我试图了解过去几天我一直在努力学习的概念;
我看到很多社交网络在文件后面的网址中使用用户的ID(例如:" Socialnetwork.php?id = 123")导航到某个用户。
我想让profile.php做同样的事情,而不是每次都指引我到我的主页。
问题:如何在数据库中使用用户ID来在单个文件中读取它们的唯一配置文件数据? - 此外,我应该将哪些内容添加到register_config.php文件中以允许此操作?
<?php
//REQUIRING PASS API CONFIG
require 'password_config.php';
require 'connect.php';
//VARIABLES FOR POST DATA //OTHER VARIABLES
$email = $_POST['register_email'];
$username = $_POST['register_username']; $userlen = strlen($username);
$password = $_POST['register_password']; $passlen = strlen($password);
$submit = $_POST['register_submit']; $hash_password = password_hash($password,PASSWORD_BCRYPT);
$query = "SELECT email FROM users WHERE email = '$email'";
$query2 = mysql_query($query);
$num_rows_email = mysql_num_rows($query2);
$query3 = "SELECT username FROM users WHERE username = '$username'";
$query4 = mysql_query($query3);
$num_rows_username = mysql_num_rows($query4);
if(isset($submit))
{
$errors = array();
if( $password == $username )
{
$errors[] = '-Same Username and Pass. ';
}
elseif( $userlen < 8 )
{
$errors[] = '-Username must be atleast 8 characters. ';
}
elseif( $userlen > 32 )
{
$errors[] = '-Username must only contain 32 characters. ';
}
elseif( empty($username) || empty($password) || empty($email) )
{
$errors[] = '-Please do not leave fields empty. ';
}
elseif( $passlen < 8 )
{
$errors[] = '-Password must be atleast 8 characters. ';
}
elseif( $passlen > 32 )
{
$errors[] = '-Password must only contain 32 characters. ';
}
elseif( $num_rows_email != 0 )
{
$errors[] = 'Email already exists';
}
elseif( $num_rows_username != 0 )
{
$errors[] = 'Username already exists';
}
//IF THERE ARE NO ERRORS
if (count($errors) == 0)
{
session_start();
$_SESSION['username'] = $username;
$insertUser = "INSERT INTO users (email, username, password) VALUES ('$email','$username','$hash_password')";
mysql_query($insertUser);
//trying things I have found, but didnt work
$getUID = "SELECT id FROM users WHERE email = '$email'";
$results = mysql_query($getUID);
while($row = mysql_fetch_array($results)){
$uid = $row['id'];
if(!file_exists("user/$uid")){mkdir("user/$uid", 0755);}
}
mail($email,'Welcome','Welcome to the site');
header('Location: ../new_account.php');
exit();
}
}
?>
注意: - 我知道我没有清理发布数据。
PROFILE.PHP代码:
<?php
session_start();
require 'include/connect.php';
if(!$_SESSION['key']){die('no key');}
$sql = "SELECT * FROM users WHERE id = '$uid'";
$query = mysql_query($sql);
while($row = mysql_fetch_array($query)){
$user = $row['username'];
}
?>
<html>
<head>
<title>Profile</title>
<link href='css/main.css' rel='stylesheet' />
</head>
<body>
<div id='container'>
<?php require 'include/header.php'; ?>
<?= 'NJM ID # ==>'.$_SESSION['uid'].'<br />'.'Username ==>'.$user; ?>
<br />
<p>Try our beta mode<a href='forum/forum.php'> forum</a></p>
<br />
<p><a href='find_friends.php'>Find Friends</a></p>
<br />
<p><a href='index.php'>Home</a></p>
<?php require 'include/footer.php'; ?>
</div>
</div>
</body>
</html>
答案 0 :(得分:1)
您引用的网址部分称为@import "bootstrap";
参数。您可以通过GET在PHP中访问它们。
例如,您指定的网址包含$_GET参数,因此在PHP中,您可以使用id获取此值。
在您的情况下,如果您想通过其ID加载用户的信息,您可以从$_GET['id']获取值并将其分配给变量,例如$_GET['id']。
然后在数据库查询的$id子句中,您可以指定类似WHERE的内容来使用它。
此技术假设您有一个ID作为您可以在WHERE id = $id表中引用的主键或类似键。
请注意 users参数特别容易受到SQL注入的影响,因为很容易为它们提供值。您必须清理并验证所有输入。理想情况下,您可能希望使用PDO和预准备语句将任何输入绑定到查询中以防止SQL注入。