根据当前用户会话 PHP 显示特定内容 [英] Show specific content based on current user session PHP
问题描述
我的问题是如何根据用户会话php显示特定内容.
My question is how to display specific content based on user session php.
我有一个名为 profile.php 的文件.当一个用户点击另一个用户时,第一个用户被重定向到 profile.php 文件.在这个文件中,我希望用户能够看到用户发表的所有帖子.
I have a file called profile.php. When a user click on another user the first user gets redirected to the profile.php file. In this file I want the users to be able to see all the posts that user has made.
图片说明:
像这样:
<?php
if ($_SESSION['username'] == ($_GET[‘id’])) {
//DISPLAY rows with info from Database just like the attached code.
//DISPLAY edit button ONLY if the current user session is the same as the current id of the profile page.
}
?>
profile.php 代码如下:
<?php
session_start();
require('connect.php');
if (@$_SESSION["username"]) {
?>
<!DOCTYPE html>
<html>
<head>
<title>Profile page</title>
</head>
<body>
<?php include('header.php'); ?>
<center>
<?php echo '<table border="1px;">'; ?>
<tr>
<td>
<span>ID</span>
</td>
<td width="400px" style="text-align: center;">
Name
</td>
<td width="80px" style="text-align: center;">
Creator
</td>
<td width="80px" style="text-align: center;">
Date
</td>
<td width="80px" style="text-align: center;">
Edit
</td>
</tr>
</center>
</body>
</html>
<?php
if (@$_GET['id']) {
$check_d = mysql_query("SELECT * FROM users WHERE id ='".$_GET['id']."'");
while ($row_d = mysql_fetch_assoc($check_d)) {
echo "<h1>Post made by: ".$row_d['username']."</h1>";
$check_u = mysql_query("SELECT * FROM topics WHERE topic_creator='".$row_d['username']."'");
while ($row_u = mysql_fetch_assoc($check_u)) {
$id = $row_u['topic_id'];
echo "<tr>";
echo "<td>".$row_u['topic_id']."</td>";
echo "<td><a href='topic.php?id=$id'>".$row_u['topic_name']."<br /></a></td>";
echo "<td>".$row_u['topic_creator']."<br /></td>";
echo "<td>".$row_u['date']."<br /></td>";
echo "<td><a href='edit.php?edit=$id'>Edit</a><br /></td>";
echo "</tr>";
}
}
}
echo "</table>";
if (@$_GET['action'] == "logout") {
session_destroy();
header("Location: login.php");
}
}else {
echo "You must be logged in.";
}
?>
如果有人知道如何解决这个问题,我将不胜感激!
If anyone knows how to solve this I would be most grateful!
我可以在网上找到的大多数答案都涉及用户级别分布,其中管理员和用户级别是预先确定的.这不是我想要的.我只是希望当前登录的用户能够编辑他们自己的帖子,而不是其他用户的帖子.
Most of the answers I could find online involves user level distribution where the admin and user levels are predetermined. This is not what I would prefer. I simply would like the current user that is logged in to be able to edit their own posts, but not the other user posts.
我希望这是有道理的,但如果没有,那就问吧!
I hope that this made sense, but if not, just ask!
先谢谢了!//E.
推荐答案
如果登录用户不应该编辑其他用户的帖子,那么不显示编辑列,那么你可以做简单的检查列编辑如下
If logged in user shouldn't edit other user's posts, then don't show the edit column, then you can do simple if check for the column Edit like below
while ($row_d = mysql_fetch_assoc($check_d)) {
echo "<h1>Post made by: ".$row_d['username']."</h1>";
$check_u = mysql_query("SELECT * FROM topics WHERE topic_creator='".$row_d['username']."'");
while ($row_u = mysql_fetch_assoc($check_u)) {
$id = $row_u['topic_id'];
echo "<tr>";
echo "<td>".$row_u['topic_id']."</td>";
echo "<td><a href='topic.php?id=$id'>".$row_u['topic_name']."<br /></a></td>";
echo "<td>".$row_u['topic_creator']."<br /></td>";
echo "<td>".$row_u['date']."<br /></td>";
// Add if condition here
if($_SESSION['current_logged_in_user_id'] === $row_u['topic_creator_id']) {
echo "<td><a href='edit.php?edit=$id'>Edit</a><br /></td>";
}
echo "</tr>";
}
}
但不要使用 mysql_* 函数.出于安全原因,例如保护自己免受 sql 注入攻击,请使用 mysqli 或 PDO.
but don't use mysql_* functions. use mysqli or PDOs for security reasons like protecting yourself from sql injection attacks.
这篇关于根据当前用户会话 PHP 显示特定内容的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
