传递url变量PHP的问题

Question

我有一个购物车代码，它使用会话来存储访客/访客的购物车信息。

我不希望访问者创建帐户并登录只是为了将一些商品添加到购物车中，这就是访客购物车使用会话的原因。

我使用的是php，问题是它不安全，因为我通过网址传递了产品ID。

此外，当购物车数量更新时，更多值会通过网址传递。

下面的链接是我正在使用的代码<.h2>的.text文件

https://jameshamilton.eu/sites/default/files/products.txt

https://jameshamilton.eu/sites/default/files/cart.txt

如果有人进入购物车页面并查看网址，（网址看起来像这样＆gt;＆gt;＆gt;＆gt; www.mywebsite.whatever / cart.php？action = remove＆amp; id = 2  ），并在项目添加到购物车时刷新购物车页面，只需刷新页面，该项目的数量就会不断增加。

这是一个真正的问题吗？如果是这样，怎么可以反击？

我正在考虑设置一个随机整数自动递增的会话（因此无法猜到）。

会话在用户/访问者访问网站时立即启动，并使用会话中自动递增的值将其插入MySQL数据库。

从那时起，用户/访客添加到购物车的任何内容都会直接进入会话值下的mysql数据库表。

因此，将通过撤消添加到数据库表的项目以及会话=会话值来显示购物车项目。

一旦用户离开页面，会话将被销毁，并且添加到数据库的会话整数/值也将被删除

这是一个好方法吗？是否有更简单，更安全的方式来实现客户购物车

产品

<?php
    //connect to your database here
?>

</head>

<body>


<table border="1">

    <?php

        $sql = "SELECT id, name, description, price FROM php_shop_products;";

        $result = mysql_query($sql);

        while(list($id, $name, $description, $price) = mysql_fetch_row($result)) {

            echo "<tr>";

                echo "<td>$name</td>";
                echo "<td>$description</td>";
                echo "<td>$price</td>";
                echo "<td><a href=\"cart.php?action=add&id=$id\">Add To Cart</a></td>";

            echo "</tr>";
        }

    ?>
</table>


<a href="cart.php">View Cart</a>

</body>
</html>

车

<?php session_start(); ?>



<?php
    //connect to your database here
?>


</head>
<body>


<?php

    $product_id = $_GET[id];     //the product id from the URL 
    $action     = $_GET[action]; //the action from the URL 

    //if there is an product_id and that product_id doesn't exist display an error message
    if($product_id && !productExists($product_id)) {
        die("Error. Product Doesn't Exist");
    }

    switch($action) {   //decide what to do 

        case "add":
            $_SESSION['cart'][$product_id]++; //add one to the quantity of the product with id $product_id 
        break;

        case "remove":
            $_SESSION['cart'][$product_id]--; //remove one from the quantity of the product with id $product_id 
            if($_SESSION['cart'][$product_id] == 0) unset($_SESSION['cart'][$product_id]); //if the quantity is zero, remove it completely (using the 'unset' function) - otherwise is will show zero, then -1, -2 etc when the user keeps removing items. 
        break;

        case "empty":
            unset($_SESSION['cart']); //unset the whole cart, i.e. empty the cart. 
        break;

    }

?>


<?php   

    if($_SESSION['cart']) { //if the cart isn't empty
        //show the cart

        echo "<table border=\"1\" padding=\"3\" width=\"40%\">";    //format the cart using a HTML table

            //iterate through the cart, the $product_id is the key and $quantity is the value
            foreach($_SESSION['cart'] as $product_id => $quantity) {    

                //get the name, description and price from the database - this will depend on your database implementation.
                //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
                $sql = sprintf("SELECT name, description, price FROM php_shop_products WHERE id = %d;",
                                $product_id); 

                $result = mysql_query($sql);

                //Only display the row if there is a product (though there should always be as we have already checked)
                if(mysql_num_rows($result) > 0) {

                    list($name, $description, $price) = mysql_fetch_row($result);

                    $line_cost = $price * $quantity;        //work out the line cost
                    $total = $total + $line_cost;           //add to the total cost

                    echo "<tr>";
                        //show this information in table cells
                        echo "<td align=\"center\">$name</td>";
                        //along with a 'remove' link next to the quantity - which links to this page, but with an action of remove, and the id of the current product
                        echo "<td align=\"center\">$quantity <a href=\"$_SERVER[PHP_SELF]?action=remove&id=$product_id\">X</a></td>";
                        echo "<td align=\"center\">$line_cost</td>";

                    echo "</tr>";

                }

            }

            //show the total
            echo "<tr>";
                echo "<td colspan=\"2\" align=\"right\">Total</td>";
                echo "<td align=\"right\">$total</td>";
            echo "</tr>";

            //show the empty cart link - which links to this page, but with an action of empty. A simple bit of javascript in the onlick event of the link asks the user for confirmation
            echo "<tr>";
                echo "<td colspan=\"3\" align=\"right\"><a href=\"$_SERVER[PHP_SELF]?action=empty\" onclick=\"return confirm('Are you sure?');\">Empty Cart</a></td>";
            echo "</tr>";       
        echo "</table>";



    }else{
        //otherwise tell the user they have no items in their cart
        echo "You have no items in your shopping cart.";

    }

    //function to check if a product exists
    function productExists($product_id) {
            //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
            $sql = sprintf("SELECT * FROM php_shop_products WHERE id = %d;",
                            $product_id); 

            return mysql_num_rows(mysql_query($sql)) > 0;
    }
?>

<a href="products.php">Continue Shopping</a>


<?php

/*

products table:
    CREATE TABLE `products` (
        `id` INT NOT NULL AUTO_INCREMENT ,
        `name` VARCHAR( 255 ) NOT NULL ,
        `description` TEXT,
        `price` DOUBLE DEFAULT '0.00' NOT NULL ,
        PRIMARY KEY ( `id` )
    );

*/

?>



</body>
</html>