Php 将用户名转换为userID以输入注释框
Login.php-包含所有更改部分的登录页面,实际登录正常工作。虽然很难说是否还有其他问题Php 将用户名转换为userID以输入注释框,php,mysql,Php,Mysql,Login.php-包含所有更改部分的登录页面,实际登录正常工作。虽然很难说是否还有其他问题 <?php include("connection.php"); session_start(); if($_SERVER["REQUEST_METHOD"] == "POST") { // username and password sent from form $myusername = mysqli_real_escape_string($co
<?php
include("connection.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($conn,$_POST['username']);
$mypassword = mysqli_real_escape_string($conn,$_POST['password']);
$row['userID'] = $myuserid;
$sql = "SELECT * FROM u803621131_login.users WHERE username = '$myusername' and password = '$mypassword'";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['active'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
session_start("myuserid");
$_SESSION['login_user'] = $myusername;
$_SESSION['login_id'] = $myuserid;
header("location: welcome.php");
}else {
$error = "Your Login Name or Password is invalid";
}
}
?>
<html>
<head>
<title>Login Page</title>
<style type = "text/css">
body {
font-family:Arial, Helvetica, sans-serif;
font-size:14px;
}
label {
font-weight:bold;
width:100px;
font-size:14px;
}
.box {
border:#666666 solid 1px;
}
</style>
</head>
<body bgcolor = "#FFFFFF">
<div align = "center">
<div style = "width:300px; border: solid 1px #333333; " align = "left">
<div style = "background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>
<div style = "margin:30px">
<form action = "" method = "post">
<label>UserName :</label><input type = "text" name = "username" class = "box"/><br /><br />
<label>Password :</label><input type = "password" name = "password" class = "box" /><br/><br />
<input type = "submit" value = " Submit "/><br />
</form>
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php echo $error; ?></div>
</div>
</div>
</div>
</body>
</html>
<?php session_start();
include'../../connection.php';?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="description" content="">
<meta name="keywords" content="">
<link rel="stylesheet" type="text/css" href=".../../../../style.css">
<title>Home</title>
<!--[if IE]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<?php include('../../main/main.php');?>
</head>
<body>
<div class=containermain>
<h1>I5-6600k.php</h1>
<form action="ratepost.php" method="post">
<label for="rating">rating:</label>
<select name="rating" id="rating" value="rating" >
<option>
<option value="1">1 </option>
<option value="2">2</option>
<option value="3">3 </option>
<option value="4">4</option>
<option value="5">5</option>
</option>
</select>
<input type="submit" value="Submit">
</form>
<h2>graphics card write up................</h2>
<?php echo "Hello " . $_SESSION['user']; ?>
<p> </p>
<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
</div>
<div
class="fb-like"
data-share="true"
data-width="450"
data-show-faces="true">
</div>
<!---------------------------------------COMMENT BOX---------------------------------------------------->
<div class="comments" align="center">
<form action="" method="post" >
<textarea rows="4" cols="50" name="comment">
Please type a comment if you are logged in....
</textarea>
<input type="submit" value="Submit">
</form>
<?php
if (isset($_SESSION['login_id']) && !empty($_SESSION['login_id'])) {
$id = $_SESSION['login_id'];
$sqlinsert = "INSERT INTO comment (userID, comment, dCpuID) VALUES ('$id', '$comment', '1')";
if(mysqli_query($conn, $sqlinsert)){
header("Location: i5-6600k");
} else {
echo "ERROR: Could not able to execute $sqlinsert. " . mysqli_error($conn);
}
}
// close connection
$sql = "SELECT `users`.`username`, `comment`.`comment`, `comment`.`timestamp`\n"
. "FROM `users`\n"
. "LEFT JOIN `comment` ON `users`.`userID` = `comment`.`userID` \n"
. "where dCpuID = 1";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo "<table><tr><th>Username</th><th>Comment</th><th>Timestamp</th>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr><td>" . $row["username"]. "</td><td>" . $row["comment"]."</td><td>" . $row["timestamp"]. "</td>";
}
echo "</table>";
} else {
echo "0 results";
}
?>
</div>
<?php include('../../assets/footer.php');?>
<div class="fb-comments" data-href="http://www.computercomparison.tk/#home" data-numposts="5"></div>
</body>
</html>
有这个session.php文件,我不认为它太相关,但更改它确实会影响登录和其他功能,它在这里的状态很好,不知道这里是否还有什么需要更改的?它链接到welcome.php错误消息之后,您使用外键将注释作者ID的列连接到帐户表中的列 如图片所示,它们都是INT。但您尝试将用户名的VARCHAR插入此列 我的方法是通过sql查询获取用户ID,或者更好地将用户ID保存到会话:
<?php
include('connection.php');
session_start();
$user_check = $_SESSION['login_user'];
$ses_sql = mysqli_query($conn,"select username, from users where username = '$user_check' ");
$row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
$login_session = $row['username'];
if(!isset($_SESSION['login_user'])){
header("location:login.php");
}
?>
session_start();
$_SESSION['login_user'] = $usernameFromFormOrWhatever;
$_SESSION['login_id'] = $usersID;
此外,在comments表中输入的ID也必须作为用户ID显示在accounts表的一行中。否则,您将像现在一样收到错误消息。请包括用户和注释的表结构。您对userID的注释中是否有外键?你确定还是无意中添加了它?请尝试使用username->INSERT INTO comment userID,comment,dCpuID从用户表中选择userID选择'userID','$comment','1',其中username='$username'是的,我有一个FK链接,将允许该查询。你不需要设置和!空的这个emtpy就足够了。您应该参数化这个查询。您还应该在会话中存储userid,而不是名称。dan不是唯一的,因此您无法区分它们。数据类型都设置正确。我试着用session.php来代替我的session start,这可能是有希望的,但后来,我设法在评论框中发了垃圾邮件,记不清我为此做了什么happen@danw20刚刚更新了我的答案。您应该在登录到会话时保存用户的id,以便以后使用。最好将第一位输入login.php或session.php文件中吗?尽管回顾一下,我认为session.php可能是一个旧文件我不知道您的代码,但您必须插入用户登录的第一段代码。注意,会话将启动;必须在之前打电话。
$id = $_SESSION['login_id'];
$sqlinsert = "INSERT INTO comment (userID, comment, dCpuID) VALUES ('$id', '$comment', '1')";