詢是根據我的url中的引用(即mypage.php?reference=1234 ,那么如何阻止用戶手動輸入具有不同參考編號的網址?
'mypage.php?reference=2468
用戶僅應在實際單擊請求時才能夠查看該頁面,而應該永遠不能將其直接輸入到url中,因為這會帶來安全風險。
我可以將我的引用屏蔽為字符串嗎? 並回聲出mypage.php?reference=$someString
page1.php中
<div class="results_area">
<h44>Existing Supplier Request's</h44>
<?php
$conn = new mysqli($host, $username, $password, $db_name);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error); }
$sql = "select * from new_supplier_request where status!= 'complete' AND action_taken='actioned'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo '<div class="table_header"><p>Request By</p><p>Date Requested</p><p>Status</p><p>Supplier Name</p><p>Description</p><p>Action</p></div>'; ?>
</div>
<div class="results_area"><?php
while($row = $result->fetch_assoc()) {
echo '<div class="request"><a href="ns_application.php?ns_request='.$row['reference'].'/">';
mypage.php
$reference = $row['reference'];
<?php
$conn = new mysqli($host, $username, $password, $db_name);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error); }
$sql = "select * from new_supplier_request where status!= 'complete' WHERE reference = $reference Limit 1";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo '<h44>New Supplier Request: ' .$reference. ' </h44><br>';
echo 'The name of this supplier is, '.$reference['name'].';
} } ?>
</div>
You can use JavaScript to solve this problem.
I don't think that this will be 100% secure but actually it's more secure way than you are using now.
echo "<div .... onclick='showuniquereference('".$row['reference']."')'>"."</div>";
And Function like this
function showuniquereference(code)
{
var reference = code;
var form = document.createElement("form");
form.method = "POST";
form.action = "mypage.php";
var input = document.createElement("input");
input.name = "reference";
input.value = reference;
input.type = "hidden";
form.appendChild(input);
document.body.appendChild(form);
form.submit();
}
You can use this posted data to show unique reference to users.
加密mysql數據並通過超鏈接傳遞,然后在下一頁解密?
[英]encrypt mysql data and pass through hyperlink, then decrypt on the next page?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.