如何向发表评论的用户显示删除和编辑链接?就像在Facebook上一样,只有发表评论的人可以编辑或删除评论。下面是我的"显示评论","显示删除"answers"编辑评论" PHP文件:
<?php
include_once("includes/settings.php");
connect();
$result=mysql_query("SELECT * FROM comments ORDER BY id DESC");
echo "<table width='80%' border=0>";
echo "<tr bgcolor='#CCCCCC'>";
echo "<td>Name</td>";
echo "<td>Comments</td>";;
echo "</tr>";
while($res=mysql_fetch_array($result)){
echo "<tr>";
echo "<td>".$res['Name']."</td>";
echo "<td>".$res['Comments']."</td>";
echo "<td><a href='"edit_comment.php?id=$res[id]'">Edit</a> | <a href='"includes/delete.php?id=$res[id]'">Delete</a></td>";
}
echo "</table>";
?>
下面是edit.php
<?php
error_reporting(0);
include_once("settings.php");
connect();
if(isset($_POST['submit'])) {
$id = $_POST['id'];
$Comments=$_POST['Comments'];
if(empty($Comments)) {
echo "<font color='red'>Comments field is empty.</font><br/>";
}
else {
$result=mysql_query("UPDATE comments SET Comments='$Comments' WHERE id=$id");
echo "Your comments has been edited you will be redirected to the members area page automatically or <a href='../index_ma.php'>click here to go back</a>";
header('refresh: 3; url=../index_ma.php');
}
}
?>
<?php
$id = $_GET['id'];
$result=mysql_query("select * from comments where id='$id'");
while($res=mysql_fetch_array($result))
{
$Comments = $res['Comments'];
}
?>
下面是delete.php
<?php
include_once("settings.php");
connect();
$id = $_GET['id'];
$result=mysql_query("DELETE FROM comments where id=$id");
echo "Your comments has been deleted you will be redirected to the members area page automatically or <a href='../index_ma.php'>click here to go back</a>";
header('refresh: 3; url=../index_ma.php');
?>
这取决于您的数据库模式。假设您有一个存储用户id的列。这样,你就可以输入如下内容:
if ($CurrentUserId == $res['CommentatorId']) {
echo "<td><a href='"edit_comment.php?id=$res[id]'">Edit</a> | <a href='"includes/delete.php?id=$res[id]'">Delete</a></td>";
}
else {
echo "<td></td>";
}
您可以使用上面的代码块来代替第一个代码块中的echo "<td><a href=...
行。
你的block应该是这样的:
<?php
include_once("includes/settings.php");
connect();
$result=mysql_query("SELECT * FROM comments ORDER BY id DESC");
echo "<table width='80%' border=0>";
echo "<tr bgcolor='#CCCCCC'>";
echo "<td>Name</td>";
echo "<td>Comments</td>";;
echo "</tr>";
while($res=mysql_fetch_array($result)){
echo "<tr>";
echo "<td>".$res['Name']."</td>";
echo "<td>".$res['Comments']."</td>";
if ($CurrentUserId == $res['CommentatorId']) {
echo "<td><a href='"edit_comment.php?id=$res[id]'">Edit</a> | <a href='"includes/delete.php?id=$res[id]'">Delete</a></td>";
}
else {
echo "<td></td>";
}
}
echo "</table>";
?>
我不确定你是否这样做但是在评论表中需要保存发布评论的用户的id,然后在edit.php中需要检查登录用户的id是否等于试图编辑评论的人的id如果是,那就编辑,如果不是,那就别让他编辑。
在下面的代码中,我假设您将注释表中的用户id保存为user_id
$comment_id = intval($_GET['id']);
$result = mysql_query("SELECT user_id FROM Comments WHERE id = $comment_id");
$row = mysql_fetch_array($result);
if($row['user_id'] == $user_id) {
// Edit the comment
} else {
// Not permitted to edit the comment
}
我也注意到你还在使用mysql,所以我建议你开始使用mysqli,我也注意到你没有消毒你的变量,这是非常错误的,可能会导致你的数据库被注入。另外,在edit.php中,你在链接中发送的id是$_GET,而不是我在代码中编辑的$_POST。
此功能仅适用于应用程序上有用户和登录系统的情况。如果我们假设您的评论表中的字段Name是唯一的,并且分配了写评论的用户名(当然来自用户表),那么在成功登录期间,您必须在会话变量中设置这个Name值,然后在打印评论时检查该会话值和评论的Name值以打印出编辑和删除链接。
注意:这个答案是一个算法的实现。