0

我正在构建一个数字猜谜游戏,需要创建一个会话变量来保存随机目标数字,直到用户提交正确的猜测。我还需要打印用户提交正确答案后的尝试次数。

我设置了会话变量并使用隐藏字段来保存计数器。我不知道当我提交猜测时隐藏字段是否有效,我的代码会打印出 check() 函数的第一个 if 语句......所有时间。

我认为这与会话变量(当然还有我的代码)有关,但我无法弄清楚。我已经为此工作了两天,并感到沮丧。任何帮助都会很棒。下面是我的完整代码:

    <?php session_start() ?>
    <!DOCTYPE HTML>
    <html>
    <head>
    <title>Number Guessing Game</title>
    </head>
    <body>
      <h1>Guess the number</h1>
      <p>I'm thinking of a number between 1 and 5. Can you guess what it is?<br>
        In less than 3 tries?</p>
      <?php
        extract($_REQUEST);
        error_reporting(E_ALL & ~E_NOTICE);
        // check to see if this is start of game
        if (filter_has_var(INPUT_POST, "guess")) {
          check();
        } else {
          setTarget();
        } //end if
        // set targetNum session variable
        // increment counter by 1

        function setTarget() {
          $targetNum = rand(1, 5);
          $_SESSION["targetNum"] = $targetNum;
          $counter++;
        print <<<HERE
          <form action="" method="post">
            <input type = "text"
                   name = "guess">
            <input type = "hidden"
                   name = "counter"
                   value = "$counter">
            <h2>Target Number: $targetNum</h2>
            <h3>The counter is at: $counter</h3>
            <br>
            <button type = "submit">
              SUBMIT GUESS
            </button>
          </form>
    HERE;
    }

        function check() {
          global $counter;
          print <<<HERE
            <form action="" method="post">
            <input type = "text"
                   name = "guess"
                   value= "$guess">
            <input type = "hidden"
                   name = "counter"
                   value = "$counter">
            <h2>Target Number: $targetNum</h2>
            <h3>The counter is at: $counter</h3>
            <br>
            <button type = "submit">
              SUBMIT GUESS
            </button>
            </form>
    HERE;
        if ($guess == $_SESSION['$targetNum']) {
          print "<h3>Awesome. You guessed it in $counter attempt(s)</h3>";
          unset($_SESSION["targetNum"]);
          $count = 0;
          print "<a href='numberGuessingGame.php'>TRY AGAIN</a>";
        } else if ($guess > $_SESSION['$targetNum']) {
          print "<h3>Too high. Guess again.</h3>";
        } else if ($guess < $_SESSION['$targetNum']) {
          print "<h3>Too low. Guess again.</h3>";
        } else {
          print "I don't know what that is...";
        }
    }
    ?>
    </body>
    </html>
4

2 回答 2

0

你犯了两个基本但严重的错误。

第一:开发时不要设置错误级别排除通知!这样,您将永远不会发现变量或数组索引名称中的拼写错误。删除error_reporting(E_ALL & ~E_NOTICE);,或将其替换为error_reporting(E_ALL);

第二:您使用extract($_REQUEST);-使用该功能是自找麻烦。由于“register_globals”特性,PHP 的安全漏洞由来已久,该特性引入全局变量只是因为请求数据中的某些 key=value 对被解析。删除该功能需要数年时间。您正在通过使用该功能在没有任何安全预防措施的情况下重新实现它,并且没有真正的好处。

删除该extract($_REQUEST);函数,并使用$_REQUEST['varname']而不是$varname来自远程浏览器的所有变量。

于 2013-10-13T18:01:17.147 回答
0

您的$guess变量永远不会设置为 POST 值(更正:您正在使用 extract,但我建议不要这样做)。添加“$”时,您还将更改会话数组键的值:

$guess = $_POST['guess'];
if ($guess == $_SESSION['targetNum']) {
于 2013-10-13T17:30:39.483 回答