Question

我有一个按钮＆＃34; 查看联系方式＆＃34;在一个页面中。点击后，它会调用＆＃34; contact_detail.php ＆＃34; （下面给出的代码）。

首先检查：

如果已登录用户发送的快速兴趣被接受正在检查其联系方式的用户。
如果是，则检查记录的查看联系人号码的数量在用户。

如果不接受明确的兴趣，则会出现错误＆＃34;该会员仅显示联系方式，如果您已经发送了他/她的明确利益，并且他/她已经接受了。如果您有兴趣，请发送给他/她明确的兴趣。＆＃34;

如果条件1为真，但如果已登录用户已查看超过3个联系号码，则会出错＃34;您可以在一天内只查看3个联系人＆＃34;

文件/功能完美运行。我只想在此

首先，检查用户是否是付费会员。如果是，则直接显示联系号码而不执行condition1。这意味着，显示以下内容以及条件2

<div class="modal-dialog yoyo-large">
.
.
.
<div>

如果用户不是付费会员，则在显示联系电话之前运行条件1和2。

要检查登录用户是否为付费会员，可以在＆{39; register＆＃39;表格和字段是＆＃39; status＆＃39;价值应该是＆＃39; Paid＆＃39; select * from register where matri_id='$from_id' and status is equal to Paid。

有人可以帮我解释语法吗？

谢谢！

<?php
require("../connect/report.php");
$mid=$_SESSION['mid'];
$from_id = isset($_REQUEST['toid']) ? $_REQUEST['toid']:0;   
$exp_sel=mysql_query("select * from register where matri_id='$from_id'");
$fet=mysql_fetch_array($exp_sel);                                    
$today=date('Y-m-d');                                                                           
$exp_sel=mysql_query("select * from expressinterest where ei_sender='$mid' and ei_receiver='$from_id' and receiver_response ='Accept'");
$num=mysql_num_rows($exp_sel);
if($num>0)
{
$cnt = "SELECT * FROM payments WHERE (pemail = '$mid' or pmatri_id='$mid')";
$cn = mysql_query($cnt);
$ncha = mysql_fetch_array($cn);
if($ncha['p_no_contacts']-$ncha['r_cnt']>0)
{
$ch_viewd=mysql_query("select count(id) as row from today_contact where who='$mid' and on_date='$today'");
$ch_fet=mysql_fetch_array($ch_viewd);
if($ch_fet['row']<3)
{
?>                      
<div class="modal-dialog yoyo-large">
  <div class="modal-content">
    <div class="modal-header">
      <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;
      </button>
      <h1 class="modal-title" id="myModalLabel" style="color:red;">Remaining Contacts (
        <?php echo ($ncha['p_no_contacts']-$ncha['r_cnt']);?>) 
      </h1>
    </div>
    <div class="modal-body">
      <div class="col-sm-12 form-group">
        <div class="col-sm-6" style="font-size:13px;">         
          <table class="table table-hover table-striped">
            <tr height="30">
              <td width="80">
                <strong>Matri ID : 
                </strong>
              </td> 
              <td> 
                <?php echo $fet['matri_id']; ?>
              </td>
            </tr>
            <tr height="30">
              <td>
                <strong>Name : 
                </strong>
              </td> 
              <td> 
                <?php echo $fet['username']; ?>
              </td>
            </tr>
            <tr height="30">
              <td>
                <strong>Address : 
                </strong> 
              </td> 
              <td> 
                <?php echo $fet['address']; ?>
              </td>
            </tr>
            <tr height="30">
              <td>
                <strong>Phone : 
                </strong> 
              </td> 
              <td> 
                <?php echo $fet['phone']; ?>
              </td>
            </tr>
            <tr height="30">
              <td>
                <strong>Mobile : 
                </strong> 
              </td> 
              <td> 
                <?php echo $fet['mobile']; ?>
              </td>
            </tr>
            <tr height="30">
              <td>
                <strong>Email : 
                </strong>
              </td> 
              <td> 
                <?php echo $fet['email']; ?>
              </td>
            </tr>
          </table>                               
        </div>
      </div>
      <?php       
$chk1=$ncha['r_cnt'];
$inc1=$chk1+1;
$upda="update payments SET r_cnt='$inc1' where  (pemail='$mid' or pmatri_id='$mid')"; 
$up=mysql_query($upda) or die(mysql_error());
$ex=mysql_query("select id from today_contact where who='$mid' and whose='$from_id'");
if(mysql_num_rows($ex)==0)
{                                   
mysql_query("insert into  today_contact (who,whose,on_date) values ('$mid','$from_id',now())");
}
else
{                                       
mysql_query("update  today_contact set on_date=now() where who='$mid' and whose='$from_id'");   
}
?>
    </div>
  </div>
</div>
<?php
}                                           
else
{
?>
<div class="modal-dialog">  
  <div class="modal-content">
    <div class="modal-header">
      <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;
      </button>
      <h1 class="modal-title" id="myModalLabel" style="color:red;">Today's limit is over
      </h1>
    </div>
    <div class="form-group">
      <div class="col-sm-12">
        <br>
        <br>
        <h3>&nbsp;&nbsp;You are allowed to view only 3 contacts in a day
        </h3>
        <br>
        <br>
      </div>
    </div>
  </div>
</div>
<?php
}
}
else
{
?>
<div class="modal-dialog">  
  <div class="modal-content">
    <div class="modal-header">
      <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;
      </button>
      <h1 class="modal-title" id="myModalLabel" style="color:red;">Membership Expired
      </h1>
    </div>
    <div class="form-group">
      <div class="col-sm-12">
        <br>
        <br>
        <h3>&nbsp;&nbsp;Buy a Premium Membership to contact him right away.
        </h3>
        <br>
        <br>
      </div>
    </div>
  </div>
</div>
<?php                                           
}
?>
<?php           
}
else
{
?>
<div class="modal-dialog">  
  <div class="modal-content">
    <div class="modal-header">
      <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;
      </button>
      <h1 class="modal-title" id="myModalLabel" style="color:red;">Express interest not accepted
      </h1>
    </div>
    <div class="form-group">
      <div class="col-sm-12">
        <br>
        <br>
        <h3>&nbsp;&nbsp;This member only shows contact details, if you have already sent him/her express interest,
          <br> &nbsp;&nbsp;and he/she has accepted it.
        </h3>
        <br>
        <br>
      </div>
      <div class="col-sm-12">
        <h3 style="color:red;">&nbsp;&nbsp;
          <a target="_blank" href="exp_interest.php?ei=<?php echo $from_id; ?>">Please send him/her express interest if you are interested.
          </a>
        </h3>
      </div>
    </div>
  </div>
</div>
<?php 
}

Answer 1

所以你要求查询检查用户是否是付费会员？

$paidMember = false;
$checkPaidMember = mysql_query("select * from register where matri_id='$from_id' AND status = 'Paid'");
if(mysql_num_rows($checkPaidMember) > 0){
    $paidMember = true;
}

只需将selectI与userId以及数据库所需的状态一起发送即可。如果数据库返回数据集，则会有一个用户具有您要求的ID和状态。

Trincot是对的，你不应该使用mysql_ *函数来处理你的安全漏洞。

这是你在找什么？

<?php
require("../connect/report.php");
$mid = $_SESSION['mid'];
$from_id = isset($_REQUEST['toid']) ? $_REQUEST['toid'] : 0;
$exp_sel = mysql_query("select * from register where matri_id='$from_id'");
$fet = mysql_fetch_array($exp_sel);
$today = date('Y-m-d');
$exp_sel = mysql_query("select * from expressinterest where ei_sender='$mid' and ei_receiver='$from_id' and receiver_response ='Accept'");
$num = mysql_num_rows($exp_sel);

$paidMember = false;
$checkPaidMember = mysql_query("select * from register where matri_id='$from_id' AND status = 'Paid'");
if(mysql_num_rows($checkPaidMember) > 0){
    $paidMember = true;
}

if ($num > 0 || $paidMember === true) { // added OR in this place for to bypass the first condition if it is a paid member
    $cnt = "SELECT * FROM payments WHERE (pemail = '$mid' or pmatri_id='$mid')";
    $cn = mysql_query($cnt);
    $ncha = mysql_fetch_array($cn);
    if ($ncha['p_no_contacts'] - $ncha['r_cnt'] > 0) {
        $ch_viewd = mysql_query("select count(id) as row from today_contact where who='$mid' and on_date='$today'");
        $ch_fet = mysql_fetch_array($ch_viewd);
        if ($ch_fet['row'] < 3 || $paidMember === true) { // added OR in this place to bypass the second condition if it is a paid member
            ?>                      
            <div class="modal-dialog yoyo-large">
                <div class="modal-content">

在显示数据库中的详细信息之前添加条件

1 个答案: