Question

我正在创建一个朋友系统，当用户访问其他用户的个人资料时，他们会看到 ADD FRIEND 选项，当他们访问自己的个人资料时，他们可以看到其他内容，而不是 ADD FRIEND 选项，例如 TOTAL FRIENDS （或类似），当访客访问（未登录）时，他们也会以不同方式看到该页面。总而言之，我需要在一个页面上显示三个视图：

当人没有登录时
登录user != user_id
登录user == user_id

正如我现在所说，我设置脚本的方式出了问题。会议似乎没有在适当的情况下工作。

的header.php：

<?php 
include ( "./inc/connect.inc.php" ); 
session_start();
if (isset($_SESSION['user_login'])) {
    $user = $_SESSION['user_login'];
}
else {
    $user = "";
}
?>

profile.php：

<?php include ( "./inc/header.inc.php" ); 

if (isset($_GET['u'])) {
    $username = mysql_real_escape_string($_GET['u']);
    if (ctype_alnum($username)) {
        //check user exists
        $check = mysql_query("SELECT username, first_name FROM users WHERE username='$username'");
        if (mysql_num_rows($check)===1) {
            $get = mysql_fetch_assoc($check);
            $username = $get['username'];
            $firstname = $get['first_name'];  
        }
        else {
            echo "<meta http-equiv=\"refresh\" content=\"0; url=http://localhost/tutorials/index.php\">"; 
            exit();
        }
    }
}

$optionbox = "";

if (isset($_SESSION['user_login']) != $user){
    $optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
    <a href="#">Add friend</a>
    </div>';
}
else if (isset($_SESSION['user_login']) == $user){
    $optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">
    <a href="#">friend list</a>
    </div>';
}  
else {
    $optionbox = '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">

    </div';
}
?>

还尝试使用['u']代替user_login，前两种情况都显示在选项框中添加好友列表或好友列表。

Answer 1

有一些事情可以帮到你。我注意到了清晰度：

<?php
// Add connection here...(should be a PDO or mysqli_)
session_start();
// Add a simple true/false function to test for logged in
// Would be better included on this page rather than written (like connection)
function is_loggedin()
    {
        return (!empty($_SESSION['user_login']));
    }
// Make a function to test if the logged-in user is currently viewing own profile
// Would be better included on this page rather than written (like connection)
function is_profile($user = false)
    {
        if(!$user)
            return false;

        return (is_loggedin() && ($_SESSION['user_login'] == $user));
    }
// Presumably you would have profile.php?u=23432 or similar 
// If no user requested just assign false
$user   =   (!empty($_GET['u']) && ctype_alnum($_GET['u']))? $_GET['u'] : false;
// If the user is valid (not empty)
// Would be better included on this page if condition is met otherwise
// It just kind of loads extra lines for nothing
if($user != false) {
        // You should not be using mysql_ anymore, PDO or mysqli_ with prepared/bound statements
        $username   =   mysql_real_escape_string($user);
        //check user exists
        $check      =   mysql_query("SELECT username, first_name FROM users WHERE username='$username'");

        if (mysql_num_rows($check) === 1) {
                $get        =   mysql_fetch_assoc($check);
                $username   =   $get['username'];
                $firstname  =   $get['first_name'];  
            }
        else {
                echo "<meta http-equiv=\"refresh\" content=\"0; url=http://localhost/tutorials/index.php\">"; 
                exit;
            }
    }
// Just do one wrapper
$optionbox[]    =   '<div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;">';
// Check if a user is logged in
if(is_loggedin())
    // If the logged in user matches the $_GET user
    $optionbox[]    = (!is_profile($user))? '<a href="#">Add friend</a>' : '<a href="#">friend list</a>';
// If user is not logged in
else
    $optionbox[]    =   '<h3>You must be logged in to view stuff and things</h3>';
// Finish wrapper
$optionbox[]    =   '</div>';
// Write to page
echo implode(PHP_EOL,$optionbox);
?>

修改

自从最初发布以来，我对这个答案有一些赞成，我不想引用这里添加连接......（应该是PDO或mysqli_）这样的内容没有实际显示，所以这里有一点点改写与适当的连接等。 function.PDOConnect.php是填充数据库凭据的位置：

/classes/class.DBDriver.php

<?php // Have a general driver interface incase you need different database // connection interfaces (MSSQL, etc) interface DBDriver { public static function connect($user,$pass,$host,$dbname); }

/classes/class.Database.php

<?php // Create MySQL PDO Connection based on the DBDriver preferences class Database implements DBDriver { // This will store our connection for reuse private static $singleton; // This will store the connection options protected static $dbOpts; // This is the actual connecting to database public static function connect($user,$pass,$host,$dbname) { if(isset(self::$singleton)) return self::$singleton; if(!isset(self::$dbOpts)) self::SetDatabaseAttr(); try { self::$singleton = new PDO("mysql:host=$host;dbname=$dbname",$user,$pass, self::$dbOpts); self::$singleton->exec('SET NAMES "utf8"'); } catch(PDOException $e){ echo "unable to connect to server"; exit; } return self::$singleton; } // This sets the options for your database. public static function SetDatabaseAttr($value = false,$refresh = false) { if(!is_array($value) || empty($value)) { self::$dbOpts[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION; self::$dbOpts[PDO::ATTR_DEFAULT_FETCH_MODE] = PDO::FETCH_ASSOC; self::$dbOpts[PDO::ATTR_EMULATE_PREPARES] = false; } else { if(empty(self::$dbOpts) || $refresh) self::$dbOpts = array(); foreach($value as $DBKey => $DBValue) self::$dbOpts[$DBKey] = $DBValue; } return self::$dbOpts; } }

/classes/class.QueryEngine.php

<?php // This class can be expanded out to do a lot more than just fetch from the database class QueryEngine { protected $query; private static $singleton; // Create and Return instance of itself public function __construct() { if(!empty(self::$singleton)) self::$singleton = $this; return self::$singleton; } // Basic query method public function query($sql = false, $bind = false) { AutoloadFunction("PDOConnect"); $con = PDOConnect(); $this->query = $con->prepare($sql); if(!empty($bind)) { foreach($bind as $key => $val) { $bindVals[":{$key}"] = $val; } $this->query->execute($bindVals); } else $this->query->execute(); return $this; } // This function is what returns the array in conjunction with // the query method public function Fetch() { if($this->query) { while($row = $this->query->fetch(PDO::FETCH_ASSOC)) { $result[] = $row; } } return (!empty($result))? $result : 0; } }

/functions/function.AutoLoadClasses.php

<?php // This function is what is used to autoload classes on the fly // There is no need to include class files, so long as they are in the // /classes/ folder function AutoLoadClasses($className) { if(class_exists($className)) { return; } if(is_file(CLASSES_DIR."/class.".$className.'.php')) { include_once(CLASSES_DIR."/class.".$className.'.php'); } }

/functions/function.AutoloadFunction.php

<?php // This will attempt to load the required file to run a specified function // Similar to the autoloader for the classes, only this is required to be // manually called like: AutoloadFunction("myfunction"); before function use function AutoloadFunction($function = false,$loaddir = false) { if($function == false) return false; if(strpos($function,",")) $functions = explode(",",$function); $function_dir = ($loaddir != false && !is_array($loaddir))? $loaddir.'/function.': FUNCTIONS_DIR.'/function.'; if(!isset($functions)) { $functions[] = $function; } for($i = 0; $i < count($functions); $i++) { // Function name $addfunction = $functions[$i]; // See if function exists if(!function_exists($addfunction)) { $dir = $function_dir.$addfunction.'.php'; if(is_file($dir)) { include_once($dir); } } } }

/functions/function.PDOConnect.php

<?php // Just make a quick PDO function to return your PDO Connection // populate the arguements with your database credentials function PDOConnect($user = "username",$pass = "password",$host = "hostname",$data = "databasename") { return Database::connect($user,$pass,$host,$data); }

/functions/function.query_fetch.php

<?php // Here is a quick array fetching function using the query engine class function query_fetch($sql = false,$bind = false) { $qEngine = new QueryEngine(); return $qEngine ->query($sql,$bind) ->Fetch(); }

/functions/function.is_loggedin.php

<?php // Add a simple true/false function to test for logged in function is_loggedin() { return (!empty($_SESSION['username'])); }

/functions/function.is_profile.php

<?php // Make a function to test if the logged-in user is currently viewing own profile function is_profile($user = false) { if(!$user) return false; AutoloadFunction("is_loggedin"); return (is_loggedin() && ($_SESSION['username'] == $user)); }

/functions/function.get_profile.php

<?php // This will fetch the user based on a get variable function get_profile($username = false) { // Presumably you would have profile.php?u=23432 or similar // If no user requested just assign false $user = (!empty($_GET['u']) && ctype_alnum($_GET['u']))? $_GET['u'] : false; $array['username'] = false; $array['first_name'] = false; // If the user is valid (not empty) // Would be better included on this page if condition is met otherwise // It just kind of loads extra lines for nothing if($user != false) { AutoloadFunction("query_fetch"); //check user exists $get = query_fetch("SELECT `username`, `first_name`,`ID` FROM `users` WHERE `username` = :0",array($user)); if ($get != 0) { $array['username'] = $get[0]['username']; $array['ID'] = $get[0]['ID']; $array['first_name'] = $get[0]['first_name']; return ($username)? $array['username'] : $array; } else { header("location: http://localhost/tutorials/index.php"); exit; } } return $array; }

的config.php

<?php // Define some basic locational constants define("ROOT_DIR",__DIR__); define("CLASSES_DIR",ROOT_DIR."/classes"); define("FUNCTIONS_DIR",ROOT_DIR."/functions"); // Load up the functions autoloader include_once(FUNCTIONS_DIR."/function.AutoloadFunction.php"); // Load up the function for class autoloading AutoloadFunction("AutoLoadClasses"); // Apply the autoloader for classes spl_autoload_register('AutoLoadClasses');

profile.php

<?php session_start(); // Load all the settings to make things work. include(__DIR__."/config.php"); ?> <div style="border:#CCC 1px solid; padding:5px; background-color:#E4E4E4; color:#999; font-size:11px;"> <?php // Using the "AutoloadFunction" should save execution time because // it will only load functions it needs instead of loading all the functions // it could "potentially" need. AutoloadFunction("is_loggedin"); // Check if a user is logged in if(is_loggedin()) { AutoloadFunction("get_profile,is_profile"); // Fetch the profile of current user query $user = get_profile(); // If the logged in user matches the $_GET user echo (!is_profile($user['username']))? '<a href="?action=add&u='.$user['ID'].'">Add '.ucwords($user['first_name']).'</a>' : '<a href="#">friend list</a>'; } // If user is not logged in else { ?> <h3>You must be logged in to view stuff and things</h3> <?php } ?> </div>

如何在个人资料页面上显示不同的会话状态（访客视图与用户个人资料视图）

1 个答案: