如何在php中查看其他用户配置文件?

时间:2016-03-27 17:14:20

标签: php mysql

因此,对于我的项目,我正在使用

查看主页 
$userID = $_SESSION['uid'];

显示我的帐户。现在我有一个搜索栏,根据用户输入的匹配情况显示数据库中的所有用户。现在我所困扰的是,在搜索框中输入名称后,登录用户如何查看其他用户配置文件。我已经看到了一种通过$ _GET这样做的方法,但我没有在这里得到整个图片。

我知道此前有类似的问题,但我的其他问题是如何获得已输入的确切用户,因为数据库中可能有两个同名用户。

这是我的搜索代码。

的index.php 

<script>
    $(document).ready(function(){
    $('input.typeahead').typeahead({
        name: 'typeahead',
        remote:'search_bootstrap.php?key=%QUERY',
        limit : 10
    });
});
</script>

<input type="text" style="width: 200px;" name="typeahead" class="typeahead tt-query" autocomplete="off" spellcheck="false" placeholder="Type a name">

search_bootstrap.php 

<?php
    $key=$_GET['key'];
    $array = array();
    $con=mysql_connect("host","username","password");
    $db=mysql_select_db("dbname",$con);
    $query=mysql_query("select * from users where first_name LIKE '%{$key}%'");
    while($row=mysql_fetch_assoc($query))
    {
      $array[] = $row['first_name'];
    }      

echo json_encode($array);
?>

2 个答案:

答案 0 :(得分:0)

我建议你用一个发送到show profile页面的表单标签来包装你的input元素:

<form method="post" action="./show_profile.php">
    <input type="text" style="width: 200px;" name="typeahead" class="typeahead tt-query" autocomplete="off" spellcheck="false" placeholder="Type a name">

    <input type="submit" value="Show Profile"/>
</form>

并在show_profile.php文件中执行您在输入时执行的反向查询:

$name = $_POST['typeahead'];

$host = "host";
$user = "user";
$psw = "psw";
$db_name = "dbname";

$sql = "SELECT * FROM USERS WHERE first_name = ?";

try
{
    $conn = new PDO("mysql:host=$host;dbname=$db_name", $user, $psw);

    $stmt = $conn->prepare($sql);
    $stmt->execute(array($name));
    $result = $stmt->fetchAll(PDO::FETCH_ASSOC);

    if(count($result) == 1)
    {
        $profile_info = $result[0];
        echo "Welcome to " . $profile_info['first_name'] . "'s personal profile page!";

        //echo others profile infos, example: echo "Age: " . $profile_info['first_name'];
    }

}
catch(PDOException $e)
{
    //HandleErrors
}

显然,只有在名称和用户之间存在1对1的对应关系时才能这样做。

例如,如果有两个用户称为Jhon,当用户输入时,您可以建议两者并让他选择。当他选择您重新执行相同的查询但返回所选用户的ID时,将其用作<input type="hidden" name="user_id">值。在我建议你的php文件中,你可以阅读另一个参数$user_id = $_POST['user_id'];并更改$sql = "SELECT * FROM USERS WHERE first_name = ? AND id = ?";中的查询。

结果:

$name = $_POST['typeahead'];
$user_id = $_POST['user_id'];

$host = "host";
$user = "user";
$psw = "psw";
$db_name = "dbname";

$sql = "SELECT * FROM USERS WHERE first_name = ? AND id = ?";

try
{
    $conn = new PDO("mysql:host=$host;dbname=$db_name", $user, $psw);

    $stmt = $conn->prepare($sql, $user_id);
    $stmt->execute(array($name));
    $result = $stmt->fetchAll(PDO::FETCH_ASSOC);

    if(count($result) == 1)
    {
        $profile_info = $result[0];
        echo "Welcome to " . $profile_info['first_name'] . "'s personal profile page!";

        //echo others profile infos, example: echo "Age: " . $profile_info['first_name'];
    }

}
catch(PDOException $e)
{
    //Handle Errors
}

关闭你的项目,你必须使用Javascript才能显示建议的(和查询的)名称,让用户选择,填充隐藏的输入值,用Ajax查询,..

干得好!

答案 1 :(得分:0)

首先我要说的是,我将(尝试)在一个答案中回答一堆问题,这可能是一个很大的答案。

  

“$ userID = $ _SESSION ['uid'];”

这只是一个注释,但在将任何内容存储在 $ _ SESSION 之前请务必记住。请确保仔细检查(甚至加密或转义)您要存储的信息以及您已存储的信息。

  

“在搜索框中输入名称后,登录用户如何查看其他用户个人资料”

说到“即时搜索”,AJAX是你最好的朋友 以下是使用jQuery库在JavaScript中进行“即时搜索”的一个小例子 我还为您编写了脚本,以便让我的代码更容易理解。

HTML:

<div class="search-box-container">
  <input type="text" class="search-box" placeholder="Search..." />
</div>
<div class="results-container">
  <!-- your results go here -->
</div>

JavaScript(使用jQuery):

(function(window, document, $, undefined) {
  $(".search-box").on("keyup", function() {
    // cache the "this" object
    var self = this,
      // this is the minimum length the search query can be
      minlen = 3,
      // cache the search query
      query = $(this).val(),
      // cache the results container
      container = $(".results-container");
    // make sure our query is at least the minimum length
    if (query.length >= minlen) {
      $.ajax({
        // the method we'll be using
        type: "POST",
        // this is the path to your PHP search script
        url: "./path/to/search.php",
        data: {
          // these are the parameters we'll be sending to PHP
          "query": query
        },
        // this is the type of response we'll be getting back (from PHP)
        dataType: "text",
        // "success" will execute when no errors happen and everything goes goed
        success: function(response) {
          // double check to make sure that we are searching using the correct query
          // also make sure that we actually have a query
          if (query == $(self).val() && query !== undefined || query !== null) {
            // overwrite the response in our container
            container.html(response);
          }
        },
        // "error" will occour when there is an error
        error: function() {
          container.html("Sorry failed to search.");
        }
      });
    }
  });
})(this, this.document, jQuery);

PHP:

# check to see if we have been given a query
if(!isset($_POST["query"])) {
  echo("No query recived.");
  exit();
}
# the name of the user the user was searching for
$name = $_POST["query"];
# the username and password of the database
$user = "root";
$pass = "root";
try {
  # connect to our database
  $connection = new PDO("mysql:host=127.0.0.1;dbname=yoursite_users", $user, $pass);
  # prepare and execute our query
  $query = $connection->prepare("SELECT * FROM USERS WHERE first_name = ?");
  $query->execute(array($name));
  # fetch our results
  $results = $query->fetchAll(PDO::FETCH_ASSOC);
  # make sure we have at least one result
  if(count($results) > 0) {
    # you can now use any profile
    # loop through each profile
    # or even just use the first like this:
    $profile = $results[0];
    echo("Your search for: <b>\"" . $name . "\"</b> returned: <b>\"" . count($results) . "\"</b> results.");
  }
} catch(PDOException $e) {
  # catch and handle errors here
  echo("Oops something went wrong :(");
}


  

“但是,有两个同名的用户,如何获取该特定用户的ID。”

您的用户应具有多个标识符,并且在创建用户时,请确保您分配新用户的ID尚未存在于数据库中。

当您的用户搜索时,您不应向他们显示他们自己的网页/用户的结果,您可以通过使用其ID,secure_id或page_id排除结果来执行此操作。

以下是用户条目的(简化)示例:

{
  "user_id": "12-bit-primary-identifier",
  "user_sid": "32-bit-secondary-identifier",
  "user_pid": "6-bit-page-identifier",
  "user_code": "encrypted-entry-code",
  "user_validated": "0",
  "user_name": "johnny_bravo",
  "user_full_name": "john smith",
  "user_first_name": "john",
  "user_last_name": "smith"
}

当您为每个用户提供多个标识符时,您仍然可以确认两个用户是否相同,您可以通过检查每个ID并排除您不希望从中获取信息的条目或修改

以下是另一个非常相似的用户条目的简化示例:

{
  "user_id": "12-bit-primary-identifier",
  "user_sid": "32-bit-secondary-identifier",
  "user_pid": "6-bit-page-identifier",
  "user_code": "encrypted-entry-code",
  "user_validated": "1",
  "user_name": "superman",
  "user_full_name": "john smith",
  "user_first_name": "john",
  "user_last_name": "smith"
}

现在,当您的用户搜索“john smith”时,您可以使用他的“user_id”(您可以使用$_SESSION["user_id"]获得)自动排除第一个“john smith”I.E“jhonny_bravo”

相关问题
最新问题