php - 重定向显示带有过时信息的页面

Question

我有一个角色创建表格，您可以在其中输入角色的名称，然后按提交。然后它会弹出一个成功页面。但是，我不希望用户能够使用他们的后退按钮返回角色创建页面，所以在角色创建页面上，如果检测到引用页面是成功页面，我会重定向到主菜单页面. 但是，当它打开主菜单页面时，它显示的信息已过时。您必须刷新页面以反映最新更改。就好像重定向正在调出页面的缓存版本......

有什么想法为什么没有在重定向上显示最新的更改？

<?php 

// First we execute our common code to connection to the database and start the session 
define('MyConst', TRUE);

include('database.class.php');
include('table.class.php'); 
include('user.class.php');
include('loginattempts.class.php');
include('timer.class.php'); 
include('functions.php'); 
include('loginf.php');
include('character.class.php');
include('playercharacter.class.php');

$dbo = database::getInstance();
$dbo -> connect("***********", "********", "*********", "********", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); 

secSessionStart();

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: login.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to login.php"); 
} 

// Everything below this point in the file is secured by the login system 
if($_SERVER['HTTP_REFERER'] == "success.php") {
    // If they are not, we redirect them to the login page. 
    header("Location: mainmenu.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to mainmenu.php");
} 
if(!empty($_POST)) {

    $character = new character();
    $data = array("character_name" => $_POST['charactername'], "health" => 0, "money" => 1500, "exp" => 0, "rank" => 0, "points" => 0); 
    $character -> bind($data);
    $character -> store();
    $character_id = $dbo -> getConnection() -> lastInsertId();

    $playercharacter = new playercharacter();
    $data = array("character_id" => $character_id, "user_id" => $_SESSION['user']['user_id']);
    $playercharacter -> bind($data);
    $playercharacter -> store();

    $query = "SELECT * FROM playercharacter WHERE character_id = :character_id"; 

    try { 
        $stmt = $dbo->getConnection()->prepare($query); 
        $result = $stmt->execute(array(':character_id'=>$row['character_id'])); 
    } 
    catch(PDOException $ex) { 
        die("Failed to run query4: " . $ex->getMessage()); 
    }

    $row = $stmt->fetch(PDO::FETCH_ASSOC);
    $_SESSION['playercharacter'] = $row;

    // If they are not, we redirect them to the login page. 
    header("Location: success.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to success.php");    
 }         
?>

<!DOCTYPE HTML>
<head>
<meta http-equiv="content-type" content="text/html" />
<meta name="author" content="lolkittens" />

<title>Untitled 5</title>
</head>

 <body> 
<h1>Create Character</h1> 
<form action="createcharacter.php" method="post"> 
    Enter name:<br /> 
    <input type="text" name="charactername" value="" /> 
    <br /><br /> 
    <input type="submit" value="Create" /> 
</form> 
</body>

创建字符.php

<?php 

// First we execute our common code to connection to the database and start the session 
define('MyConst', TRUE);

include('database.class.php');
include('table.class.php'); 
include('user.class.php');
include('loginattempts.class.php');
include('timer.class.php'); 
include('functions.php'); 
include('loginf.php');

$dbo = database::getInstance();
$dbo -> connect("*************", "*********", "**********", "***********", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); 

secSessionStart();

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: login.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to login.php"); 
} 

// Everything below this point in the file is secured by the login system 

// We can display the user's username to them by reading it from the session array.  Remember that because 
// a username is user submitted content we must use htmlentities on it before displaying it to the user. 

 ?>
 <!DOCTYPE html>
 <html>
 <head>
  <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js">
  </script>  
 </head>
 <body>
 <a href="mainmenu.php">Success!</a></a>

  </body>
  </html>

成功.php

<?php 

// First we execute our common code to connection to the database and start the session 
define('MyConst', TRUE);

include('database.class.php');
include('table.class.php'); 
include('user.class.php');
include('loginattempts.class.php');
include('timer.class.php'); 
include('functions.php'); 
include('loginf.php');

$dbo = database::getInstance();
$dbo -> connect("*********************", "******************",     
    "***************", "*****************", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); 

secSessionStart();

    // At the top of the page we check to see whether the user is logged in or not 
    if(empty($_SESSION['user'])) 
    { 
      // If they are not, we redirect them to the login page. 
    header("Location: login.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to login.php"); 
} 

// Everything below this point in the file is secured by the login system 

// We can display the user's username to them by reading it from the session array.  Remember that because 
// a username is user submitted content we must use htmlentities on it before displaying it to the user. 
 ?>

<?php 
$stmt = $dbo->getConnection()->prepare("SELECT count(character_name) FROM      
playercharacter JOIN `character` ON (playercharacter.character_id =    
`character`.character_id) WHERE user_id = :user_id");
$query_params = array(':user_id'=>$_SESSION['user'][user_id]);       
// Execute the prepared query.
$result = $stmt->execute($query_params);
$rows = $stmt->fetch(PDO::FETCH_NUM);
echo $rows[0];
$createCharacters = 4 - $rows[0];

for($i = 0; $i < $createCharacters; $i++) {
    echo '<a href="createcharacter.php">Create Character</a><br />';
}
for($i = 0; $i < $rows[0]; $i++) {
    echo '<a href="loadplayer.php?id='.$rows[0].'">Play</a> <br />';
// echo '<a href="loadplayer.php">Create Character</a><br />`;
}            
?>

<!DOCTYPE html>
<html>
<head>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script src="functions.js"></script>  
</head>
<body>

</body>
</html>

主菜单.php

Answer 1

线

if($_SERVER['HTTP_REFERER'] == "success.php") 

永远不会是真的。$_SERVER['HTTP_REFERER']（设置时）包含 URL，而不是文件名。因此，执行继续。要么显示 HTML 代码，要么执行以 开头的块if(!empty($_POST)) {，并将用户重定向到 success.php。

通过在成功时设置会话变量，您将获得更好的结果。设置该变量后，重定向到 mainmenu.php。或者，您可以在重定向语句中使用 URL 参数：

header("Location: success.php?complete=yes")

并像这样检查它：

if ($_GET['complete'] == 'yes') {
   // Redirect to the main menu