-2

我的逻辑或托管服务器可能有问题,因为当我在本地尝试它时,它可以完美运行!但是,当我上传它时,无论申请人电子邮件激活的值是什么,它总是执行第二条语句?

这让我发疯,请帮忙!

<?php
 // Santize the provided inputs
$applicant_email = filter_var(stripAndCleanHTML($_GET['applicant_email']), FILTER_SANITIZE_EMAIL); # santize the email
$applicant_token = stripAndCleanHTML($_GET['applicant_token']); # santize the token

/**************** Find the applicant that has the same email *******************/

  $database_connection = Database::database_connect();

  $find_email_query = $database_connection->prepare('SELECT * FROM applicants WHERE applicant_email = :applicant_email && applicant_token = :applicant_token LIMIT 1');

  $find_email_query->execute(['applicant_email' => $applicant_email, 'applicant_token' => $applicant_token]);

  if ($find_email_query->errorCode() > 0) {

    if (DEBUG === true) {

        echo 'There was an issue in searching for the email Big Boss: <br>';
        print_r($find_email_query->errorInfo());
        die();

    } else {

        header('location:../404.shtml', true, 404);
        die();

    }

  }

  $applicants = $find_email_query->fetchAll();

  foreach ($applicants as $applicant) {

    $applicant_username         =   (string) stripAndCleanHTML($applicant['applicant_username']);
    $applicant_password         =   (string) stripAndCleanHTML($applicant['applicant_password']);
    $applicant_name             =   (string) stripAndCleanHTML($applicant['applicant_name']);
    $applicant_phone            =   (string) stripAndCleanHTML($applicant['applicant_phone']);
    $applicant_birthdate        =   (string) stripAndCleanHTML($applicant['applicant_birthdate']);
    $applicant_city             =   (string) stripAndCleanHTML($applicant['applicant_city']);
    $applicant_country          =   (string) stripAndCleanHTML($applicant['applicant_country']);
    $applicant_major            =   (string) stripAndCleanHTML($applicant['applicant_major']);
    $applicant_major_type       =   (string) stripAndCleanHTML($applicant['applicant_major_type']);
    $applicant_exp_years        =   (string) stripAndCleanHTML($applicant['applicant_exp_years']);
    $applicant_cv               =   (string) stripAndCleanHTML($applicant['applicant_cv']);

    $applicant_email_activated  =   (int) stripAndCleanHTML($applicant['applicant_email_activated']);

  }

 if ($applicant_email_activated === 1) {

  include '../../includes/job_app/email_has_been_activated.inc.php';

 } elseif ($applicant_email_activated === 0) {

   include '../../includes/job_app/email_confirmed.php';

 }

 ?>

这是我用来清理值的函数:

function stripAndCleanHTML($to_clean)
{
    return htmlspecialchars(strip_tags(stripslashes(trim($to_clean))));
}

这是数据库类:

class Database
{

    private const DB_HOST     =   'domain.com';
    private const DB_NAME     =   'ats';
    private const DB_CHARSET  =   'utf8';
    private const DB_USER     =   'public_user';
    private const DB_PASS     =   '1F#kaH$!q5r2as';

    public static function database_connect()
    {

        try {

            // setting DSN (Data Source Name)
            $dsn = 'mysql:host=' . Database::DB_HOST . ';' . 'dbname=' . Database::DB_NAME . ';' . 'charset=' . Database::DB_CHARSET;

            // creating a PDO (PHP Data Object) instance
            $pdo = new PDO($dsn, Database::DB_USER, Database::DB_PASS);
            $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);

            return $pdo;

        } catch (Exception $e) {

            if (DEBUG === true) {

                echo $e->getMessage().'<br>';
                die();

            } else {

                die();

            }
        }

        return $db_info;

    }
}
4

1 回答 1

0

在我删除 (int) 并将压缩数字放入单引号后它确实有效!疯了吧!!?

我猜托管公司的服务器以一种特殊的方式处理 PHP!或者也许我已经用很多废话来充实应用程序,正如你们中的一些人会同意的那样,尽管如此,我已经做到了,我可以回家睡觉了,因为我知道我的婴儿应用程序是安全的!

非常感谢您的提示和指导,祝您有美好的一天!并且不要忘记要很棒。

于 2018-04-23T18:06:09.077 回答