<?php
error_reporting(0);
session_start();
if(!$_SESSION["login"]){
print '<script type="text/javascript">';
print 'alert("You need to login first")';
print '</script>'; echo '<meta http-equiv="REFRESH" content="0;url=home.php">';
die();
}
?>
<?php
//This is the book stuff
ob_start();
#error_reporting(0);
$host="localhost"; // Host name
include 'databaselogin.php';
$db_name="X"; // Database name
$tbl_name="Books"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$id = $_GET["id"];
$sql = 'SELECT * FROM Books WHERE `id` = '.$id.' LIMIT 1';
$result=mysql_query($sql) or die(mysql_error());
while($rows = mysql_fetch_array($result)){
?>
<?
//this is user stuff.
ob_start();
error_reporting(0);
$host="localhost"; // Host name
include 'databaselogin.php';
$currentuser = $_SESSION["id"];
$db_name="X"; // Database name
$tbl_name="users"; // Table name
$tbl_name="Books"; // Table name
/*
if ($rows['userid'] != $currentusers)
{
print '<script type="text/javascript">';
print 'alert("you dont have permissions")';
print '</script>'; echo '<meta http-equiv="REFRESH" content="0;url=home.php">';
}
*/
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Silent Generation</title>
<link rel="stylesheet" href="styles.css" type="text/css" media="screen" />
<link rel="stylesheet" type="text/css" href="print.css" media="print" />
<!--[if IE]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
<!--script section-->
<script type="text/javascript">
</script>
<!--end script section-->
</head>
<body>
<div id="wrapper"><!-- #wrapper -->
<header><!-- header -->
<h1><a href="#">Silent Generation</a></h1>
<h2>Would it be too chezy to say silent but deadly</h2>
</header><!-- end of header -->
<nav><!-- top nav -->
<div class="menu">
<ul>
<li><a href="home.php">Home</a></li>
<li><a href="sell.php">Sell</a></li>
<li><a href="buy.php">Buy</a></li>
<li><a href="stores.php">Stores</a></li>
<li><a href="donate.php">Donate</a></li>
<li><a href="contact.php">Contact Us</a></li>
<li><a href="support.php">Support</a></li>
</ul>
</div>
</nav><!-- end of top nav -->
<section id="main"><!-- #main content and sidebar area -->
<section id="content"><!-- #content -->
<article>
<form method="GET" action="editadd.php" name="add" id="add">
Book Name:
<div align="center" style="margin-top:-15px;">
<input type="text" name="name" id="name" value="<?echo $rows["name"];?>"/></div>
Author's Name: <div align="center" style="margin-top:-15px;"><input type="text" name="author" id="author" value="<?echo $rows["author"];?>"></div>
ISBN: <div align="center" style="margin-top:-15px;"><input type="text" name="ISBN" id="ISBN" value="<?echo $rows["ISBN"];?>"></div>
Edition : <div align="center" style="margin-top:-15px;"><input type="text" name="edition" id="edition" value="<?echo $rows["edition"];?>"></div>
Contact info:<div align="center" style="margin-top:-15px;"> <input type="text" name="contact" id="contact" value="<?echo $rows["contact"];?>" /></div>
Price: <div align="center" style="margin-top:-15px;"> <input type="text" name="price" id="price" / value="<?echo $rows["price"];?>"></div>
Comments: <div align="center"><textarea id="comments" name="comments" rows="13" cols="80" ><?echo $rows["comment"];?> </textarea></div>
<div align="center"><input type="submit" value="Submit" style="width:660px;height:70px;"/></div>
<input type="hidden" name="id" value="<?echo $rows["id"];?>" />
</form>
current user: <?echo $currentuser;?>
posted by: <?echo $rows['userid']?>
<?
}
ob_end_flush();
if ( intval($rows['userid']) == intval($currentusers))
{echo "true";}
else
{echo "fasle";}
?>
</article>
<pre>
</pre>
</section><!-- end of #content -->
<aside id="sidebar"><!-- sidebar -->
<?php
error_reporting(0);
session_start();
if(!$_SESSION["login"]){
?>
<h3>Login</h3>
<form method="post" ACTION="login.php">
E-mail
<input type="text" id="myusername" name="myusername" />
<br/>
<br/>
Password <input type="password" id="mypassword" name="mypassword" />
<br/>
<br/>
<INPUT TYPE="submit" VALUE="Submit" />
<br/>
<input TYPE="button" VALUE="Password?"onclick="javascript:document.location='lostpass.php'; return false; "/>
</form>
<pre>
</pre>
<h3>Register</h3>
<form method="post" action="register.php" name="register" id="register">Name <br/><input type="text" id="name" name="name" ><br/>
Email <br/> <input type="text" id="email" name="email"><br/>
School <br/> <select name="school" id="school">
<option value='Sierra College'>Sierra College</option>
<option value='American River'>American River</option>
<option value='UC Davis'>UC Davis</option>
<option value='UCLA'>UCLA</option>
<option value='UCSD'>UCSD</option>
</select><br/>
Password <br/> <input type="password" id="password" name="password"><br/>
Conform Password <br/> <input type="password" id="password2" name="password2"><br/>
<br/>
<input type="submit" value="Submit">
<input type="reset" value="Clear">
</form>
<?}else{?>
<h3>Welcome</h3> <?php echo $_SESSION["username1"] ?>
<a href="logout.php">Logout</a>
<?}
?>
<h3>Connect With Us</h3>
<ul>
<li><a href="#">Twitter</a></li>
<li><a href="#">Facebook</a></li>
</ul>
</aside><!-- end of sidebar -->
</section><!-- end of #main content and sidebar-->
<footer>
<section id="footer-area">
<section id="footer-outer-block">
<aside class="footer-segment">
<h4>Joubin Jabbari</h4>
<p>© 2011 <a href="#">Silentgen.com</a>
presents a site by a student for students.
</p>
</aside><!-- end of #fourth footer segment -->
</section><!-- end of footer-outer-block -->
</section><!-- end of footer-area -->
</footer>
</div><!-- #wrapper -->
<!-- Free template created by http://freehtml5templates.com -->
</body>
</html>
以上是我的整个代码....你只需要看几下几块php就可以了。我想要的是确保该人正在尝试编辑此帖子的是发布它的人。否则,他们需要在其他地方重新路由。
答案 0 :(得分:0)
嗯...也许正在尝试 if ( intval($rows['userid']) == intva($currentusers))
好的,您使用的是错误的变量名称。这是由$ currentuser而不是$ currentusers。
if ( $rows['userid'] == $currentuser)
echo "true";
else
echo "false";
答案 1 :(得分:0)
您的条件语句没有任何问题,因此它必须是存储在$ currentusers和$ rows ['userid']中的内容的问题。您能否提供更多特定于分配给这两个变量的值的代码?
编辑:您的代码中有拼写错误。您要比较“$ currentusers”而不是“$ currentuser”。试试这个:if ( intval($rows['userid']) == intval($currentuser))
{echo "true";}
else
{echo "fasle";}
答案 2 :(得分:0)
根据您的变量名称,$currentusers
是一组用户,如果是这样,您可以使用in_array($value,$array);
检查其中是否存在值
如果没有,你以错误的方式命名你的变量= D,也许这是一个类型问题。使用intval
函数
if(inval($rows['userid']) == intval($currentusers))