Php MySQL查询-如何防止普通用户看到员工帖子?
在我的论坛上,我遇到了一个问题,非工作人员可以查看普通用户隐藏的与工作人员相关的帖子。经过调查,我发现与员工相关的话题不会出现,而个别帖子会出现 在myPhp MySQL查询-如何防止普通用户看到员工帖子?,php,mysql,codeigniter,Php,Mysql,Codeigniter,在我的论坛上,我遇到了一个问题,非工作人员可以查看普通用户隐藏的与工作人员相关的帖子。经过调查,我发现与员工相关的话题不会出现,而个别帖子会出现 在mycontroller/profile.php中,对于posts(),它显示: $user_posts = $this->db->query("SELECT topics.topic_id as tp_id, forums.staff,
controller/profile.php
中,对于posts(),它显示:
$user_posts = $this->db->query("SELECT topics.topic_id as tp_id,
forums.staff,
topics.topic_title,
tp_new.post_id as ps_id,
tp_new.topic_post_id as tps_id,
tp_new.topic_id,
tp_new.author_id,
tp_new.post_time,
topic_post_text.text as post_body
FROM (SELECT post_id FROM topic_posts WHERE topic_posts.author_id = ".$user_id." ORDER BY post_id DESC LIMIT ".$this->uri->segment(4, 0).", ".$config['per_page'].") tp_old
JOIN topic_posts tp_new ON tp_new.post_id = tp_old.post_id
JOIN `topic_post_text` ON `topic_post_text`.`post_id` = `tp_new`.`post_id`
JOIN `topics` ON `tp_new`.`topic_id` = `topics`.`topic_id`
JOIN `forums` ON `forums`.`forum_id` = `topics`.`forum_id`
ORDER BY tp_new.post_id DESC")->result_array();
$user_topics = $this->db->select('*')
->from('topics')
->where('topics.topic_author', $user_id)
->where('forums.staff', 0)
->join('forums', 'forums.forum_id = topics.forum_id')
->order_by('topics.topic_id', 'desc')
->limit($config['per_page'], $this->uri->segment(4, 0))
->get()
->result_array();
对于主题(),它显示:
$user_posts = $this->db->query("SELECT topics.topic_id as tp_id,
forums.staff,
topics.topic_title,
tp_new.post_id as ps_id,
tp_new.topic_post_id as tps_id,
tp_new.topic_id,
tp_new.author_id,
tp_new.post_time,
topic_post_text.text as post_body
FROM (SELECT post_id FROM topic_posts WHERE topic_posts.author_id = ".$user_id." ORDER BY post_id DESC LIMIT ".$this->uri->segment(4, 0).", ".$config['per_page'].") tp_old
JOIN topic_posts tp_new ON tp_new.post_id = tp_old.post_id
JOIN `topic_post_text` ON `topic_post_text`.`post_id` = `tp_new`.`post_id`
JOIN `topics` ON `tp_new`.`topic_id` = `topics`.`topic_id`
JOIN `forums` ON `forums`.`forum_id` = `topics`.`forum_id`
ORDER BY tp_new.post_id DESC")->result_array();
$user_topics = $this->db->select('*')
->from('topics')
->where('topics.topic_author', $user_id)
->where('forums.staff', 0)
->join('forums', 'forums.forum_id = topics.forum_id')
->order_by('topics.topic_id', 'desc')
->limit($config['per_page'], $this->uri->segment(4, 0))
->get()
->result_array();
如何将我的帖子显示更改为不显示员工帖子?很抱歉没有提供答案,但代码看起来很复杂。至少,我尝试了URL,所有的SQL代码都被泄露了。确保没有错误的人在看它;)您的级别在哪里可以区分员工用户和普通用户?@RowanFreeman如何让它看到替代方案x@Bender我认为0=员工?