当某人登录时,只有他能看到他的个人资料。我怎样才能在PHP中向他展示他的数据?
<?php
include_once("connection.php");
if($_SESSION['id'])
{
$_SESSION = ['id'];
$result = mysqli_query($connection, "select * from `student` where
`id` = $_SESSION[id]");
$show=mysqli_fetch_assoc($result);
if($show)
{
echo "welcome [username]";
}
}
?>
答案 0 :(得分:0)
使用此代码。
if($_SESSION['id'])
{
$SESSION = $_SESSION['id'];
$result = mysqli_query($connection, "select * from `student` where
`id` = '$SESSION'");
$show=mysqli_fetch_assoc($result);
echo "welcome $show['username']";
}
最好在登录时将用户名设置为会话变量,就像设置用户ID一样。然后您将不需要从db获取值。你可以只显示会话中的名字。
$_session['username']
答案 1 :(得分:0)
are us setting the session data at some place if yes then get the session
data with the keys you have saved in session such as:
echo $_SESSION['username'];
echo $_SESSION['email'];
echo $_SESSION['gender'];
if you did not set the data at any place first set it in session super
global and then get it Example:
//set user data in session variable.
//get data from database or any other data source
// set in session
$ _ SESSION [&#39;用户名&#39;] = $ data [&#39;用户名&#39;];
答案 2 :(得分:0)
CREATE GLOBAL TEMPORARY TABLE my_temp_table (
id NUMBER
)
ON COMMIT DELETE ROWS;
-- multiple INSERT INTO
select * from temp where temp_id in (SELECT id FROM my_temp_table);
COMMIT;
答案 3 :(得分:0)
您需要删除此行:
$_SESSION = ['id'];
这样做,您将$_SESSION
变量覆盖为包含一个字符串的数组:'id'
。
首先,您需要在用户登录时用用户数据填充$_SESSION
变量。在您的登录页面中,您应该具有这样的内容:
if (... some condition that checks if the login and password are ok) {
$_SESSION['id'] = $userFromYourDatabase['id'];
$_SESSION['other_data'] = $userFromYourDatabase['other_field'];
}
然后在您要显示用户数据的页面中:
<?php
include_once("connection.php");
if($_SESSION['id'])
{
$result = mysqli_query($connection, "select * from `student` where
`id` = {$_SESSION['id']}"); // Use curly braces to access array members inside strings
$show = mysqli_fetch_assoc($result); // now $show is an array that holds the user data
if($show)
{
echo "welcome {$show['username']}";
}
}
?>
那是用最基本的解决方案来回答这个问题。 但是在SQL查询字符串中使用变量时要非常小心。这是一个$_SESSION
变量,唯一的风险是如果您在这些变量中手动放置了错误的代码(似乎很可能这样做)。或者,如果您从用户输入中设置了$_SESSION['id']
(如果您进行了$_SESSION['id'] = $_POST['something']
,那么在任何情况下都非常糟糕)。因此,以防万一,作为一种好的做法,请考虑使用准备好的语句,如此处说明的:https://www.w3schools.com/php/php_mysql_prepared_statements.asp