我有一个.htaccess文件替换了网址中的profile.php。例如,代替example.com/profile.php它变为example.com/JohnDoe123,它仍会显示用户的个人资料。如果您输入的用户名无效,则应收到一条消息,说明该用户不存在。经过多次尝试做到这一点,我仍然没有结果。我试着查找答案,以不同的方式提问,但没有找到正确答案(尽管每个人的努力都得到了极大的赞赏)。我终于写了这段代码,我希望得到一些反馈,看看它是否正确。虽然,我收到错误Call to undefined method mysqli::execute()。
try{
$validuser = false;
$dbhost = 'localhost';
$dbuser = 'root';
$dbpwd = '';
$dbname = 'db';
$con = new mysqli( $dbhost, $dbuser, $dbpwd, $dbname );
if( !empty( $_GET['username'] ) ){
$username = filter_input( INPUT_GET, 'username', FILTER_SANITIZE_STRING );
$sql='select * from users where username=?';
$stmt=$con->prepare( $sql );
if( $stmt ){
/* run the query to check username */
/* Bind parameters to the placeholders */
$stmt->bind_param( 's', $username );
/* execute */
$result = $con->execute();
if( $result ){
$stmt->store_result();
$stmt->fetch();
$rows = $stmt->num_rows;
$validuser = ( $rows == 1 ) ? true : false;
$stmt->free_result();
$stmt->close();
} else {
throw new Exception('Query failed');
}
} else {
throw new Exception('Failed to prepare sql statement');
}
}
if( $validuser ){
/* display user profile */
echo "<h1>User is real.</h1>";
} else {
/* display message - user not found etc */
echo "<h1>User is not real.</h1>";
}
编辑:.htaccess文件
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ profile.php?username=$1
答案 0 :(得分:0)
SELECT *, COUNT(ID) from users where username=?是您要查找的查询。
只需抓取COUNT(ID),然后查看是否有任何记录转向该特定用户名。
伪:
if (COUNT(ID)>0){
//show profile
} else {
//show error
}