0

我正在尝试实现一个供我自己使用的小应用程序,它可以读取从联系表单发送到我的数据库的数据,并且我希望能够禁止不受联系表单内容欢迎的用户,等等。所以我,我有每个用户的 IP,它是随表格发送的。但是,每次我点击禁止按钮时,它只会将拒绝保存到数据库,我想知道为什么。这是整个代码:

<?php
if(isset($_POST['submit'])) {
// Read the while file into a string $htaccess
$htaccess = file_get_contents('.htaccess');
// Stick the new IP just before the closing </files>
$new_htaccess = str_replace('allow from all', "deny from "."$unwanteduser"."\nallow from all", $htaccess);
// And write the new string back to the file
file_put_contents('.htaccess', $new_htaccess);
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Yhteydenottopyynnöt</title>
<style>
body{width:100%;}

tr:nth-child(even) { background: #ccc; }
</style>
</head>

<body>
<?php
$con = mysql_connect("localhost","user","pass");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("db", $con);

$result = mysql_query("SELECT * FROM wp_contactform");
$f = fopen(".htaccess", "a+");
$ip = $row['IP'];
    fwrite($ip , $f);
    fclose($f);

echo "<table border='1'>
<tr>
<th style='width:5%;'>ID</th>
<th style='width:10%;'>Nimi</th>
<th style='width:10%;'>Puhelin</th>
<th style='width:10%;'>Sposti</th>
<th style='width:40%;'>Viesti</th>
<th style='width:10%;'>P&auml;iv&auml;</th>
<th style='10%;'>IP</th>
<th style='5%;'>Ban</th>
</tr>";

$i = 0;
while($row = mysql_fetch_array($result))
  {
  echo "<tr>";
  echo "<td style='width:10%;'>" . $row['ID'] . "</td>";
  echo "<td style='width:10%;'>" . $row['Nimi'] . "</td>";
  echo "<td style='width:10%;'>" . $row['Puhelin'] . "</td>";
  echo "<td style='width:10%;'><a href='mailto:" . $row['Email'] . "'>" . $row['Email'] . "</a></td>";
  echo "<td style='width:40%;'>" . $row['Viesti'] . "</td>";
  echo "<td style='width:10%;' >" . $row['Day'] . "</td>";
  echo "<td style='width:10%;'>" . $row['IP'] . "</td>";
  $unwanteduser = $row['IP'];
  echo "<form action='thissamepage' method='post'><input type='hidden' value='$unwanteduser' name='gtfo'><input type='submit' name='submit' value='Ban'>";
  echo "</tr>";
  }
echo "</table>";

mysql_close($con);
?>
</body>
</html>
4

2 回答 2

1

$unwanteduser提交后未从您的表单中分配值

试试这个

<?php
if(isset($_POST['submit'])) {
// Read the while file into a string $htaccess
$htaccess = file_get_contents('.htaccess');
// Stick the new IP just before the closing </files>
$unwanteduser = $_POST['gtfo']; 
$new_htaccess = str_replace('allow from all', "deny from "."$unwanteduser"."\nallow from all", $htaccess);
// And write the new string back to the file
file_put_contents('.htaccess', $new_htaccess);
}
?>

INFO : 一旦你提交了表单,它似乎就像一个页面刷新,所以你在提交表单之前在 $unwanteduser 分配的任何东西都会丢失

我很困惑

$result = mysql_query("SELECT * FROM wp_contactform");
$f = fopen(".htaccess", "a+");
$ip = $row['IP'];

此时,价值是$row['IP']多少?以及您要附加的内容?

于 2012-07-20T14:41:45.290 回答
0

正如评论中所写,如果您将构成逻辑单元的那些部分放入它自己的函数中,事情就会变得更加简单:

/**
 * add an ip to ban to a .htaccess file
 *
 * @param string $htaccess_file
 * @param string $ip
 * @return int Number of bytes that were written to the file, or FALSE on failure.
 */
function htaccess_add_ban_ip($htaccess_file, $ip)
{
    $htaccess_original = file_get_contents($htaccess_file);
    if (false === $htaccess_original) {
        return false;
    }
    $htaccess_changed = str_replace(
        'allow from all',
        "deny from $ip\nallow from all",
        $htaccess_original,
        $count
    );
    if ($count != 1) {
        return false;
    }
    return file_put_contents($htaccess_file, $htaccess_changed);
}

然后,您只需在需要该功能的地方调用该函数:

$result = htaccess_add_ban_ip($file, '127.0.0.1');

检查返回值以控制事情是否正确,例如测试:

if (false === $result) {
    die(sprintf('Could not write .htaccess file "%s".', $file));
}

if ($result < 36) {
    die(sprintf('Very little bytes (%d) written to .htaccess file "%s", this makes no sense, please check.', $result, $file));
}

die(sprintf('Successfully wrote IP %s to .htaccess file "%s" (%d bytes written).', $ip, $file, $result));

将来,您可以在函数中引入所需的功能(如文件锁定),并且您通常不能更改脚本的大部分其余部分。

如果您正在寻找一种方法来简化连接和查询您的 mysql 数据库,请参阅这个对不同问题的相关答案:

它包含一个 MySql 类/对象以及另一个示例,如何使用/创建函数以使代码更易于处理。

于 2012-07-21T09:35:23.340 回答