Question

修改
谢谢！我做了改变，现在正确插入数据。我知道这很简单...我猜的编码时间很长回去工作，关闭创建回复功能....
再次感谢！

我最近更改了我的代码，允许用户在我正在开发的网站上发表评论和回复，以帮助改进我的编码。我在Youtube上关注了我的评论教程，我很难将我创建的用户登录系统与评论数据库连接起来。如果有人能给我一个正确方向的推动，我将非常感激。（我已经调试了好几个小时......我觉得它是超级简单或明显的东西，我需要另一双眼睛来指出问题所在）

问题：我可以在我的网页上发表评论，它会将评论和日期插入数据库。 uid未保存在数据库中。该网站不会输出结果/评论。

＆＃13;

///in the index to display comments

    <?php
echo "<form method='POST' action='".setComments($conn)."'>
	<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
	<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
		<textarea name='message'></textarea><br>
	<button type='submit' name='commentSubmit'>Comment</button>
	</form>";
    
    getComments($conn);
?>

＆＃13;

comments.php

<?php
function setComments($conn) {
	if (isset($_POST['commentSubmit'])) {
    	$uid = $_POST['uid'];
        $date = $_POST['date'];
        $message = $_POST['message'];
        
        $sql = "INSERT INTO thecomments (uid, date, message) VALUES ('$uid', '$date', '$message')";
        $result = mysqli_query($conn, $sql);
    }
}

function getComments($conn) { 
	$sql = "SELECT * FROM thecomments";
    $result = mysqli_query($conn, $sql);
    while ($row = $result->fetch_assoc()) {
    	$id = $row['uid'];
    	$sql2 = "SELECT * FROM user WHERE id='$id'";
   	$result2 = $conn->query($sql2);
        if ($row2 = $result2->fetch_assoc()) {
             echo "<div class='comment-box'><p>";
            echo $row2['uid']."<br>";
            echo $row['date']."<br>";
            echo nl2br($row['message']);
          echo "</p>";
          	if (isset($_SESSION['u_id'])) {
            	if ($_SESSION['u_id'] == $row2['u_id']) {
                    echo "<form class='delete-form' method='POST' action='".deleteComments($conn)."'>
                          <input type='hidden' name='cid' value='".$row['cid']."'>
                          <button type='submit' name='commentDelete'>Delete</button>
                      </form>
                      <form class='edit-form' method='POST' action='editcomment.php'>
                          <input type='hidden' name='cid' value='".$row['cid']."'>
                          <input type='hidden' name='uid' value='".$row['uid']."'>
                          <input type='hidden' name='date' value='".$row['date']."'>
                          <input type='hidden' name='message' value='".$row['message']."'>
                          <button>Edit</button>
                      </form>";
              } else {
              		echo "<form class='edit-form' method='POST' action='".deleteComments($conn)."'>
                          <input type='hidden' name='cid' value='".$row['cid']."'>
                          <button type='submit' name='commentDelete'>Reply</button>
                      </form>";
              }
            } else {
            	echo "<p class='commentmessage'>You need to be logged in to reply!</p>";
            }
         echo "</div>";
        }
    }  
}

function editComments($conn) {
	if (isset($_POST['commentSubmit'])) {
    	$cid = $_POST['cid'];
    	$uid = $_POST['uid'];
        $date = $_POST['date'];
        $message = $_POST['message'];
        
        $sql = "UPDATE thecomments SET message='$message' WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
        header("Location: index.php");
    }
}

function deleteComments($conn) {
	if (isset($_POST['commentDelete'])) {
    	$cid = $_POST['cid'];
        
        $sql = "DELETE FROM thecomments WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
        header("Location: index.php");
    }
}
?>

＆＃13;

login.php

<?php
	session_start();

	if (isset($_POST['submit'])) {
		include_once 'dbh.inc.php';
		$uid = $_POST['uid'];
		$pwd = $_POST['pwd'];

		//Error handlers
		//Check if inputs are empty
		if (empty($uid) || empty($pwd)) {
			header("Location: ../index.php?login=empty");
			exit();
		}
		else {
			//Check if username exists in the database USING PREPARED STATEMENTS
			$sql = "SELECT * FROM user WHERE uid=?";
			$stmt = mysqli_stmt_init($conn);
			if(!mysqli_stmt_prepare($stmt, $sql)) {
			    header("Location: ../index.php?login=error");
			    exit();
			}
			else {
				mysqli_stmt_bind_param($stmt, "s", $uid);
				//Run query in database
				mysqli_stmt_execute($stmt);
				//Get results from query
	      $result = mysqli_stmt_get_result($stmt);
				if ($row = mysqli_fetch_assoc($result)) {
					$hashedPwdCheck = password_verify($pwd, $row['pwd']);
					//If they didn't match!
					if ($hashedPwdCheck == false) {
						header("Location: ../index.php?login=error");
						exit();
					}
					//If they did match!
					elseif ($hashedPwdCheck == true) {
						//Set SESSION variables and log user in
						$_SESSION['u_id'] = $row['id'];
						$_SESSION['u_first'] = $row['user_first'];
						$_SESSION['u_last'] = $row['user_last'];
						$_SESSION['u_email'] = $row['user_email'];
						$_SESSION['u_uid'] = $row['uid'];
						header("Location: main.php?login=success");
						exit();
					}
	      } else {
	        header("Location: ../index.php?login=error");
				exit();
	      }
			}
		}

		//Close the prepared statement
		mysqli_stmt_close($stmt);

	} else {
		header("Location: ../index.php?login=error");
		exit();
	}

＆＃13;

感谢您的时间和帮助。关闭调试更多，如果有新的话会更新。

Answer 1

更改索引中的行以使用$_SESSION['u_uid']。这就是你要设置的会话变量。

<input type='hidden' name='uid' value='".$_SESSION['id']."'>

当你无法弄清楚变量没有获取数据的原因时，使用var_dump($_SESSION)会是一个好主意。

评论＆amp;用户PHP / SQL不会插入数据

1 个答案: