Question

我有这些表格，我想从新闻表中获取新闻，但是在用户登录后添加的新闻＆amp;他没有看到数据取决于PHP脚本中显示的查询。

用户登录系统时，他们会注册登录时间戳。一段时间后，服务向服务器询问该User_ID的新数据，如果新闻不在看到的表中且当前时间戳大于登录的时间戳，则检查看到的表，然后新闻是新的。

用户表

User_ID | User_Name   |User_Login
-------------------------------
1       | John        |2016-04-13 16:01:12
2       | Carl        |2016-04-13 16:13:22
3       | Tomas       |2016-04-13 16:01:01
4       | Adam        |2016-04-13 16:04:44
5       | Nancy       |2016-04-13 16:04:37

新闻表

News_ID | News_Text      | News_Post_TimeStamp          
----------------------------------------------
1       | Hello World    | 2016-04-13 16:09:23
2       | This is My car | 2016-04-13 16:10:24
3       | I had Ate pizza| 2016-04-13 16:11:40
4       | Leave Me Alone | 2016-04-13 16:15:30
5       | C++ Programming| 2016-04-13 16:09:50

见表

ID   | User_Id  | News_Id
---------------------------
1    |  1       | 2
2    |  1       | 3
3    |  4       | 1
4    |  5       | 3
5    |  1       | 4

更新这是我的PHP脚本代码：

 <?php

require('config.php');
$conn = mysqli_connect($servername, $username, $password, $db);
$query="SELECT * FROM news,users WHERE news.news_id NOT IN (SELECT news_id FROM seen WHERE user_id = '".$_GET['id']."') AND users.user_login<Now() ";


$result = mysqli_query($conn,$query);
$rows = array();
echo mysqli_error($conn);

while($row = mysqli_fetch_assoc($result)) {

    $rows[] = $row;
}

echo json_encode($rows);
?>

这是JSON格式：

 [{"News_id":"1","News_Text":"C++programming","news_post_timestamp":"2016-     04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"1","News_Text":"C++programming","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"2","News_Text":"Pizza","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"2","News_Text":"Pizza","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"3","News_Text":"Android","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"3","News_Text":"Android","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"4","News_Text":"Ahmad","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"4","News_Text":"Ahmad","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"5","News_Text":"Toto","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"5","News_Text":"Toto","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"6","News_Text":"JaVA","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"6","News_Text":"JaVA","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"7","News_Text":"Computer","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"7","News_Text":"Computer","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"8","News_Text":"Test","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"8","News_Text":"Test","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"9","News_Text":"Test","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"9","News_Text":"Test","news_post_timestamp":"2016-04-13 16:09:41","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"},{"News_id":"10","News_Text":"Al Hasasd","news_post_timestamp":"2016-04-13 16:47:44","User_Id":"14","User_Name":"John","user_login":"2016-04-13 16:04:37"},{"News_id":"10","News_Text":"Al Hasasd","news_post_timestamp":"2016-04-13 16:47:44","User_Id":"15","User_Name":"Carl","user_login":"2016-04-13 16:04:37"}]

结果中有重复项，如果有人可以告诉我如何删除副本？

Answer 1

你的SQL应该是这个（例如User_ID 1）

SELECT * 
FROM news n
WHERE news_id NOT IN (SELECT news_id FROM news_seen WHERE user_id = 1)
AND News_Post_TimeStamp > (SELECT User_Login FROM user_table WHERE User_ID = 1)

（相应地调整user_table）

但在执行此操作之前，您应该调整PHP代码，因为您正在执行的是SQL注入的邀请。

理想情况下，您应该使用parameterized queries。

但是，假设您的USER_ID是CHAR类型，就像您在查询中使用了引号一样，您可以使用我添加到代码中的这个简单sanitize函数让您的代码更安全一些。

<?php

require('config.php');
$conn = mysqli_connect($servername, $username, $password, $db);

$userid = sanitize($_GET['id']);
$query="SELECT * FROM news WHERE news_id NOT IN (SELECT news_id FROM news_seen WHERE user_id = '$userid') AND News_Post_TimeStamp > (SELECT User_Login FROM user_table WHERE User_ID = '$userid')";

$result = mysqli_query($conn,$query);
$rows = array();
echo mysqli_error($conn);

while($row = mysqli_fetch_assoc($result)) { 
    $rows[] = $row;
}

echo json_encode($rows);




function sanitize($data)
{
    // remove whitespaces (not a must though)
    $data = trim($data); 

    // apply stripslashes if magic_quotes_gpc is enabled
    if(get_magic_quotes_gpc()) 
    {
    $data = stripslashes($data); 
    }

    // a mySQL connection is required before using this function
    $data = mysql_real_escape_string($data);

    return $data;
}



?>

PHP中的TimeStamp查询和MySql UPDATED

1 个答案: