我有一个登录脚本(从互联网上下载),我已经适应了我的数据库。 i但是从登录到我系统中的页面的链接与登录用户的详细信息有关。
登录系统所基于的用户表具有以下字段
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(18) NOT NULL,
`first_name` varchar(32) NOT NULL,
`last_name` varchar(32) NOT NULL,
`gender` varchar(15) NOT NULL DEFAULT 'undisclosed',
`bio` text NOT NULL,
`image_location` varchar(125) NOT NULL DEFAULT 'avatars/default_avatar.png',
`password` varchar(512) NOT NULL,
`email` varchar(1024) NOT NULL,
`email_code` varchar(100) NOT NULL,
`time` int(11) NOT NULL,
`confirmed` int(11) NOT NULL DEFAULT '0',
`generated_string` varchar(35) NOT NULL DEFAULT '0',
`ip` varchar(32) NOT NULL,
`EmployeeID` int(11) DEFAULT '0',
PRIMARY KEY (`id`)
保存用户详细信息的表包含以下字段
CREATE TABLE IF NOT EXISTS `chidren` (
`ChildID` int(11) NOT NULL AUTO_INCREMENT,
`EmployeeID` int(11) DEFAULT '0',
`ChildName` varchar(50) DEFAULT NULL,
`DateOfBirth` datetime DEFAULT NULL,
`Mother` varchar(50) DEFAULT NULL,
`Comment` longtext,
`Clerk` varchar(50) DEFAULT NULL,
`Picture` longblob,
`Pic` longblob,
PRIMARY KEY (`ChildID`),
KEY `ChildID` (`ChildID`),
KEY `EmployeeID` (`EmployeeID`)
您可以注意到,使用EmployeeID字段连接了两个表。
用户将从中导入到他/她的页面的登录脚本是
<?php
require 'core/init.php';
$general->logged_in_protect();
if (empty($_POST) === false) {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if (empty($username) === true || empty($password) === true) {
$errors[] = 'Sorry, but we need your username and password.';
} else if ($users->user_exists($username) === false) {
$errors[] = 'Sorry that username doesn\'t exists.';
} else if ($users->email_confirmed($username) === false) {
$errors[] = 'Sorry, but you need to activate your account.
Please check your email.';
} else {
if (strlen($password) > 18) {
$errors[] = 'The password should be less than 18 characters, without spacing.';
}
$login = $users->login($username, $password);
if ($login === false) {
$errors[] = 'Sorry, that username/password is invalid';
}else {
session_regenerate_id(true);// destroying the old session id and creating a new one
$_SESSION['id'] = $login;
header('Location: home.php');
exit();
}
}
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="css/style.css" >
<title>Login</title>
</head>
<body>
<div id="container">
<?php include 'includes/menu.php'; ?>
<h1>Login</h1>
<?php
if(empty($errors) === false){
echo '<p>' . implode('</p><p>', $errors) . '</p>';
}
?>
<form method="post" action="">
<h4>Username:</h4>
<input type="text" name="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" />
<h4>Password:</h4>
<input type="password" name="password" />
<br>
<input type="submit" name="submit" />
</form>
<br>
<a href="confirm-recover.php">Forgot your username/password?</a>
</div>
</body>
</html>
登录脚本附带的主页是这样的(我已将其包括在内以防万一它有助于解决我的问题)
<?php
require 'core/init.php';
$general->logged_out_protect();
$username = htmlentities($user['username']); // storing the user's username after clearning for any html tags.
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="css/style.css" >
<title>Home</title>
</head>
<body>
<div id="container">
<?php include 'includes/menu.php'; ?>
<h1>Hello <?php echo $username, '!'; ?></h1>
</div>
</body>
</html>
这是我的页面,遗憾的是失败了。
<html>
<head>
<link rel="stylesheet" type="text/css" href="mystyle.css" />
<title></title>
</head>
<body>
<?php
require 'core/init.php';
$general->logged_out_protect();
// query db and get date only for the user that logged in. Used GROUP BY because one employee will have more than one child
$EmployeeID = $_GET['EmployeeID'];
$result = mysql_query("SELECT * FROM children WHERE EmployeeID=$EmployeeID
GROUP BY holder.EmployeeID")
or die(mysql_error());
// display data in table
echo "<table border='1' cellpadding='10'>";
echo "<tr> <th>Child Name</th> <th>Mother</th> <th>Date of Birth</th> ";
while($row = mysql_fetch_array( $result )) {
// echo out the contents of each row into a table
echo "<tr>";
//echo '<td>' . $row['EmployeeID'] . '</td>';
echo '<td>' . $row['ChildName'] . '</td>';
echo '<td>' . $row['Mother'] . '</td>';
echo '<td>' . $row['DateOfBirth'] . '</td>';
//the following two fields link to files exactly the same as this one. Again the linking is by EmployeeID
echo '<td><a href="arm/spouse.php?EmployeeID=' . $row['EmployeeID'] . '">SPOUSE DETAILS</a></td>';
echo '<td><a href="arm/employeedatails.php?EmployeeID=' . $row['EmployeeID'] . '">WORK DETAILS</a></td>';
echo "</tr>";
}
// close table>
echo "</table>";
?>
<p>Click on any of the above to see your other details</p>
</body>
</html>
我的问题是我无法正确编写页面代码,因此它只能绘制有关已登录用户的数据。事实上,在我的所有尝试中,页面只是给我错误,下面是代码我尝试了该页面,我使用了GET功能,以便页面只显示有关特定用户的数据。
在你说之前,是的,我在我的页面中没有使用过mysqli(这会是错误的原因吗?)但是后来我对mysqli完全是绿色的,只是一个带有mysql的begginer。但我很感激,如果帮助将在mysqli,因为我发现它更安全。 我是从MSACCESS迁移的人(我只需要迁移到我的程序在网上)。
答案 0 :(得分:0)
最后我明白了 $ query =“SELECT * FROM children WHERE EmployeeID =:employeeID;”; //构造查询,使其接受准备好的变量。 $ statement = $ db-&gt; prepare($ query); //准备查询。 $ statement-&gt; execute(array(':employeeID'=&gt; $ EmployeeID)); //这就是我想要的它将用户连接到他的数据 $陈述式&GT;调用setFetchMode(PDO :: FETCH_ASSOC); //设置获取模式。
while ($row = $statement->fetch())
{
$ChildName = $row['ChildName'];
$Mother = $row['Mother'];
$DateOfBirth = $row['DateOfBirth'];
echo "Child Name: $ChildName";
echo "<br />Mother: $Mother";
echo "<br />Date of Birth: $DateOfBirth";
}