如何向发布评论的用户显示删除和编辑链接?就像在Facebook中一样,只有发布评论的人才可以编辑或删除评论。下面是我的“show comments”,“show delete”和“edit comment”PHP文件:
<?php
include_once("includes/settings.php");
connect();
$result=mysql_query("SELECT * FROM comments ORDER BY id DESC");
echo "<table width='80%' border=0>";
echo "<tr bgcolor='#CCCCCC'>";
echo "<td>Name</td>";
echo "<td>Comments</td>";;
echo "</tr>";
while($res=mysql_fetch_array($result)){
echo "<tr>";
echo "<td>".$res['Name']."</td>";
echo "<td>".$res['Comments']."</td>";
echo "<td><a href=\"edit_comment.php?id=$res[id]\">Edit</a> | <a href=\"includes/delete.php?id=$res[id]\">Delete</a></td>";
}
echo "</table>";
?>
以下是edit.php
<?php
error_reporting(0);
include_once("settings.php");
connect();
if(isset($_POST['submit'])) {
$id = $_POST['id'];
$Comments=$_POST['Comments'];
if(empty($Comments)) {
echo "<font color='red'>Comments field is empty.</font><br/>";
}
else {
$result=mysql_query("UPDATE comments SET Comments='$Comments' WHERE id=$id");
echo "Your comments has been edited you will be redirected to the members area page automatically or <a href='../index_ma.php'>click here to go back</a>";
header('refresh: 3; url=../index_ma.php');
}
}
?>
<?php
$id = $_GET['id'];
$result=mysql_query("select * from comments where id='$id'");
while($res=mysql_fetch_array($result))
{
$Comments = $res['Comments'];
}
?>
以下是delete.php
<?php
include_once("settings.php");
connect();
$id = $_GET['id'];
$result=mysql_query("DELETE FROM comments where id=$id");
echo "Your comments has been deleted you will be redirected to the members area page automatically or <a href='../index_ma.php'>click here to go back</a>";
header('refresh: 3; url=../index_ma.php');
?>
答案 0 :(得分:0)
这取决于您的数据库架构。我假设你有一个存储用户ID的列。有了这个,你会这样:
if ($CurrentUserId == $res['CommentatorId']) {
echo "<td><a href=\"edit_comment.php?id=$res[id]\">Edit</a> | <a href=\"includes/delete.php?id=$res[id]\">Delete</a></td>";
}
else {
echo "<td></td>";
}
您可以在第一个代码块中使用上面的块而不是echo "<td><a href=...行。
这就是你的块看起来的样子:
<?php
include_once("includes/settings.php");
connect();
$result=mysql_query("SELECT * FROM comments ORDER BY id DESC");
echo "<table width='80%' border=0>";
echo "<tr bgcolor='#CCCCCC'>";
echo "<td>Name</td>";
echo "<td>Comments</td>";;
echo "</tr>";
while($res=mysql_fetch_array($result)){
echo "<tr>";
echo "<td>".$res['Name']."</td>";
echo "<td>".$res['Comments']."</td>";
if ($CurrentUserId == $res['CommentatorId']) {
echo "<td><a href=\"edit_comment.php?id=$res[id]\">Edit</a> | <a href=\"includes/delete.php?id=$res[id]\">Delete</a></td>";
}
else {
echo "<td></td>";
}
}
echo "</table>";
?>
答案 1 :(得分:0)
我不确定你是否这样做 但是在你的评论表中你需要保存发表评论的用户的id,然后在edit.php中你需要检查登录用户的id是否等于试图编辑评论的人的id 如果是,则编辑,如果不是,则不允许他编辑它。
在下面的代码中,我假设您将用户的id保存在comments表中,作为user_id
$comment_id = intval($_GET['id']);
$result = mysql_query("SELECT user_id FROM Comments WHERE id = $comment_id");
$row = mysql_fetch_array($result);
if($row['user_id'] == $user_id) {
// Edit the comment
} else {
// Not permitted to edit the comment
}
我还注意到你还在使用被弃用的mysql所以我建议你开始使用mysqli,我也注意到你没有清理你的变量,这是非常错误的,可能导致你的数据库被注入。另外,在edit.php中,您在链接中发送了id,因此我在代码中编辑了$ _GET而不是$ _POST。
答案 2 :(得分:0)
仅当您的应用程序上有用户和登录系统时,此功能才适用。如果我们假设您的注释表中的字段名称是唯一的并且分配了编写注释的用户名(当然来自用户表),那么在成功登录期间,您必须在会话变量中设置此Name值,然后在打印注释时,您检查此会话值和注释的名称值,以打印出编辑和删除链接。
注意:此答案是algorithm的实施。