单击链接到 sql 进程后重定向用户? [英] redirect user after clicking link to sql process?

问题描述

我有一个名为收藏夹"的用户个人资料链接.另一个用户可以单击此按钮，该用户将被添加到他们的收藏夹列表中.

I have a link on a users profile called favorite. another user can click this and that user will be added to their favorites list.

收藏夹链接到收藏夹.php，此代码在其中处理查询:

The link favorite goes to favorites.php where this code processes the query:

<?php

require_once('includes/session.php');
require_once('includes/functions.php');
require('includes/_config/connection.php');


session_start();


    confirm_logged_in();




    if (isset ($_GET['to'])) {
    $user_to_id = $_GET['to'];


}


if (!isset($_GET['to']))
    exit('No user specified.');

$user_id = $_GET['to'];

$result = mysql_query("INSERT INTO ptb_favorites (user_id, favorite_id) VALUES (".$_SESSION['user_id'].", ".$user_to_id.")") 
or die(mysql_error()); 

header("Location: profile.php" . $_SERVER['HTTP_REFERRER']);


?>

因此，一旦此过程完成，我的目标是让标题将用户带回 profile.php(上一页)，同时使用 $_SERVER['HTTP_REFERRER'] 调用用户 ID.

So once this process is complete my aim is to get the header to take the user back to profile.php (the previous page) whilst using $_SERVER['HTTP_REFERRER'] to call the user id.

因此，如果用户 ID 为 16，它会将他们重定向回 profile.php?id=16

So if a users id was 16 it would redirect them back to profile.php?id=16

相反，它只是重定向到 profile.php 并且不包含该配置文件的 ID.

Instead it just redirects to profile.php and doesnt include the id of that profile.

有人可以告诉我是否有办法做到这一点，如果我的方法完全正确，为什么它不起作用?

Can someone show me if there's a way to do this and if my way is at all right why it's not working?

谢谢

推荐答案

我认为您正在寻找:

header("Location: profile.php?id=" . $_SESSION['user_id']);

附言你的代码不安全.阅读 SQL 注入.切换到 MySQLi 或 PDO

p.s. your code is insecure. Read about SQL injection. Switch to MySQLi or PDO

这篇关于单击链接到 sql 进程后重定向用户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！