是否有可能获得会话用户"显示

时间:2014-11-03 12:00:40

标签: php mysql

您好,我试图让一位评论并登录其帐户的用户登录其姓名'当用户想要评论它时询问他们的姓名和评论时,显示他们评论当前的情况。是否可以显示他们的名字从会话中显示它来显示它?谢谢!

http://puu.sh/cByNU/697e58cdf6.jpg http://puu.sh/cByNU/697e58cdf6.jpg

在我登录的图像上,'测试'是否可以删除字段'名称'当他们发表评论时,它的名字会在搜索框中显示(测试)。

谢谢!

我的代码:

<?php
 session_start();
 include "../includes/config.php";
  include "function.php";
  include ('../includes/header.php'); 
?>

<!DOCTYPE HTML>

<html>
<head>
<title>Honda</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'>
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" />
<!--start lightbox -->
<link rel="stylesheet" type="text/css" href="../css/jquery.lightbox.css">
<script src="../js/jquery.min.js"></script>
<script src="../js/jquery.lightbox.js"></script>
<script>
  // Initiate Lightbox
  $(function() {
    $('.gallery1 a').lightbox(); 
  });
</script>

</head>
<body>
<!--start header-->
<div class="h_bg">
<div class="wrap">
<div class="wrapper">
<div class="header">
    <div class="logo">
         <a href="index.php"><img src="../images/logo.png"> </a>
    </div>
    <div class="cssmenu">
    <ul>
       <li><a href="index.php"><span>Home</span></a></li>
        <li><a href="about.php"><span>About</span></a></li>
       <li class="active" class="has-sub"><a href="service.php"><span>Gallery</span></a>
       </li>
       <li class="last"><a href="contact.php"><span>Contact</span></a></li>
     <div class="clear"></div>

     <form action="search.php" method="GET">
                     <div class="search">
                    <h2>search</h2>
            <form>

                <input type="text" name="query" placeholder="Enter Your search..." />
                <input type="submit" value="">
            </form>
        </div>
        </form>

                                 <div class="search1">


            <form action="" method="POST">
        <br>
 <h2>Welcome, <?=$_SESSION['sess_user'];?>!</h2><br><br>
                                <div class="pw">
                <a href="changepassword.php"><h3>Change details</h3></a>
                </div>

                <br><br>
 <h2><a href="logout.php">Logout</a></h2>
    </form> 
    </div>



    </div>
     </ul>
    </div>
    <div class="clear"></div>
</div>
</div>
</div>
</div>
<!-- start content -->
<div class="content_bg">
<div class="wrap">
<div class="wrapper">
    <div class="main">
<div class="ser-main">
        <h2 class="style">Gallery of honda</h2>
        <div class="ser-grid-list img_style">
        <div class="gallery1">
            <a href="../images/ser_pic1.jpg"><img src="../images/ser_pic1.jpg" alt=""></a>
        </div>
        </div>
        <div class="ser-grid-list img_style">
        <div class="gallery1">
            <a href="../images/ser_pic2.jpg"><img src="../images/ser_pic2.jpg" alt=""></a>
        </div>
        </div>
        <div class="ser-grid-list img_style">
        <div class="gallery1">
            <a href="../images/ser_pic3.jpg"><img src="../images/ser_pic3.jpg" alt=""></a>
        </div>
        </div>
        <div class="ser-grid-list img_style">
        <div class="gallery1">
            <a href="../images/ser_pic4.jpg"><img src="../images/ser_pic4.jpg" alt=""></a>
        </div>










        </div>
        <div class="clear"></div>
    </div>
</div>
</div>
</div>
<div class="footer_bg">
<div class="wrap">
<div class="wrapper">
    <div class="footer">

                <div class="search69">


        <?php

if(isset($_POST['submit'])  
    && !empty($_POST['name']) 
    && !empty($_POST['comment']) ){

$name=$_POST['name'];
$comment=$_POST['comment'];
$submit=$_POST['submit'];


$insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment') ");
echo "<meta HTTP-EQUIV='REFRESH' content='0; url=service.php'>";
}
else
{
echo "";
}
?>





        <form class="comments" action="service.php" method="POST">



<h2>Name: </h2><br><input type="text" name="name" required/><br><br>
<h2>Comment:</h2><textarea name="comment" rows="10" cols="50"  required></textarea><br><br><br>
<input type="submit" name="submit" value="Comment">

</form>



<?php


$getquery=mysql_query("SELECT * FROM comment ORDER BY id DESC");
while($rows=mysql_fetch_assoc($getquery))
{
$id=$rows['id'];
$date=$rows['date'];
$name=$rows['name'];
$comment=$rows['comment'];
echo '<h2><hr size="1"/><br><font color="green">' . $name .  '</font><h2><br/>' . '<br/>' . $comment .  '<br/><br><font color="red">' . $date. '</font><br/>' . '<hr size="1"/>'
;}



?>





</div>
        <div class="copy">
            <p class="w3-link">2014&nbsp;</p>
            <a href="terms.php">Privacy & Policy</a>



        </div>
                <div class="f_nav">
        <ul>
            <li><a href="#">Skype</a></li>
            <li><a href="#">Linked in</a></li>
            <li><a href="#">Twitter</a></li>
            <li><a href="#">Facebook</a></li>
        </ul>
        </div>
        <div class="clear"></div>
    </div>
</div>
</div>
</div>
</body>
</html>

(本页所有代码)

2 个答案:

答案 0 :(得分:1)

更新:

这里的家伙会杀了我,因为现在我只是编辑你的代码,而不是重写为mysqli或PDO,但正如我所看到的,你卡住了,所以我刚刚更新,因为我不想与之混淆那也是。我做了一些修改,检查我对此的评论。 (将插入块移动到文件顶部,添加错误消息,删除不必要的变量,将行变量重命名为行等等)。

<?php
session_start();
include "../includes/config.php";
include "function.php";
include ('../includes/header.php');

//Set an empty errorMsg because later we will check it.
$errorMsg = '';

//If everything is set, or the SESSION["sess_user"] not empty.
//I moved this whole thing here, because if there are no output, we can
//redirect user from PHP, and do not need to use META REFREHS...
if (isset($_POST['submit']) && !empty($_POST['comment']) && (!empty($_POST["name"]) || !empty($_SESSION["sess_user"]))) {
    if (!empty($_SESSION["sess_user"])) {
        $name = $_SESSION["sess_user"];
    } else {
        $name = $_POST["name"];
    }
    //$comment = $_POST['comment']; //Use $_POST["comment"] directly
    //$submit = $_POST['submit']; //Do not use it anywhere
    $insert = mysql_query("INSERT INTO comment (name,comment) VALUES ('" . mysql_real_escape_string($name) . "','" . mysql_real_escape_string($_POST["comment"]) . "')");
    Header("Location: service.php");
} else {
    $errorMsg = "You need to fill all the fields.";
}
?>
<!DOCTYPE HTML>
<html>
    <head>
        <title>Honda</title>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
        <link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'>
        <link href="../css/style.css" rel="stylesheet" type="text/css" media="all" />
        <!--start lightbox -->
        <link rel="stylesheet" type="text/css" href="../css/jquery.lightbox.css">
        <script src="../js/jquery.min.js"></script>
        <script src="../js/jquery.lightbox.js"></script>
        <script>
            // Initiate Lightbox
            $(function() {
                $('.gallery1 a').lightbox();
            });
        </script>
    </head>
    <body>
        <!--start header-->
        <div class="h_bg">
            <div class="wrap">
                <div class="wrapper">
                    <div class="header">
                        <div class="logo">
                            <a href="index.php"><img src="../images/logo.png"> </a>
                        </div>
                        <div class="cssmenu">
                            <ul>
                                <li><a href="index.php"><span>Home</span></a></li>
                                <li><a href="about.php"><span>About</span></a></li>
                                <li class="active" class="has-sub"><a href="service.php"><span>Gallery</span></a>
                                </li>
                                <li class="last"><a href="contact.php"><span>Contact</span></a></li>
                                <div class="clear"></div>

                                <form action="search.php" method="GET">
                                    <div class="search">
                                        <h2>search</h2>
                                        <form>

                                            <input type="text" name="query" placeholder="Enter Your search..." />
                                            <input type="submit" value="">
                                        </form>
                                    </div>
                                </form>
                                <div class="search1">
                                    <form action="" method="POST">
                                        <br>
                                        <h2>Welcome, <?= $_SESSION['sess_user']; ?>!</h2><br><br>
                                        <div class="pw">
                                            <a href="changepassword.php"><h3>Change details</h3></a>
                                        </div>
                                        <br><br>
                                        <h2><a href="logout.php">Logout</a></h2>
                                    </form> 
                                </div>
                        </div>
                        </ul>
                    </div>
                    <div class="clear"></div>
                </div>
            </div>
        </div>
    </div>
    <!-- start content -->
    <div class="content_bg">
        <div class="wrap">
            <div class="wrapper">
                <div class="main">
                    <div class="ser-main">
                        <h2 class="style">Gallery of honda</h2>
                        <div class="ser-grid-list img_style">
                            <div class="gallery1">
                                <a href="../images/ser_pic1.jpg"><img src="../images/ser_pic1.jpg" alt=""></a>
                            </div>
                        </div>
                        <div class="ser-grid-list img_style">
                            <div class="gallery1">
                                <a href="../images/ser_pic2.jpg"><img src="../images/ser_pic2.jpg" alt=""></a>
                            </div>
                        </div>
                        <div class="ser-grid-list img_style">
                            <div class="gallery1">
                                <a href="../images/ser_pic3.jpg"><img src="../images/ser_pic3.jpg" alt=""></a>
                            </div>
                        </div>
                        <div class="ser-grid-list img_style">
                            <div class="gallery1">
                                <a href="../images/ser_pic4.jpg"><img src="../images/ser_pic4.jpg" alt=""></a>
                            </div>
                        </div>
                        <div class="clear"></div>
                    </div>
                </div>
            </div>
        </div>
        <div class="footer_bg">
            <div class="wrap">
                <div class="wrapper">
                    <div class="footer">
                        <div class="search69">
                            <?php
                            //Added here the errorMsg
                            if (!empty($errorMsg)) {
                                ?>
                                <div class="error"><?php echo $errorMsg; ?></div>
                                <?php
                            }
                            ?>
                            <form class="comments" action="service.php" method="POST">
                                <?php
                                if (!empty($_SESSION['sess_user'])) {
                                    //If user logged in, use the name of it
                                    ?>
                                    <h2>Name: </h2><br><?php echo $_SESSION['sess_user']; ?>
                                    <br><br>
                                    <?php
                                } else {
                                    //Else, ask it
                                    ?>
                                    <h2>Name: </h2><br><input type="text" name="name" required/><br><br>
                                    <?php
                                }
                                ?>

                                <h2>Comment:</h2><textarea name="comment" rows="10" cols="50"  required></textarea><br><br><br>
                                <input type="submit" name="submit" value="Comment">
                            </form>

                            <?php
                            $getquery = mysql_query("SELECT * FROM comment ORDER BY id DESC");
                            //This is one row, not rows
                            while ($row = mysql_fetch_assoc($getquery)) {
                                /*
                                 * These are not necessary
                                $id = $rows['id'];
                                $date = $rows['date'];
                                $name = $rows['name'];
                                $comment = $rows['comment'];
                                 */
                                echo '<h2><hr size="1"/><br><font color="green">' . $row['name'] . '</font><h2><br/>' . '<br/>' . $row['comment'] . '<br/><br><font color="red">' . $row['date'] . '</font><br/>' . '<hr size="1"/>'
                                ;
                            }
                            ?>

                        </div>
                        <div class="copy">
                            <p class="w3-link">2014&nbsp;</p>
                            <a href="terms.php">Privacy & Policy</a>
                        </div>
                        <div class="f_nav">
                            <ul>
                                <li><a href="#">Skype</a></li>
                                <li><a href="#">Linked in</a></li>
                                <li><a href="#">Twitter</a></li>
                                <li><a href="#">Facebook</a></li>
                            </ul>
                        </div>
                        <div class="clear"></div>
                    </div>
                </div>
            </div>
        </div>
</body>
</html>

注意:不要使用mysql函数,因为它们已被弃用。改为使用mysqli或PDO函数。

Acoid for sql injections,所以逃避你的数据吧!

答案 1 :(得分:0)

如果我搞定了,您希望表单自动获取已登录用户的名称。你应该:

<?php $username = isset($_SESSION['sess_user']) ? $_SESSION['sess_user'] : "";?>

存储用户名或&#34;&#34;到$ username,取决于用户是否已经过身份验证。然后在表单中的输入行中:

<h2>Name: </h2><br><input type="text" name="name" value="<?php echo $username; ?>" required/><br><br>