我正在建立一个论坛系统来加强我的PHP并为我所拥有的社区建立一个网站。我不知道如何检查我选择的子类别是否在指定的类别中,例如我们有localhost/forum/sub_category.php?cat=1&sub_cat=1我想知道的是弄清楚用户是否尝试将类别ID设置为3并且sub_category为4,sub_category id不存在。如何使用$ _GET检查,然后向用户显示一条消息,指出指定的子类别不存在。这是我的代码:
<?php
include '../inc/dbc.php';
include '../inc/functions.php'
?>
<?php
if(isset($_GET['user']) && !empty($_GET['user'])) {
$username = $_GET['user'];
} else {
$username = $_SESSION['username'];
}
$my_name = $_SESSION['username'];
$firstname = getuser($username, 'firstname');
$lastname = getuser($username, 'lastname');
?>
<!DOCTYPE html>
<html>
<head>
<title>EWC Forums</title>
<link rel="stylesheet" type="text/css" href="css/index.css">
</head>
<body>
<?php include 'header.php';?>
<div class='main'>
<div class='body'>
<div class='left'>
<?php
if (isset($_GET['cat']) && isset($_GET['sub_cat'])) {
$cat_query = mysqli_query($mysqli, "SELECT * FROM categories Where");// this is not done yet
} else if ($_GET['sub_cat'] == 0) {
$msg = 'That Sub Category Was Not Found In Our Database';
} else {
?>
<div class='message'><?php echo $msg;?></div>
<?php
}
?>
</div>
<div class='right'>
</div>
<div class='clear'></div>
</div>
</div>
</body>
</html>
这是显示类别和sub_categories的主页面:
<?php
include '../inc/dbc.php';
include '../inc/functions.php'
?>
<?php
if(isset($_GET['user']) && !empty($_GET['user'])) {
$username = $_GET['user'];
} else {
$username = $_SESSION['username'];
}
$my_name = $_SESSION['username'];
$firstname = getuser($username, 'firstname');
$lastname = getuser($username, 'lastname');
?>
<!DOCTYPE html>
<html>
<head>
<title>EWC Forums</title>
<link rel="stylesheet" type="text/css" href="css/index.css">
</head>
<body>
<?php include 'header.php';?>
<div class='main'>
<div class='body'>
<?php
if(loggedIn() == false) {
?>
<div class='mbli'>You Are Not Logged In Right Now. Click Here To <a href="login.php">Login</a></div><br>
<?php
}
?>
<div class='forum'>
<div class='tools'>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM users WHERE rank = 'Administrator' ");
$res = mysqli_num_rows($sql);
if ($sql == 1) {
?>
<div class='forummenu'>
<a href="create_category.php"><i class=''></i> New Category</a>
<a href="create_subcategory.php"><i class=''></i> New Sub Category</a>
</div>
<?php
}
?>
</div>
<?php
$check_forum = mysqli_query($mysqli, "SELECT * FROM categories");
while ($run = mysqli_fetch_array($check_forum)) {
$cat_id = $run['cat_id'];
$creator = $run['creator'];
$cat_name = $run['name'];
$create_date = $run['create_date'];
$activated = $run['activated'];
?>
<div class='cat'>
<style type="text/css">
.tg {border-collapse:collapse;border-spacing:0;}
.tg td{font-family:Arial, sans-serif;font-size:14px;border-style:solid;border-width:1px;overflow:hidden;word-break:normal;}
.tg th{font-family:Arial, sans-serif;font-size:14px;font-weight:normal;border-style:solid;border-width:1px;overflow:hidden;}
.tg .tg-7ht0{background-color:#f07075;color:#ffffff}
</style>
<table>
<tr class="cat_head">
<th class="tg-7ht0"><b><?php echo $cat_name;?></b><i><?php echo $create_date;?></i></th>
<th class="tg-7ht0">Threads</th>
<th class="tg-7ht0">Posts</th>
<th class="tg-7ht0">Latest Posts</th>
</tr>
<?php
$check_subcat = mysqli_query($mysqli, "SELECT * FROM subcategories WHERE cat_id= '$cat_id' ");
while ($run_sub = mysqli_fetch_array($check_subcat)) {
$sub_cat_id = $run_sub['sub_cat_id'];
$creator_subcat = $run_sub['creator'];
$name_sub = $run_sub['name'];
$sub_desc = $run_sub['sub_desc'];
$create_date_sub = $run_sub['create_date'];
?>
<tr class='sub_cat'>
<td class="tg-7ht0"><div class='sub_img'><img src="http://minotar.net/helm/<?php echo $creator_subcat;?>/32"></div><div class='sub_body'><a href='sub_category.php?cat=<?php echo $cat_id;?>&sub_cat=<?php echo $name_sub;?>'><div class='sub_tit'><b><?php echo $name_sub; ?></b><div class='desc'><?php echo $sub_desc;?></div></div></a><i class='date'><?php echo $create_date_sub; ?></i></div></td>
<td class="tg-7ht0">0</td>
<td class="tg-7ht0">0</td>
<td class="tg-7ht0">Nub picture</td>
</tr>
<?php
}
?>
<div class='clear'></div>
</table>
</div>
<?php
}
?>
</div>
</div>
</div>
</body>
</html>
此外,如果有另一种方法可以做到这一点,请提出建议,但我确实更喜欢这个。如果您需要更多代码,请询问。
答案 0 :(得分:1)
试试这个:
编辑:在评论中使用子类别截图:
<?php
if (isset($_GET['cat']) && isset($_GET['sub_cat'])) {
$cat_query = mysqli_query($mysqli, "SELECT * FROM SubCategoryTableName WHERE sub_cat_id='".$_GET['sub_cat']."' AND cat_id ='".$_GET['cat']."'");// this is not done yet
// Check if number of ROWS are zero/sub category notfound! .
if(mysqli_num_rows($cat_query)) == 0)
{
// show error and die
die('The requested sub/category not found.');
}
} else if ($_GET['sub_cat'] == 0) {
$msg = 'That Sub Category Was Not Found In Our Database';
} else {
?>
请注意此代码有效,但始终必须保护用户请求的输入。
答案 1 :(得分:0)
我不知道您的身份是否会自动进一步提升,否则您只需查看一下检查声明,看看猫和子猫是否是正确的数字而不是太高或太低。
如果您确实依赖于您的数据库,那么您可以询问查询是否存在或要求它在数据库中提供最新的ID,然后使用它来检查您的ID是否低于该值。
我希望我在这里正确理解你的问题。别忘了验证您的GET请求btw;)
答案 2 :(得分:0)
感谢所有的帮助,因为你们我想到了如何解决这个问题,它可能不是正确的方法,但它很接近。这是我的代码:
<?php
include '../inc/dbc.php';
include '../inc/functions.php'
?>
<?php
if(isset($_GET['user']) && !empty($_GET['user'])) {
$username = $_GET['user'];
} else {
$username = $_SESSION['username'];
}
$my_name = $_SESSION['username'];
$firstname = getuser($username, 'firstname');
$lastname = getuser($username, 'lastname');
?>
<!DOCTYPE html>
<html>
<head>
<title>EWC Forums</title>
<link rel="stylesheet" type="text/css" href="css/index.css">
</head>
<body>
<?php include 'header.php';?>
<div class='main'>
<div class='body'>
<?php
if(isset($_GET['cat']) && isset($_GET['sub_cat'])) {
$sub = $_GET['sub_cat'];
$cat = $_GET['cat'];
$sql = mysqli_query($mysqli, "SELECT * FROM subcategories WHERE sub_cat_id = '$sub' AND cat_id = '$cat' ");
if (!$sql) {
$msg = 'Sorry We Kept Looking, But We Found Nothing ;-;';
} else {
if (mysqli_num_rows($sql) == 0) {
$msg = 'Ask An Admin';
} else {
?>
<?php
while ($row = mysqli_fetch_array($sql)) {
?>
<div class='cat'>
<style type="text/css">
.tg {border-collapse:collapse;border-spacing:0;}
.tg td{font-family:Arial, sans-serif;font-size:14px;border-style:solid;border-width:1px;overflow:hidden;word-break:normal;}
.tg th{font-family:Arial, sans-serif;font-size:14px;font-weight:normal;border-style:solid;border-width:1px;overflow:hidden;}
.tg .tg-7ht0{background-color:#f07075;color:#ffffff}
</style>
<table>
<tr class="cat_head">
<th class="tg-7ht0"><b><?php echo $row['name'];?></b><i><?php echo $row['create_date'];?></i></th>
<th class="tg-7ht0">Views</th>
<th class="tg-7ht0">Replies</th>
<th class="tg-7ht0">Latest Posts</th>
</tr>
<?php
$thread_query = mysqli_query($mysqli, "SELECT * FROM threads WHERE sub_cat_id = $sub ");
while ($run = mysqli_fetch_array($thread_query)) {
$thread_id = $run['thread'];
$thread_author = $run['creator'];
$thread_title = $run['name'];
$thread_date = $run['create_date'];
?>
<tr class='sub_cat'>
<td class="tg-7ht0"><div class='sub_img'><img src="http://minotar.net/helm/<?php echo $thread_author; ?>/32"></div><div class='sub_body'><a href=''><b><?php echo $thread_title; ?></b></a > created by <a href='profile.php?user=<?php echo $thread_author;?>'><?php echo $thread_author;?></a> at <?php echo $thread_date; ?></div></td>
<td class="tg-7ht0">0</td>
<td class="tg-7ht0">0</td>
<td class="tg-7ht0">Nub picture</td>
</tr>
<?php
}
}
?>
<div class='clear'></div>
</table>
</div>
<?php
}
}
} else {
?>
<div class='message'><?php echo $msg; ?></div>
<?php
}
?>
<div class='clear'></div>
</div>
</div>
</body>
</html>