php - 传递url变量PHP的问题

Question

我有一个购物车代码，它使用会话来存储访客/客人的购物车信息。

我不希望访问者创建帐户并登录只是为了将一些物品添加到购物车中，这就是访客购物车使用会话的原因。

我使用了 php，但问题是它不安全，因为我通过 url 传递产品 ID。

此外，当购物车数量更新时，更多值会通过 url。

下面的链接是我正在使用的代码的 .text 文件

https://jameshamilton.eu/sites/default/files/products.txt

https://jameshamilton.eu/sites/default/files/cart.txt

如果有人进入购物车页面并查看 url，（url 看起来像这样 >>>> www.mywebsite.whatever/cart.php?action=remove&id=2 ），并在添加项目时刷新购物车页面到购物车，只需刷新页面，商品的数量就会不断增加。

---

这是一个真正的问题吗？如果是这样，如何应对？

我正在考虑设置一个使用随机整数自动递增的会话（以便无法猜测）。

当用户/访问者访问网站时，会话立即开始，并使用会话中的自动递增值将其插入 MySQL 数据库。

从那时起，用户/访问者添加到购物车的任何内容都会直接进入会话值下的 mysql 数据库表中。

因此，将通过撤回添加到数据库表 WHERE session = session value 的项目来显示购物车项目。

一旦用户离开页面，会话将被销毁，并且添加到数据库中的会话整数/值也将被删除

这是一个好方法吗？是否有更简单、更安全的方法来实现访客购物车

产品

<?php
    //connect to your database here
?>

</head>

<body>


<table border="1">

    <?php

        $sql = "SELECT id, name, description, price FROM php_shop_products;";

        $result = mysql_query($sql);

        while(list($id, $name, $description, $price) = mysql_fetch_row($result)) {

            echo "<tr>";

                echo "<td>$name</td>";
                echo "<td>$description</td>";
                echo "<td>$price</td>";
                echo "<td><a href=\"cart.php?action=add&id=$id\">Add To Cart</a></td>";

            echo "</tr>";
        }

    ?>
</table>


<a href="cart.php">View Cart</a>

</body>
</html>

大车

<?php session_start(); ?>



<?php
    //connect to your database here
?>


</head>
<body>


<?php

    $product_id = $_GET[id];     //the product id from the URL 
    $action     = $_GET[action]; //the action from the URL 

    //if there is an product_id and that product_id doesn't exist display an error message
    if($product_id && !productExists($product_id)) {
        die("Error. Product Doesn't Exist");
    }

    switch($action) {   //decide what to do 

        case "add":
            $_SESSION['cart'][$product_id]++; //add one to the quantity of the product with id $product_id 
        break;

        case "remove":
            $_SESSION['cart'][$product_id]--; //remove one from the quantity of the product with id $product_id 
            if($_SESSION['cart'][$product_id] == 0) unset($_SESSION['cart'][$product_id]); //if the quantity is zero, remove it completely (using the 'unset' function) - otherwise is will show zero, then -1, -2 etc when the user keeps removing items. 
        break;

        case "empty":
            unset($_SESSION['cart']); //unset the whole cart, i.e. empty the cart. 
        break;

    }

?>


<?php   

    if($_SESSION['cart']) { //if the cart isn't empty
        //show the cart

        echo "<table border=\"1\" padding=\"3\" width=\"40%\">";    //format the cart using a HTML table

            //iterate through the cart, the $product_id is the key and $quantity is the value
            foreach($_SESSION['cart'] as $product_id => $quantity) {    

                //get the name, description and price from the database - this will depend on your database implementation.
                //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
                $sql = sprintf("SELECT name, description, price FROM php_shop_products WHERE id = %d;",
                                $product_id); 

                $result = mysql_query($sql);

                //Only display the row if there is a product (though there should always be as we have already checked)
                if(mysql_num_rows($result) > 0) {

                    list($name, $description, $price) = mysql_fetch_row($result);

                    $line_cost = $price * $quantity;        //work out the line cost
                    $total = $total + $line_cost;           //add to the total cost

                    echo "<tr>";
                        //show this information in table cells
                        echo "<td align=\"center\">$name</td>";
                        //along with a 'remove' link next to the quantity - which links to this page, but with an action of remove, and the id of the current product
                        echo "<td align=\"center\">$quantity <a href=\"$_SERVER[PHP_SELF]?action=remove&id=$product_id\">X</a></td>";
                        echo "<td align=\"center\">$line_cost</td>";

                    echo "</tr>";

                }

            }

            //show the total
            echo "<tr>";
                echo "<td colspan=\"2\" align=\"right\">Total</td>";
                echo "<td align=\"right\">$total</td>";
            echo "</tr>";

            //show the empty cart link - which links to this page, but with an action of empty. A simple bit of javascript in the onlick event of the link asks the user for confirmation
            echo "<tr>";
                echo "<td colspan=\"3\" align=\"right\"><a href=\"$_SERVER[PHP_SELF]?action=empty\" onclick=\"return confirm('Are you sure?');\">Empty Cart</a></td>";
            echo "</tr>";       
        echo "</table>";



    }else{
        //otherwise tell the user they have no items in their cart
        echo "You have no items in your shopping cart.";

    }

    //function to check if a product exists
    function productExists($product_id) {
            //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
            $sql = sprintf("SELECT * FROM php_shop_products WHERE id = %d;",
                            $product_id); 

            return mysql_num_rows(mysql_query($sql)) > 0;
    }
?>

<a href="products.php">Continue Shopping</a>


<?php

/*

products table:
    CREATE TABLE `products` (
        `id` INT NOT NULL AUTO_INCREMENT ,
        `name` VARCHAR( 255 ) NOT NULL ,
        `description` TEXT,
        `price` DOUBLE DEFAULT '0.00' NOT NULL ,
        PRIMARY KEY ( `id` )
    );

*/

?>



</body>
</html>