我在PHP中创建了一个私人消息系统。 它有点工作,写,发,读和回复工作。
但有一个问题。如果我按下我要在我的收件箱或发件箱中阅读的特定邮件,(剂量问题),我的页面应该只显示我按下的特定邮件,显示该收件箱/发件箱中的所有邮件。它在我的页面上看起来像这样 - >
来自:testing@l.seSubject:hello消息:测试此..来自:testing@l.se 主题:你好消息:test来自:testing@l.seSubject:hej消息:skicka :回复
正如大家所能看到的那样,它的所有消息都是连续的。编辑:属于正确用户的消息。所以它不是属于不同用户的消息。
我的消息的SQL是
AccountID FolderID EffectiveDate VersionNumber
331 4239 2014-01-01 00:00:00.000 1.0
331 4239 2014-02-01 00:00:00.000 2.0
331 4239 2014-07-01 00:00:00.000 3.0
331 4239 2015-01-01 00:00:00.000 1.0
331 4239 2015-03-01 00:00:00.000 2.0
331 4239 2016-01-01 00:00:00.000 1.0
331 4239 2016-07-01 00:00:00.000 2.0
331 4239 2016-09-01 00:00:00.000 3.0
331 4239 2016-09-01 00:00:00.000 4.0
331 4239 2016-09-01 00:00:00.000 5.0
331 4239 2017-01-01 00:00:00.000 1.0
331 4239 2017-01-01 00:00:00.000 2.0
331 4239 2017-01-01 00:00:00.000 4.0
331 4239 2017-07-01 00:00:00.000 3.0
我很确定我的错误应该在
中的某处id int(11) AI PK
from_user varchar(45)
to_user varchar(45)
subject varchar(400)
message text
date date
read tinyint(4)
如果somone感觉到那里,我也会粘贴收件箱和发件箱。
<?php
$user = $_SESSION['username'];
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";
$stmt = $dbh->prepare($sql);
$stmt->execute();
?>
<?php
if ($stmt->rowCount() > 0){
echo "<table";
echo "<tr>";
while ($rows = $stmt->fetch(PDO::FETCH_ASSOC)){
$id = $rows['id'];
$to_user = $rows['to_user'];
echo "<td>";
?>
<?php
echo "<td>From:";
echo "</td>";
echo "<td>";
echo "".$from = $rows['from_user']."";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "Subject:";
echo "<td>";
echo "<td>";
echo "".$subject = $rows['subject']."";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "Message:";
echo "<td>";
echo "".$message = $rows['message']."";
echo "</td>";
echo "</tr>";
}
echo "<tr>";
echo "<td colspan='2'><a href='messages.php?
id=compose&mid=$id&subject=RE:$subject&to=$from'>Reply Message</a>
</td>";
echo "</tr>";
echo "</table>";
if ($to_user==$user) {
$stmt = $dbh->prepare("UPDATE `private_messages` SET `read`=1 WHERE
`id`=id");
$a = 1;
$stmt->bindParam(':1',$a);
$stmt->bindParam(':id',$id);
}
} else {
echo "You cant see the conversation..";
}
?>
最后我的
<?php
$user = $_SESSION[ 'username' ];
$sql = "SELECT * FROM private_messages WHERE from_user = '$user'";
$stmt = $dbh->prepare( $sql );
$stmt->execute();
?>
<?php
if ( $stmt->rowCount() > 0 ) {
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
echo "<table>";
echo "<tr>";
echo "<td> ";
echo "</td>";
echo "<td>to: </td>";
echo "<td>subject: </td>";
echo "<td>Date: </td>";
echo "</tr>";
while ( $rows = $stmt->fetch( PDO::FETCH_ASSOC ) ) {
$id = $rows[ 'id' ];
?>
<?php
echo "<tr>";
echo "<td> </td>";
echo "<td>" . $from = $rows[ 'to_user' ] . "</td>";
echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject = $rows[
'subject' ] . "</a></td>";
echo "<td>" . $date = $rows[ 'date' ] . "</td>";
echo "<tr>";
}
}
else {
echo "<table> <tr align='left'> <td> </td> <td>to_user: </td><td>
Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not send a
message </th></tr></table>";
}
echo "</table>";
?>
</body>
</html>
这里有很多代码,对不起。
/最好的问候罗伯特
答案 0 :(得分:1)
您的read.inc.php中有以下内容,它会抓取给定用户的所有消息:
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";`
要仅收到您在收件箱中点击的邮件,您应该使用如下查询:
$sql = "SELECT * FROM private_messages WHERE to_user = '$user' AND id = $mid LIMIT 1";
(其中$mid是您在查询字符串中从$_GET['mid']获得的变量。)
然后你不需要循环,因为你只获取一行。
请注意,在查询中使用这样的变量(特别是通过查询字符串传输时)非常糟糕,可能/将导致SQL注入攻击。像在inbox.inc.php中一样使用绑定变量(使用bindParam / bindVariable或执行)!