defined('PCPAY_PATH') or exit;class record_control extends admin_control {public function add() { $uid = $this->_user['uid']; if(empty($_POST)) { $this->_pkey = 'content'; $this->_ukey = 'record-add'; $this->_title = '发布文章'; $this->_place = '内容 » 文章管理 » 发布文章'; $habits = (array)$this->kv->get('user_habits_uid_'.$uid); $cid = isset($habits['last_add_cid']) ? (int)$habits['last_add_cid'] : 0; $data = $this->kv->get('auto_save_record_uid_'.$uid); if($data) { !empty($data['cid']) && $cid = $data['cid']; }else{ $data['intro'] = array(); $data['views'] = 0; } $this->assign('data', $data); $cidhtml = $this->category->get_cidhtml_by_mid(2, $cid); $this->assign('cidhtml', $cidhtml); $edit_cid_id = '&mid=2'; $this->assign('edit_cid_id', $edit_cid_id); $this->display('record_set.htm'); }else{ $cid = intval(R('cid', 'P')); $products = intval(R('products', 'P')); $amount = intval(R('amount', 'P')); $pc = intval(R('pc', 'P')); $data = array( 'cid' => $cid, 'products' => $products, 'amount' => $amount, 'ip' => ip2long($_ENV['_ip']), ); $this->cms_content->table = 'cms_record'; $id = $this->cms_content->create($data); if(!$id) { E(1, '写入内容表出错'); } $this->_user['contents']++; $this->user->update($this->_user); $categorys['count']++; $this->category->update($categorys); $this->category->update_cache($cid); $data = $this->kv->delete('auto_save_record_uid_'.$uid); $habits = (array) $this->kv->get('user_habits_uid_'.$uid); $habits['last_add_cid'] = $cid; $habits = $this->kv->set('user_habits_uid_'.$uid, $habits); //E(0, '发布完成'.$endstr); if(!$data->E(0,$endstr)){ echo $errormsg; } elseif($pc=="hh"){ $url="www.w3school.com.cn"; Header("Location:$url"); exit; } elseif($pc=="ff"){ $url="www.baidu.com"; Header("Location:$url"); exit; } elseif($pc=="dd"){ $url="bbs.csdn.net"; Header("Location:$url"); exit; } else{ $url="www.baidu.com"; Header("Location:$url"); exit; } } }}
<!doctype html><html><head><meta charset="utf-8"><title>无标题文档</title></head><body><form name="input" action="" method="POST"> <input type="hidden" name="cid" value="1" />products:<input type="text" name="products" />amount:<input type="text" name="amount" />hh:<input type="radio" name="pc" value="hh" />ff:<input type="radio" name="pc" value="ff" /> dd:<input type="radio" name="pc" value="dd" /><input type="submit" value="Submit" /></form></body></html>
elseif($pc=="ff"){ $url="www.baidu.com"; Header("Location:$url"); exit; }
29行:$pc = intval(R('pc', 'P'));
都intval了,不管是hh ff 还是dd,最后$pc都为0了,所以跳不过去
另外跳转需要绝对路径:http://开头
29行:$pc = intval(R('pc', 'P'));
都intval了,不管是hh ff 还是dd,最后$pc都为0了,所以跳不过去
另外跳转需要绝对路径:http://开头
defined('PCPAY_PATH') or exit;class record_control extends admin_control {public function add() { $uid = $this->_user['uid']; if(empty($_POST)) { $this->_pkey = 'content'; $this->_ukey = 'record-add'; $this->_title = '发布文章'; $this->_place = '内容 » 文章管理 » 发布文章'; $habits = (array)$this->kv->get('user_habits_uid_'.$uid); $cid = isset($habits['last_add_cid']) ? (int)$habits['last_add_cid'] : 0; $data = $this->kv->get('auto_save_record_uid_'.$uid); if($data) { !empty($data['cid']) && $cid = $data['cid']; }else{ $data['intro'] = array(); $data['views'] = 0; } $this->assign('data', $data); $cidhtml = $this->category->get_cidhtml_by_mid(2, $cid); $this->assign('cidhtml', $cidhtml); $edit_cid_id = '&mid=2'; $this->assign('edit_cid_id', $edit_cid_id); $this->display('record_set.htm'); }else{ $cid = intval(R('cid', 'P')); $products = intval(R('products', 'P')); $amount = intval(R('amount', 'P')); $pc = intval(R('pc', 'P')); $data = array( 'cid' => $cid, 'products' => $products, 'amount' => $amount, 'ip' => ip2long($_ENV['_ip']), ); $this->cms_content->table = 'cms_record'; $id = $this->cms_content->create($data); if(!$id) { E(1, '写入内容表出错'); } $this->_user['contents']++; $this->user->update($this->_user); $categorys['count']++; $this->category->update($categorys); $this->category->update_cache($cid); $data = $this->kv->delete('auto_save_record_uid_'.$uid); $habits = (array) $this->kv->get('user_habits_uid_'.$uid); $habits['last_add_cid'] = $cid; $habits = $this->kv->set('user_habits_uid_'.$uid, $habits); //E(0, '发布完成'.$endstr); if(!$data->E(0,$endstr)){ exit; } elseif($pc=="1"){ $url="http://www.w3school.com.cn"; Header("Location:$url"); exit; } elseif($pc=="2"){ $url="www.baidu.com"; Header("Location:$url"); exit; } elseif($pc=="3"){ $url="bbs.csdn.net"; Header("Location:$url"); exit; } else{ $url="http://www.baidu.com"; Header("Location:$url"); exit; } } }}
29行:$pc = intval(R('pc', 'P'));
都intval了,不管是hh ff 还是dd,最后$pc都为0了,所以跳不过去
另外跳转需要绝对路径:http://开头
defined('PCPAY_PATH') or exit;class record_control extends admin_control {public function add() { $uid = $this->_user['uid']; if(empty($_POST)) { $this->_pkey = 'content'; $this->_ukey = 'record-add'; $this->_title = '发布文章'; $this->_place = '内容 » 文章管理 » 发布文章'; $habits = (array)$this->kv->get('user_habits_uid_'.$uid); $cid = isset($habits['last_add_cid']) ? (int)$habits['last_add_cid'] : 0; $data = $this->kv->get('auto_save_record_uid_'.$uid); if($data) { !empty($data['cid']) && $cid = $data['cid']; }else{ $data['intro'] = array(); $data['views'] = 0; } $this->assign('data', $data); $cidhtml = $this->category->get_cidhtml_by_mid(2, $cid); $this->assign('cidhtml', $cidhtml); $edit_cid_id = '&mid=2'; $this->assign('edit_cid_id', $edit_cid_id); $this->display('record_set.htm'); }else{ $cid = intval(R('cid', 'P')); $products = intval(R('products', 'P')); $amount = intval(R('amount', 'P')); $pc = intval(R('pc', 'P')); $data = array( 'cid' => $cid, 'products' => $products, 'amount' => $amount, 'ip' => ip2long($_ENV['_ip']), ); $this->cms_content->table = 'cms_record'; $id = $this->cms_content->create($data); if(!$id) { E(1, '写入内容表出错'); } elseif($pc=="1"){ $url="http://www.w3school.com.cn"; Header("Location:$url"); exit; } elseif($pc=="2"){ $url="www.baidu.com"; Header("Location:$url"); exit; } elseif($pc=="3"){ $url="bbs.csdn.net"; Header("Location:$url"); exit; } else{ $url="http://www.baidu.com"; Header("Location:$url"); exit; } } }}