如何在个人资料页面上显示“不同的会话状态"(访客视图与用户个人资料视图) [英] How to display different session status' on a profile page (guest view vs. user profile view)
本文介绍了如何在个人资料页面上显示“不同的会话状态"(访客视图与用户个人资料视图)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在创建一个朋友系统,当用户访问另一个用户的个人资料时,他们看到一个 ADD FRIEND 选项,当他们访问自己的个人资料时,他们可以看到其他内容,而不是 ADD FRIEND 选项(例如总朋友(或类似)),并且当访客访问(未登录)时,他们也会以不同的方式查看页面.总而言之,我需要在一个页面上显示三个视图:
I am creating a friend system where when the user visits another user's profile they see an ADD FRIEND option and when they visit their own profile they can see something else instead of the ADD FRIEND option like TOTAL FRIENDS (or similar) and when a guest visits (who is not logged in), they too see the page differently. To summarize, I need three views represented on one page:
- 未登录的人
- 登录
user != user_id - 登录
user == user_id
- When person is not logged in
- When logged in
user != user_id - When logged in
user == user_id
现在,我设置脚本的方式出了点问题.这些会话似乎在适当的实例下无法正常工作.
As I have it now, something's gone wrong with how I set up my script. The sessions don't seem to be working under the proper instances.
header.php:
<?php
include ( "./inc/connect.inc.php" );
session_start();
if (isset($_SESSION['user_login'])) {
$user = $_SESSION['user_login'];
}
else {
$user = "";
}
?>
profile.php:
<?php include ( "./inc/header.inc.php" );
if (isset($_GET['u'])) {
$username = mysql_real_escape_string($_GET['u']);
if (ctype_alnum($username)) {
//check user exists
$check = mysql_query("SELECT username, first_name FROM users WHERE username='$username'");
if (mysql_num_rows($check)===1) {
$get = mysql_fetch_assoc($check);
$username = $get['username'];
$firstname = $get['first_name'];
}
else {
echo "<meta http-equiv=\"refresh\" content=\"0; url=http://localhost/tutorials/index.php\">";
exit();
}
}
}
$optionbox = "";
if (isset($_SESSION['user_login']) != $user){
$optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
<a href="#">Add friend</a>
</div>';
}
else if (isset($_SESSION['user_login']) == $user){
$optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
<a href="#">friend list</a>
</div>';
}
else {
$optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
</div';
}
?>
也尝试使用['u']代替user_login,对于前两种情况,在选项框中都显示添加朋友"或朋友列表".
Also tried using ['u'] instead of user_login,for first two situations both show either add friend or friend list in option box.
推荐答案
有几件事对您有帮助.为了清楚起见,我已经注明:
There are a few things that would help you. I have notated for clarity:
<?php
// Add connection here...(should be a PDO or mysqli_)
session_start();
// Add a simple true/false function to test for logged in
// Would be better included on this page rather than written (like connection)
function is_loggedin()
{
return (!empty($_SESSION['user_login']));
}
// Make a function to test if the logged-in user is currently viewing own profile
// Would be better included on this page rather than written (like connection)
function is_profile($user = false)
{
if(!$user)
return false;
return (is_loggedin() && ($_SESSION['user_login'] == $user));
}
// Presumably you would have profile.php?u=23432 or similar
// If no user requested just assign false
$user = (!empty($_GET['u']) && ctype_alnum($_GET['u']))? $_GET['u'] : false;
// If the user is valid (not empty)
// Would be better included on this page if condition is met otherwise
// It just kind of loads extra lines for nothing
if($user != false) {
// You should not be using mysql_ anymore, PDO or mysqli_ with prepared/bound statements
$username = mysql_real_escape_string($user);
//check user exists
$check = mysql_query("SELECT username, first_name FROM users WHERE username='$username'");
if (mysql_num_rows($check) === 1) {
$get = mysql_fetch_assoc($check);
$username = $get['username'];
$firstname = $get['first_name'];
}
else {
echo "<meta http-equiv=\"refresh\" content=\"0; url=http://localhost/tutorials/index.php\">";
exit;
}
}
// Just do one wrapper
$optionbox[] = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">';
// Check if a user is logged in
if(is_loggedin())
// If the logged in user matches the $_GET user
$optionbox[] = (!is_profile($user))? '<a href="#">Add friend</a>' : '<a href="#">friend list</a>';
// If user is not logged in
else
$optionbox[] = '<h3>You must be logged in to view stuff and things</h3>';
// Finish wrapper
$optionbox[] = '</div>';
// Write to page
echo implode(PHP_EOL,$optionbox);
?>
自从最初发布该答案以来,我对此回答有几个赞,我不想引用在此处添加连接...(应该是PDO或mysqli_)之类的东西并没有实际显示出来,因此这里有一些适当的连接和类似内容的重写. function.PDOConnect.php是填充数据库凭据的位置:
I have a had a couple of upvotes on this answer since posting it originally, and I don't want to make references to things like Add connection here...(should be a PDO or mysqli_) without actually showing that so here is a little rewrite with proper connections and such. The function.PDOConnect.php is where your database credentials are populated:
/classes/class.DBDriver.php
<?php
// Have a general driver interface incase you need different database
// connection interfaces (MSSQL, etc)
interface DBDriver
{
public static function connect($user,$pass,$host,$dbname);
}
/classes/class.Database.php
<?php
// Create MySQL PDO Connection based on the DBDriver preferences
class Database implements DBDriver
{
// This will store our connection for reuse
private static $singleton;
// This will store the connection options
protected static $dbOpts;
// This is the actual connecting to database
public static function connect($user,$pass,$host,$dbname)
{
if(isset(self::$singleton))
return self::$singleton;
if(!isset(self::$dbOpts))
self::SetDatabaseAttr();
try {
self::$singleton = new PDO("mysql:host=$host;dbname=$dbname",$user,$pass, self::$dbOpts);
self::$singleton->exec('SET NAMES "utf8"');
}
catch(PDOException $e){
echo "unable to connect to server";
exit;
}
return self::$singleton;
}
// This sets the options for your database.
public static function SetDatabaseAttr($value = false,$refresh = false)
{
if(!is_array($value) || empty($value)) {
self::$dbOpts[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
self::$dbOpts[PDO::ATTR_DEFAULT_FETCH_MODE] = PDO::FETCH_ASSOC;
self::$dbOpts[PDO::ATTR_EMULATE_PREPARES] = false;
}
else {
if(empty(self::$dbOpts) || $refresh)
self::$dbOpts = array();
foreach($value as $DBKey => $DBValue)
self::$dbOpts[$DBKey] = $DBValue;
}
return self::$dbOpts;
}
}
/classes/class.QueryEngine.php
<?php
// This class can be expanded out to do a lot more than just fetch from the database
class QueryEngine
{
protected $query;
private static $singleton;
// Create and Return instance of itself
public function __construct()
{
if(!empty(self::$singleton))
self::$singleton = $this;
return self::$singleton;
}
// Basic query method
public function query($sql = false, $bind = false)
{
AutoloadFunction("PDOConnect");
$con = PDOConnect();
$this->query = $con->prepare($sql);
if(!empty($bind)) {
foreach($bind as $key => $val) {
$bindVals[":{$key}"] = $val;
}
$this->query->execute($bindVals);
}
else
$this->query->execute();
return $this;
}
// This function is what returns the array in conjunction with
// the query method
public function Fetch()
{
if($this->query) {
while($row = $this->query->fetch(PDO::FETCH_ASSOC)) {
$result[] = $row;
}
}
return (!empty($result))? $result : 0;
}
}
/functions/function.AutoLoadClasses.php
<?php
// This function is what is used to autoload classes on the fly
// There is no need to include class files, so long as they are in the
// /classes/ folder
function AutoLoadClasses($className) {
if(class_exists($className)) {
return;
}
if(is_file(CLASSES_DIR."/class.".$className.'.php')) {
include_once(CLASSES_DIR."/class.".$className.'.php');
}
}
/functions/function.AutoloadFunction.php
<?php
// This will attempt to load the required file to run a specified function
// Similar to the autoloader for the classes, only this is required to be
// manually called like: AutoloadFunction("myfunction"); before function use
function AutoloadFunction($function = false,$loaddir = false)
{
if($function == false)
return false;
if(strpos($function,","))
$functions = explode(",",$function);
$function_dir = ($loaddir != false && !is_array($loaddir))? $loaddir.'/function.': FUNCTIONS_DIR.'/function.';
if(!isset($functions)) {
$functions[] = $function;
}
for($i = 0; $i < count($functions); $i++) {
// Function name
$addfunction = $functions[$i];
// See if function exists
if(!function_exists($addfunction)) {
$dir = $function_dir.$addfunction.'.php';
if(is_file($dir)) {
include_once($dir);
}
}
}
}
/functions/function.PDOConnect.php
<?php
// Just make a quick PDO function to return your PDO Connection
// populate the arguements with your database credentials
function PDOConnect($user = "username",$pass = "password",$host = "hostname",$data = "databasename")
{
return Database::connect($user,$pass,$host,$data);
}
/functions/function.query_fetch.php
<?php
// Here is a quick array fetching function using the query engine class
function query_fetch($sql = false,$bind = false)
{
$qEngine = new QueryEngine();
return $qEngine ->query($sql,$bind)
->Fetch();
}
/functions/function.is_loggedin.php
<?php
// Add a simple true/false function to test for logged in
function is_loggedin()
{
return (!empty($_SESSION['username']));
}
/functions/function.is_profile.php
<?php
// Make a function to test if the logged-in user is currently viewing own profile
function is_profile($user = false)
{
if(!$user)
return false;
AutoloadFunction("is_loggedin");
return (is_loggedin() && ($_SESSION['username'] == $user));
}
/functions/function.get_profile.php
<?php
// This will fetch the user based on a get variable
function get_profile($username = false)
{
// Presumably you would have profile.php?u=23432 or similar
// If no user requested just assign false
$user = (!empty($_GET['u']) && ctype_alnum($_GET['u']))? $_GET['u'] : false;
$array['username'] = false;
$array['first_name'] = false;
// If the user is valid (not empty)
// Would be better included on this page if condition is met otherwise
// It just kind of loads extra lines for nothing
if($user != false) {
AutoloadFunction("query_fetch");
//check user exists
$get = query_fetch("SELECT `username`, `first_name`,`ID` FROM `users` WHERE `username` = :0",array($user));
if ($get != 0) {
$array['username'] = $get[0]['username'];
$array['ID'] = $get[0]['ID'];
$array['first_name'] = $get[0]['first_name'];
return ($username)? $array['username'] : $array;
}
else {
header("location: http://localhost/tutorials/index.php");
exit;
}
}
return $array;
}
config.php
<?php
// Define some basic locational constants
define("ROOT_DIR",__DIR__);
define("CLASSES_DIR",ROOT_DIR."/classes");
define("FUNCTIONS_DIR",ROOT_DIR."/functions");
// Load up the functions autoloader
include_once(FUNCTIONS_DIR."/function.AutoloadFunction.php");
// Load up the function for class autoloading
AutoloadFunction("AutoLoadClasses");
// Apply the autoloader for classes
spl_autoload_register('AutoLoadClasses');
profile.php
<?php
session_start();
// Load all the settings to make things work.
include(__DIR__."/config.php");
?>
<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
<?php
// Using the "AutoloadFunction" should save execution time because
// it will only load functions it needs instead of loading all the functions
// it could "potentially" need.
AutoloadFunction("is_loggedin");
// Check if a user is logged in
if(is_loggedin()) {
AutoloadFunction("get_profile,is_profile");
// Fetch the profile of current user query
$user = get_profile();
// If the logged in user matches the $_GET user
echo (!is_profile($user['username']))? '<a href="?action=add&u='.$user['ID'].'">Add '.ucwords($user['first_name']).'</a>' : '<a href="#">friend list</a>';
}
// If user is not logged in
else {
?>
<h3>You must be logged in to view stuff and things</h3>
<?php }
?>
</div>
这篇关于如何在个人资料页面上显示“不同的会话状态"(访客视图与用户个人资料视图)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
