我正在制作一个视频托管网站,其中用户上传的视频(称为"答案"因为它们将根据业余爱好制作方面的帮助请求而制作)被列入待处理列表让网络管理员检查并决定是否批准公开观看。
所有视频记录都有一个布尔数据,称为"已批准"设置为true(' 1')或false(' 0')。
我遇到的麻烦是实际审批流程。无论我做什么,我都无法开始制作视频"批准"状态。
这是我写的代码......
answer.php(主要视频页面)
<a class="btn btn-success btn-lg btn-block" href="<?php echo url_for('/approve.php?id=' . h(u($answer['id']))); ?>"><i class="mr-2 fas fa-check fa-2x"></i>Approve</a>
approve.php
if(!isset($_GET['id'])) {
redirect_to(url_for('/pending.php'));
}
$id = $_GET['id'];
if(is_post_request()) {
$answer = [];
$answer['id'] = $id;
$answer['approved'] = $_POST['approved'];
$result = approve_answer($id);
$_SESSION['message'] = '<div class="text-success">The answer was successfully approved and ready for public viewing.</div>';
redirect_to(url_for('/pending.php'));
} else {
$answer = find_answer_by_id($id);
$user = find_user_by_id($answer['user_id']);
}
?>
<?php $page_title = 'Confirm Approval'; ?>
<?php include(SHARED_PATH . '/public_header.php'); ?>
<div class="container my-2">
<div class="my-2">
<a class="back-link my-2" href="<?php echo url_for('/answer.php?id=' . h(u($answer['id']))); ?>"><i class="mr-2 fas fa-arrow-circle-left fa-2x"></i> Back to Answer</a>
</div>
<div class="answer approve">
<h1>Confirm Approval</h1>
<p>Are you sure you want to approve this answer?</p>
<p class="item"><strong><?php echo h($answer['title']); ?></strong> by <emphasis><?php echo h($user['username']); ?></emphasis></p>
<p><italics><?php echo h($answer['content']); ?></italics>
<form action="<?php echo url_for('/approve.php?id=' . h(u($answer['id']))); ?>" method="post">
<div id="operations">
<input type="hidden" name="approved" value="1" />
<input class="btn btn-success btn-lg btn-block" type="submit" name="approved" id="approved" value="Confirm" />
</div>
</form>
</div>
</div><!-- container -->
功能approve_answer(query_functions.php)
function approve_answer($answer) {
global $db;
$errors = validate_answer($answer);
if(!empty($errors)) {
return $errors;
}
$sql = "UPDATE answers SET ";
$sql .= "approved='" . db_escape($db, '1') . "', ";
$sql .= "WHERE id='" . db_escape($db, $answer['id']) . "' ";
$sql .= "LIMIT 1";
$result = mysqli_query($db, $sql);
// For UPDATE statements, $result is true/false
if($result) {
return true;
} else {
// UPDATE failed
echo mysqli_error($db);
db_disconnect($db);
exit;
}
}
那我哪里出错了?
答案 0 :(得分:1)
将以下代码替换为查询。
$sql = "UPDATE answers SET ";
$sql .= "approved='" . db_escape('1') . "', ";
$sql .= "WHERE id='" . db_escape($answer['id']) . "' ";
$sql .= "LIMIT 1";
答案 1 :(得分:1)
if(!isset($_GET['id'])) {
redirect_to(url_for('/pending.php'));
}
if(is_post_request()) {
$result = approve_answer($_POST['id']);
$_SESSION['message'] = '<div class="text-success">The answer was successfully approved and ready for public viewing.</div>';
redirect_to(url_for('/pending.php'));
} else {
$answer = find_answer_by_id($_GET['id']);
$user = find_user_by_id($answer['user_id']);
}
?>
<?php $page_title = 'Confirm Approval'; ?>
<?php include(SHARED_PATH . '/public_header.php'); ?>
<div class="container my-2">
<div class="my-2">
<a class="back-link my-2" href="<?php echo url_for('/answer.php?id=' . h(u($answer['id']))); ?>"><i class="mr-2 fas fa-arrow-circle-left fa-2x"></i> Back to Answer</a>
</div>
<div class="answer approve">
<h1>Confirm Approval</h1>
<p>Are you sure you want to approve this answer?</p>
<p class="item"><strong><?php echo h($answer['title']); ?></strong> by <emphasis><?php echo h($user['username']); ?></emphasis></p>
<p><italics><?php echo h($answer['content']); ?></italics>
<form action="<?php echo url_for('/approve.php?id=' . h(u($answer['id']))); ?>" method="post">
<div id="operations">
<input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
<input class="btn btn-success btn-lg btn-block" type="submit" name="approved" id="approved" value="Confirm" />
</div>
</form>
</div>
</div><!-- container -->
$sql = "UPDATE answers SET ";
$sql .= "approved=1";
$sql .= "WHERE id='" . db_escape($db, $answer) . "' ";
您可以尝试使用此代码。我仍然不确定您为$answer['user_id']设置值的位置?但这应该可以解决你的问题。