Hai, saya baru di sini dan pertanyaan saya mungkin terlihat mengganggu tetapi saya hanya minta maaf

Dalam pencapaian saya, saya ingin mencegah tombol kirim kelipatan sehingga transaksi klien saya tidak akan dijalankan berkali-kali menggunakan php saja.

Saya berhasil menangkap tombol kirim klien dengan menggunakan kode

if(empty($_POST['key']) OR $_POST['key'] != $_SESSION['key'])

Tapi itu mengembalikan true selalu

    elseif(empty($_POST['key']) OR $_POST['key'] != $_SESSION['key'])
    {
    $form= 'multiples transaction accur either you double click the options or transaction is already in progress please try again ';
    exit();
    }
//This line also return true when $mey is greater than 1
    elseif($mey > 1)
    {
    exit();
    }

Jadi saya menambahkan exit(); ke setiap baris kode tetapi keluar di browser dan juga kembali sebagai true karena saldo Wallet klien saya juga dikurangi. Apa yang saya lakukan salah dengan kode saya di bawah ini? Terima kasih banyak atas waktu dan pengaruh Anda dalam solusi saya
Ini kode saya:

    <?php
    require('init.php');
    error_reporting(0);
    echo $_GET['type'];
    if(!isset($_SESSION['count']))
    {
        $_SESSION['count'] = 0;
    }
    $vote = isset($_POST['button']) ? $_POST['button'] : false;
    if($vote)
    {
        $mey = $_SESSION['count']++;
    }
    if($mey>1)
    {
        echo noo;
        unset($_SESSION['count']);
    }
    $username = $_SESSION['user_name'];
    $result = $conn->prepare('select * from users where username=:username');
    $result->bindParam(':username', $username);
    $result->execute();
    while($row = $result->fetch(PDO::FETCH_BOTH))
    {
        $uid = $row['id'];
        $username = $row['username'];
        $ip = $row['ip'];
        $ban = $row['validated'];
        $balance = $row['balance'];
        $pin = $row['pin'];
    }
    if(!empty($_GET['net']) && isset($_GET['number']) && $_GET['type']=='airtime' OR isset($_POST['net']) && isset($_POST['number']) && $_POST['type']=='airtime')
    {
        $nnet = $_GET['net'];
        $nnumber = $_GET['number'];
        $net = $_POST['net'];
        $number = $_POST['number'];
        $wnt = $_POST['amount'];
        if($_GET['net'] ==glo)
        {
            $dis = '3%';
        }
        else
        {
            $dis = '1.4%';
        }
        $urll = "https://m...content-available-to-author-only...g.com/httpapi/?userid=08181808888&pass=d511b7db1f2b8fc67a&network=2&phone=$numberb&amt=$wnt";
        $meg = "You are about to carry out <font
        color='red'>$nnet</font> VTU airtime transaction on <font
        color='red'>$nnumber</font>  $dis discount apply";
        $frm = '<input type="number" name="amount" placeholder="Amount"/>';
    }
    elseif(!empty($_GET['net']) && isset($_GET['number']) && $_GET['type']=='data' OR isset($_POST['net']) && isset($_POST['number']) &&
    $_POST['type']=='data')
    {
        $nnet = $_GET['net'];
        $nnumber = $_GET['number'];
        $net = $_POST['net'];
        $number = $_POST['number'];
        $wnt = $_POST['amount'];
        if($_GET['net']=='mtn' || $_POST['net']=='mtn')
        {
            $dis='1.4%';
            $tag ='<option value="">DATA PLAN</option>
            <option value="100">50MB 1day N100</option>
            <option value="500">750MB 14days N500</option>
            <option value="1000">1GB 30days 1000</option>
            <option value="1200">1.5GB 30days 1200</option>
            <option value="2000">2.5GB 30days 2000</option>
            <option value="1200">1.5GB 30days 1200</option>
            submit
            <option value="2000">2.5GB 30days 2000</option>
            <option value="1200">1.5GB 30days 1200</option>
            <option value="2000">2.5GB 30days 2000</option>
            1.5GB 30days 1200
            <option value="3500">5GB 30days 3500</option>
            <option value="3500">5GB 30days 3500</option>
            <option value="3500">5GB 30days 3500</option>
            <option value="5000">10GB 30days 5000</option>
            <option value="10000">22GB 30days 10000</option>
            </select>';
        }
        if($_GET['net']=='airtel' || $_POST['net']=='airtel')
        {
            $dis = '1.4%';
    $tag ='<option value="">DATA PLAN</option>
    <option value="100">50MB 1day N100</option>
    <option value="200">100MB 3days N200</option>
    <option value="500">750MB 14days N500</option>
    <option value="1000">1.5GB 30days 1000</option>
    <option value="1500">2.5GB 30days 1500</option>
    <option value="2000">3.5GB 30days 2000</option>
    <option value="2500">5.5GB 30days 2500</option>
    <option value="4000">9.5GB 30days 4000</option>
    <option value="5000">12GB 30days 5000</option>
    </select>';
    }
    if($_GET['net']=='mobile' || $_POST['net']=='mobile')
    {
    $dis='1.4%';
    $tag ='<option value="">DATA PLAN</option>
    <option value="200">150MB 7day N200</option>
    <option value="1000">1GB 3days N1000</option>
    <option value="1200">1.5GB 3days N1200</option>
    <option value="2000">2.5GB 3days N2000</option>
    <option value="2500">3.5GB 3days N2500</option>
    </select>';
    }
    if($_GET['net']=='glo' || $_POST['net']=='glo')
    {
    $dis='10%';
    $tag = '<option value="">DATA PLAN</option>
    <option value="100">100MB 24hrs N100</option>
    <option value="200">262MB 7days N200</option>
    <option value="500">1GB 14days N500</option>
    <option value="1000">2GB 30days N1000</option>
    <option value="2000">4.5GB 30days N2000</option>
    <option value="2500">7.2GB 30days N2500</option>
    <option value="3000">8.75GB 30days N3000</option>
    <option value="4000">12.5GB 30days N4000</option>
    <option value="5000">15.6GB 30days N5000</option>
    <option value="8000">25GB 30days N8000</option>
    <option value="10000">32.5GB 30days N10000</option>
    </select>';
    }
    $urll = "https://m...content-available-to-author-only...g.com/httpapi/datatopup.php?userid=08181808888&pass=d511b7db11f2b8fc67a&network=2&phone=$number&amt=$wnt";
    $meg="You are about to carry out <font
    color='red'>$nnet</font> VTU DATA transaction on <font
    color='red'>$nnumber</font> $dis discount apply";
    $frm ="<b>SELECT BUNDLE</b><br/><select name='amount'/>$tag<br/><br/>";
    }
    if(!empty($_POST['amount']))
    {
    $wnt = $_POST['amount'];
    $typ = $_GET['type'];
    $ch =  curl_init('https://API-url');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
    curl_setopt($ch, CURLOPT_TIMEOUT, 3);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json'));
    $data=curl_exec($ch);
    if(($wnt>$data)||($data==$wnt) && $balance>$wnt)
    {
    $form="<font
    color='red'>$wnt VTU is not available at this time please try again in few minuit</font></div>";
    exit();
    }
//This line of code below returns true always 
    elseif(empty($_POST['key']) OR $_POST['key'] != $_SESSION['key'])
    {
    $form= 'multiples transaction accur either you double click the options or transaction is already in progress please try again ';
    exit();
    }
    elseif($wnt > $balance)
    {
    $form= 'Insufficient balance to complete transactions Please fund your account And Try again';
    exit();
    }
//This line also return true when $mey is greater than 1
    elseif($mey > 1)
    {
    exit();
    }
    else
    {
    $ch =  curl_init("$urll");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
    curl_setopt($ch, CURLOPT_TIMEOUT, 3);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json'));
    $data=curl_exec($ch);
    $arr = explode("|", $data);
    $baa = $arr[0];
    curl_close($ch);
    echo $errors;
    $dutt =$wnt-$dis;
    $dedut =$balance-$dutt;
    $pad = $conn->prepare("UPDATE users SET balance=:redut WHERE id=:uid");
    $pad->bindParam(":redut", $dedut);
    $pad->bindParam(":uid", $uid);
    $pad->execute()
    or die(print_r($pad->errorInfo(), true));
    $tme ="insert into books (book, item_name, quantity, msg, used, seen, take) values (:book, :item_name, :quantity, :msg, :used, :seen, :take)";
    $me = $conn->prepare($tme);
    $me->bindParam(':book', $book);
    $me->bindParam(':item_name', $typ);
    $me->bindParam(':quantity', $qty);
    $me->bindParam(':msg', $number);
    $me->bindParam(':used', $load);
    $me->bindParam(':seen', $seen);
    $me->bindParam(':take', $take);
    $book=RAND(1000000, 2000000);
    $typ = $_POST["type"];
    $qty="1";
    $number = $_POST["number"];
    $load="load";
    $seen = rand_string(7);
    $take="checking";
    $me->execute()
    or die(print_r($me->errorInfo(), true));
    $_SESSION['msg']="your $net $wnt $typ transfer to $number was successfully";
    $form="your $net $wnt $typ transfer to $number was successfully";
    }
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...content-available-to-author-only...3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://w...content-available-to-author-only...3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <style type="text/css">
    {
    font-family:Arial, Helvetica, sans-serif;
    font-size:14px;
    }
    </style>
    <title>VTU TRANSACTIONS PAGE</title>
    </head>
    <body bgcolor="#FFFFFF">
    <div style="width:100%; border: solid 2px #663333; " align="left">
    <div style="background-color:#663333; color:#FFFFFF; padding:3px;"><img src="../image/newmsg.png" alt="new" border="0" /><b>VTU <? echo $_GET["type"]; ?> TRANSACTION</b></div><div class='info_post'><? echo $meg; ?></div><div style="margin:30px">
    <?php
    $_SESSION['key'] = mt_rand(1, 1000);
    ?><? echo $form; ?>
    <!-- Form -->
    <form action="<?php echo $_SERVER['PHP_SELF'] ?>#center" method="post"><? echo $frm; ?><input type="hidden" name="key" value="<?php echo $_SESSION['key'] ?>" /><input type="text" name="net" value="<?php echo $_GET['net'] ?>" /><input type="hidden" name="number" value="<?php echo $_GET['number'] ?>" /><input type="hidden" name="type" value="<?php echo $_GET['type'] ?>" />
    <input type="submit" name="button" value="TRANSFER NOW" />
    </form></div></div>
    <div class="b_head" align="left"><img src="/image/man_key.png" width="14" height="14" style="border-radius:5px" /> WE HELP:- </div><div class="awa" align="left"><img src="image/fb.png" width="35" height="35" style="border-radius:5px" /> <font color="grey"><a href="https://f...content-available-to-author-only...k.com/solink.ml"><b> 08181808888
    </b></a></font><br/><img src="image/phone.png" width="35" height="35" style="border-radius:5px" /> <font color="grey"><a href="tel:07010710811"><b> CUSTOMER CARE
    </b></a></font></div>
    </div>
    </body>
    </html>
    <?php
    require("foot.php");
    ?>
-3
Orahii Danjupass Orahii Danjup 19 Maret 2019, 11:52

1 menjawab

Jawaban Terbaik

Kecuali Anda telah memanggil session_start() di init.php . Anda

$_POST['key'] != $_SESSION['key'])

Selalu benar, karena $_SESSION['key'] adalah nol.

Juga ubah ini: error_reporting(0) menjadi ini: error_reporting(1) dan beri diri Anda beberapa kesalahan untuk dikerjakan (sampai Anda menghilangkan semuanya)

0
imposterSyndrome 22 Maret 2019, 16:06