我正在创建一个朋友系统,当用户访问另一个用户的个人资料时,他们看到一个ADD friend 选项,当他们访问自己的个人资料时,他们可以看到其他的东西,而不是ADD friend 选项,如TOTAL FRIENDS(或类似),当客人访问时(谁没有登录),他们也看到不同的页面。总之,我需要在一个页面上表示三个视图:
- 当人员未登录 时
- 登录
user != user_id时 - 登录
user == user_id时
就像我现在看到的那样,我设置脚本的方式出了问题。会话似乎不能在适当的实例下工作。
header。php:
<?php
include ( "./inc/connect.inc.php" );
session_start();
if (isset($_SESSION['user_login'])) {
$user = $_SESSION['user_login'];
}
else {
$user = "";
}
?>
profile.php:
<?php include ( "./inc/header.inc.php" );
if (isset($_GET['u'])) {
$username = mysql_real_escape_string($_GET['u']);
if (ctype_alnum($username)) {
//check user exists
$check = mysql_query("SELECT username, first_name FROM users WHERE username='$username'");
if (mysql_num_rows($check)===1) {
$get = mysql_fetch_assoc($check);
$username = $get['username'];
$firstname = $get['first_name'];
}
else {
echo "<meta http-equiv='"refresh'" content='"0; url=http://localhost/tutorials/index.php'">";
exit();
}
}
}
$optionbox = "";
if (isset($_SESSION['user_login']) != $user){
$optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
<a href="#">Add friend</a>
</div>';
}
else if (isset($_SESSION['user_login']) == $user){
$optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
<a href="#">friend list</a>
</div>';
}
else {
$optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
</div';
}
?>
也尝试使用['u']而不是user_login,前两种情况都显示在选项框中添加朋友或朋友列表。
有几件事可以帮助你。为了清楚起见,我做了注释:
<?php
// Add connection here...(should be a PDO or mysqli_)
session_start();
// Add a simple true/false function to test for logged in
// Would be better included on this page rather than written (like connection)
function is_loggedin()
{
return (!empty($_SESSION['user_login']));
}
// Make a function to test if the logged-in user is currently viewing own profile
// Would be better included on this page rather than written (like connection)
function is_profile($user = false)
{
if(!$user)
return false;
return (is_loggedin() && ($_SESSION['user_login'] == $user));
}
// Presumably you would have profile.php?u=23432 or similar
// If no user requested just assign false
$user = (!empty($_GET['u']) && ctype_alnum($_GET['u']))? $_GET['u'] : false;
// If the user is valid (not empty)
// Would be better included on this page if condition is met otherwise
// It just kind of loads extra lines for nothing
if($user != false) {
// You should not be using mysql_ anymore, PDO or mysqli_ with prepared/bound statements
$username = mysql_real_escape_string($user);
//check user exists
$check = mysql_query("SELECT username, first_name FROM users WHERE username='$username'");
if (mysql_num_rows($check) === 1) {
$get = mysql_fetch_assoc($check);
$username = $get['username'];
$firstname = $get['first_name'];
}
else {
echo "<meta http-equiv='"refresh'" content='"0; url=http://localhost/tutorials/index.php'">";
exit;
}
}
// Just do one wrapper
$optionbox[] = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">';
// Check if a user is logged in
if(is_loggedin())
// If the logged in user matches the $_GET user
$optionbox[] = (!is_profile($user))? '<a href="#">Add friend</a>' : '<a href="#">friend list</a>';
// If user is not logged in
else
$optionbox[] = '<h3>You must be logged in to view stuff and things</h3>';
// Finish wrapper
$optionbox[] = '</div>';
// Write to page
echo implode(PHP_EOL,$optionbox);
?>
编辑:
自从最初发布这个答案以来,我已经有了几个赞,我不想在这里引用添加连接之类的东西…(应该是PDO或mysqli_),而不是实际显示,所以这里是一个小重写与适当的连接等。function.PDOConnect.php是填充数据库凭据的地方:
/类/class.DBDriver.php
<?php
// Have a general driver interface incase you need different database
// connection interfaces (MSSQL, etc)
interface DBDriver
{
public static function connect($user,$pass,$host,$dbname);
}
/类/class.Database.php
<?php
// Create MySQL PDO Connection based on the DBDriver preferences
class Database implements DBDriver
{
// This will store our connection for reuse
private static $singleton;
// This will store the connection options
protected static $dbOpts;
// This is the actual connecting to database
public static function connect($user,$pass,$host,$dbname)
{
if(isset(self::$singleton))
return self::$singleton;
if(!isset(self::$dbOpts))
self::SetDatabaseAttr();
try {
self::$singleton = new PDO("mysql:host=$host;dbname=$dbname",$user,$pass, self::$dbOpts);
self::$singleton->exec('SET NAMES "utf8"');
}
catch(PDOException $e){
echo "unable to connect to server";
exit;
}
return self::$singleton;
}
// This sets the options for your database.
public static function SetDatabaseAttr($value = false,$refresh = false)
{
if(!is_array($value) || empty($value)) {
self::$dbOpts[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
self::$dbOpts[PDO::ATTR_DEFAULT_FETCH_MODE] = PDO::FETCH_ASSOC;
self::$dbOpts[PDO::ATTR_EMULATE_PREPARES] = false;
}
else {
if(empty(self::$dbOpts) || $refresh)
self::$dbOpts = array();
foreach($value as $DBKey => $DBValue)
self::$dbOpts[$DBKey] = $DBValue;
}
return self::$dbOpts;
}
}
/类/class.QueryEngine.php
<?php
// This class can be expanded out to do a lot more than just fetch from the database
class QueryEngine
{
protected $query;
private static $singleton;
// Create and Return instance of itself
public function __construct()
{
if(!empty(self::$singleton))
self::$singleton = $this;
return self::$singleton;
}
// Basic query method
public function query($sql = false, $bind = false)
{
AutoloadFunction("PDOConnect");
$con = PDOConnect();
$this->query = $con->prepare($sql);
if(!empty($bind)) {
foreach($bind as $key => $val) {
$bindVals[":{$key}"] = $val;
}
$this->query->execute($bindVals);
}
else
$this->query->execute();
return $this;
}
// This function is what returns the array in conjunction with
// the query method
public function Fetch()
{
if($this->query) {
while($row = $this->query->fetch(PDO::FETCH_ASSOC)) {
$result[] = $row;
}
}
return (!empty($result))? $result : 0;
}
}
/功能/function.AutoLoadClasses.php
<?php
// This function is what is used to autoload classes on the fly
// There is no need to include class files, so long as they are in the
// /classes/ folder
function AutoLoadClasses($className) {
if(class_exists($className)) {
return;
}
if(is_file(CLASSES_DIR."/class.".$className.'.php')) {
include_once(CLASSES_DIR."/class.".$className.'.php');
}
}
/功能/function.AutoloadFunction.php
<?php
// This will attempt to load the required file to run a specified function
// Similar to the autoloader for the classes, only this is required to be
// manually called like: AutoloadFunction("myfunction"); before function use
function AutoloadFunction($function = false,$loaddir = false)
{
if($function == false)
return false;
if(strpos($function,","))
$functions = explode(",",$function);
$function_dir = ($loaddir != false && !is_array($loaddir))? $loaddir.'/function.': FUNCTIONS_DIR.'/function.';
if(!isset($functions)) {
$functions[] = $function;
}
for($i = 0; $i < count($functions); $i++) {
// Function name
$addfunction = $functions[$i];
// See if function exists
if(!function_exists($addfunction)) {
$dir = $function_dir.$addfunction.'.php';
if(is_file($dir)) {
include_once($dir);
}
}
}
}
/功能/function.PDOConnect.php
<?php
// Just make a quick PDO function to return your PDO Connection
// populate the arguements with your database credentials
function PDOConnect($user = "username",$pass = "password",$host = "hostname",$data = "databasename")
{
return Database::connect($user,$pass,$host,$data);
}
/功能/function.query_fetch.php
<?php
// Here is a quick array fetching function using the query engine class
function query_fetch($sql = false,$bind = false)
{
$qEngine = new QueryEngine();
return $qEngine ->query($sql,$bind)
->Fetch();
}
/功能/function.is_loggedin.php
<?php
// Add a simple true/false function to test for logged in
function is_loggedin()
{
return (!empty($_SESSION['username']));
}
/功能/function.is_profile.php
<?php
// Make a function to test if the logged-in user is currently viewing own profile
function is_profile($user = false)
{
if(!$user)
return false;
AutoloadFunction("is_loggedin");
return (is_loggedin() && ($_SESSION['username'] == $user));
}
/功能/function.get_profile.php
<?php
// This will fetch the user based on a get variable
function get_profile($username = false)
{
// Presumably you would have profile.php?u=23432 or similar
// If no user requested just assign false
$user = (!empty($_GET['u']) && ctype_alnum($_GET['u']))? $_GET['u'] : false;
$array['username'] = false;
$array['first_name'] = false;
// If the user is valid (not empty)
// Would be better included on this page if condition is met otherwise
// It just kind of loads extra lines for nothing
if($user != false) {
AutoloadFunction("query_fetch");
//check user exists
$get = query_fetch("SELECT `username`, `first_name`,`ID` FROM `users` WHERE `username` = :0",array($user));
if ($get != 0) {
$array['username'] = $get[0]['username'];
$array['ID'] = $get[0]['ID'];
$array['first_name'] = $get[0]['first_name'];
return ($username)? $array['username'] : $array;
}
else {
header("location: http://localhost/tutorials/index.php");
exit;
}
}
return $array;
}
config。
<?php
// Define some basic locational constants
define("ROOT_DIR",__DIR__);
define("CLASSES_DIR",ROOT_DIR."/classes");
define("FUNCTIONS_DIR",ROOT_DIR."/functions");
// Load up the functions autoloader
include_once(FUNCTIONS_DIR."/function.AutoloadFunction.php");
// Load up the function for class autoloading
AutoloadFunction("AutoLoadClasses");
// Apply the autoloader for classes
spl_autoload_register('AutoLoadClasses');
profile.php
<?php
session_start();
// Load all the settings to make things work.
include(__DIR__."/config.php");
?>
<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
<?php
// Using the "AutoloadFunction" should save execution time because
// it will only load functions it needs instead of loading all the functions
// it could "potentially" need.
AutoloadFunction("is_loggedin");
// Check if a user is logged in
if(is_loggedin()) {
AutoloadFunction("get_profile,is_profile");
// Fetch the profile of current user query
$user = get_profile();
// If the logged in user matches the $_GET user
echo (!is_profile($user['username']))? '<a href="?action=add&u='.$user['ID'].'">Add '.ucwords($user['first_name']).'</a>' : '<a href="#">friend list</a>';
}
// If user is not logged in
else {
?>
<h3>You must be logged in to view stuff and things</h3>
<?php }
?>
</div>