Php @用文字提及或仅用文字本身提及
我有一个值或newmsg通过我的div textarea发送,它可以由@antify text组成 或者仅仅是文本,这取决于用户向状态更新程序输入的内容 我面临的问题是,当我添加str_replace代码来转换@title+文本时,它会发布任何带有@title+文本的内容,但不会发布只有文本的正常状态。我需要我的php脚本来发布两者 如果它有@metion+文本帖子Php @用文字提及或仅用文字本身提及,php,ajax,json,str-replace,Php,Ajax,Json,Str Replace,我有一个值或newmsg通过我的div textarea发送,它可以由@antify text组成 或者仅仅是文本,这取决于用户向状态更新程序输入的内容 我面临的问题是,当我添加str_replace代码来转换@title+文本时,它会发布任何带有@title+文本的内容,但不会发布只有文本的正常状态。我需要我的php脚本来发布两者 如果它有@metion+文本帖子 <a href="profile.php?username='.isset($_POST['red']).'">@me
<a href="profile.php?username='.isset($_POST['red']).'">@mention</a> Hi my name is Dave
PHP
我仍然必须对变量进行转义,以防止sql注入。我已经让它工作了。我取下了$_POST['red'],并将其包裹在str_replace上
if(isset($_POST['toid'])){
if($_POST['toid']==""){$_POST['toid']=$_SESSION['id'];}
if(isset($_POST['newmsg'])&&isset($_POST['toid'])&&isset($_POST['privacy'])){
if(isset($_POST['red']){
$_POST['newmsg']=str_replace('@'.isset($_POST['red']).'','<a href="profile.php?username='.isset($_POST['red']).'">'.isset($_POST['red']).'</a>', $_POST['newmsg']);
}
$sql="SELECT * FROM user WHERE id=".$_SESSION['id']."";
$query=mysqli_query($mysqli,$sql) or die(mysqli_error($mysqli));
$row = mysqli_fetch_assoc($query);
date_default_timezone_set($row['timezone']);
$date=date('y:m:d H:i:s');
if($_POST['toid']==$_SESSION['id']){
user_core::create_streamitem("1",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
}else{
user_core::create_streamitem("3",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
}
}
}
旁注:这只是一个示例链接。但是我会更新它的。对不起,只要问一下..这个代码是做什么的$_POST['newmsg']=$\u POST['newmsg']@戴夫我正要说同样的话^^^$\u POST['newmsg']==$\u POST['newmsg'];从技术上讲,您正在比较使用==而不是赋值=,但正如Randyka所问,这应该做什么?实际上我应该删除它。我正在测试它是否能与之配合,但没有任何区别。我会移除它。
if(isset($_POST['toid'])){
if($_POST['toid']==""){$_POST['toid']=$_SESSION['id'];}
if(isset($_POST['newmsg'])&&isset($_POST['toid'])&&isset($_POST['privacy'])&&isset($_POST['red'])){
$_POST['newmsg']=str_replace('@'.isset($_POST['red']).'','<a href="profile.php?username='.isset($_POST['red']).'">'.isset($_POST['red']).'</a>', $_POST['newmsg']);
$sql="SELECT * FROM user WHERE id=".$_SESSION['id']."";
$query=mysqli_query($mysqli,$sql) or die(mysqli_error($mysqli));
$row = mysqli_fetch_assoc($query);
date_default_timezone_set($row['timezone']);
$date=date('y:m:d H:i:s');
if($_POST['toid']==$_SESSION['id']){
user_core::create_streamitem("1",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
}else{
user_core::create_streamitem("3",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
}
}
}
var content = $(this).children("#toid").val();
var newmsg= $(this).children("#newmsg").text();
var username = $(".red").attr("href");
var privacy = $("#privacy").val();
$.ajax({
type: "POST",
url: "insert.php",
cache: false,
dataType: "json",
data: { toid: content, newmsg: newmsg, privacy: privacy, red: username },
success: function(response){ }
if(isset($_POST['toid'])){
if($_POST['toid']==""){$_POST['toid']=$_SESSION['id'];}
if(isset($_POST['newmsg'])&&isset($_POST['toid'])&&isset($_POST['privacy'])){
if(isset($_POST['red']){
$_POST['newmsg']=str_replace('@'.isset($_POST['red']).'','<a href="profile.php?username='.isset($_POST['red']).'">'.isset($_POST['red']).'</a>', $_POST['newmsg']);
}
$sql="SELECT * FROM user WHERE id=".$_SESSION['id']."";
$query=mysqli_query($mysqli,$sql) or die(mysqli_error($mysqli));
$row = mysqli_fetch_assoc($query);
date_default_timezone_set($row['timezone']);
$date=date('y:m:d H:i:s');
if($_POST['toid']==$_SESSION['id']){
user_core::create_streamitem("1",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
}else{
user_core::create_streamitem("3",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
}
}
}