0

这是我用来确定是否让用户进入的 login.php 脚本。

<?php

if(isset($_POST['submitted']))
{
 $errors= array();
 $username = ($_POST['username']);
 $pass = ($_POST['pass']);
 $shapass = sha1($pass);
 $_POST['username'] = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
 if ($_POST['username'] == "") {  
   $errors[] = "Please enter your username.";
 }
 if ($_POST['pass'] == "") {  
   $errors[] = "Please enter your password.";
 }

 if(is_array($errors))
 {
    echo '<font color="red"><div align="center" class="error"><span></span><ul>';
    while (list($key,$value) = each($errors))
    {

        echo '<li>'.$value.'</li><br />';
    }echo'</ul></div></font>';
}


if(empty($errors))
{
$user_name = "root";
$password = "";
$database = "rsswebapp";
$server = "127.0.0.1";
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) 
{

$match = "Select ROWID,EMAIL,PWD from `user` ".
    " where (USERNAME='$username' OR EMAIL='$username') and PWD='$shapass' ";
$qry = mysql_query($match);



/*
$uid = isset($_POST['username']) ? $_POST['username'] : $_SESSION['username'];
$pwd = isset($_POST['pass']) ? $_POST['pass'] : $_SESSION['pass'];
*/
$num_rows = mysql_num_rows($qry); 
if ($num_rows <= 0) { 
//unset($_SESSION['uid']);
//unset($_SESSION['pwd']);
header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username                 $username with the specified password.Try again!")));
} 
else 
{
session_start();
$_SESSION['ROWID'] = $sid ;
header("location:dashboard.php");
}
mysql_close($db_handle);
}
else {

print "Database NOT Found ";
mysql_close($db_handle);
}

}   
}   
?>

如果登录成功,我将用户重定向到 dashboard.php

<body>
<div class="container">
  <div id="sidebar">
      <ul>
          <li><a href="dashboard.php?p=categories"><center>Categories</center></a></li>
          <li><a href="dashboard.php?p=myfeeds"><center>My Feeds</center>    </a></li>
          <li><a href="dashboard.php?p=managefeeds"><center>Manage Feeds</center></a>    </li>
          <li><a href="dashboard.php?p=myfeed"><center>Account</center></a></li>
          <li><a href="logout.php"><center>Log Out</center></a></li>
      </ul>
  </div>
  <div class="main-content">
      <div class="swipe-area"></div>
      <a href="#" data-toggle=".container" id="sidebar-toggle">
          <span class="bar"></span>
          <span class="bar"></span>
          <span class="bar"></span>
      </a>
      <div class="content">
          <?php
          session_start();
          $sid = $_SESSION['ROWID'];
          if(!$_SESSION){
          header('location:index.php?msg=' .      urlencode(base64_encode("Please login to continue.")));
          }
          else
          {
          $pages_dir = 'pages';
          if(!empty($_GET['p'])){
          $pages = scandir($pages_dir,0); 
          unset($pages[0],$pages[1]);
          $p = $_GET['p'];
          if(in_array($p.'.php',$pages))
          {
            include($pages_dir.'/'.$p.'.php');
          }
          else
          {
            echo "Sorry, page not found.";
          }
          }

          }

           ?>
           <p></p>
      </div>
  </div>
 </div>
</body>

问题出现在 myfeed.php 中:

<?php 

 $user_name = "root";
 $password = "";
 $database = "rsswebapp";
 $server = "127.0.0.1";
//$db_handle = mysqli_connect($server, $user_name, $password,$database);
$db_handle = new mysqli($server, $user_name, $password,$database);
$db_found = mysqli_select_db( $db_handle,$database);
//session_start();
// $s = mysql_real_escape_string($_SESSION['ROWID']);
//$query = "SELECT  URL,TITLE FROM rssfeeds,user WHERE rssfeeds.USERID=user.ROWID";
// $query = "select GROUP_CONCAT(r.URL) as URL from user as u Left Join rssFeeds as r  On u.ROWID = r.USERID WHERE USERID = $_SESSION";
// $query = "SELECT URL FROM rssfeeds as rss WHERE rss.USERID=$s";
// $query = "SELECT `rssfeeds`.`URL` FROM `rssfeeds` WHERE `rssfeeds`.`USERID`=$_SESSION['ROWID']";
//  $query = "SELECT  URL FROM rssfeeds as rss ,user as userrss WHERE rss.USERID='$sid'";
//$query = "SELECT  rssfeeds.URL FROM rssfeeds LEFT JOIN user ON rssfeeds.USERID=user.ROWID";
 $query = "SELECT URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";
//$query = "SELECT URL FROM rssfeeds as rss,user WHERE rss.USERID="$_SESSION['ROWID']"";
// $result = mysqli_query($db_handle,$query);
$result = mysqli_query($db_handle,$query);
// $result = $db_handle->query($query);
 $r = array();
$index = 0;
if($result)
{
echo "BG </br>";
// while($row = mysqli_fetch_assoc($result)) {
  while($row = $result->fetch_array()){
 //  while( ($row = mysql_fetch_assoc($result))!== false){
 //echo "WELL DONE";
 echo "{$row["TITLE"]}  {$row["URL"]} </br>" ;
// $r[$index] = $row["URL"];
// $index++; 
// printf ("%s \n", $row["URL"]);

}
echo "HX";

/*
$yourArray = array(); 
$index=0;
while($row = $result->fetch_array()){
    echo "b";
  //  echo "<a href='".$row["URL"]."'>".$row["TITLE"]."</a>";
   $yourArray[$index] = $row;
 $index++; 
    echo "<br />";print_r($yourArray);
 }
*/  
 }
else
{
 echo "HELLO";
 die(mysql_error());
 }



  ?>

注释掉的语句是我尝试过但不起作用的语句。我无法从数据库表中检索 URL 并将它们显示在页面上。截至目前,我得到的输出为:

BG HX

我的数据库中有两个表:

  • 用户
  • RSS订阅

“用户”包含四列,即:

  • ROWID(自动增量,主要)
  • 用户名
  • 电子邮件
  • 残疾人士

而“rssfeeds”有四个:

  • RSSFEEDID
  • 用户身份
  • 标题
  • 网址

我很确定问题在于 $_SESSION 部分中 myfeed.php 中的查询。

4

3 回答 3

1

定义您希望显示 url 的 user_id

$user_id = 1;

运行简单的非连接查询

SELECT
    `rssfeeds`.`URL`
FROM
    `rssfeeds`
WHERE
    `rssfeeds`.`USERID`='$user_id'

如果由于某种原因您还需要用户表中的数据,那么您可以运行此查询

SELECT 
    `rssfeeds`.`URL`
FROM
    `rssfeeds`
    LEFT JOIN `user` ON (`rssfeeds`.`USERID`=`user`.`ROWID`)
WHERE
    `user`.`ROWID`='$user_id'

操作:

我像这样(图像)将数据存储在 rssfeeds 中。当我运行这个查询时:SELECT rssfeeds.URL FROM rssfeeds WHERE rssfeeds.USERID=2;在 phpmyadmin 上,我得到这样的东西(图像)。我不明白的是如何使用 PHP 以单个链接的形式获得此结果。我做这样的事情(图片)谢谢。

$query = "SELECT URL, TITLE FROM rssfeeds as rss WHERE rss.USERID='".$_SESSION['ROWID']."'";
$result = mysql_query($query);
if($result){
    while($row = mysql_fetch_assoc($result)){
        echo "<a href='".$row["URL"]."'>".$row["TITLE"]."</a>";
        echo "<br />";
    }
}
于 2013-07-19T14:28:28.197 回答
0

用户表:

CREATE TABLE `User` (
  `ROWID` int(11) NOT NULL,
  `USERNAME` varchar(45) DEFAULT NULL,
  `EMAIL` varchar(45) DEFAULT NULL,
  `PWD` varchar(45) DEFAULT NULL,
  PRIMARY KEY (`ROWID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1

RssFeeds 表:

CREATE TABLE `RssFeeds` (
  `RssfeedId` int(11) NOT NULL,
  `USERID` int(11) NOT NULL,
  `TITLE` varchar(45) DEFAULT NULL,
  `URL` text,
  PRIMARY KEY (`RssfeedId`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1

用户表中的记录

mysql> select * from User;
+-------+----------+-------+------+
| ROWID | USERNAME | EMAIL | PWD  |
+-------+----------+-------+------+
|     1 | a        | a     | a    |
|     2 | b        | b     | b    |
|     3 | c        | c     | c    |
+-------+----------+-------+------+
3 rows in set (0.00 sec)

RssFeeds 表中的记录

mysql> select * from RssFeeds;
+-----------+--------+-------+------+
| RssfeedId | USERID | TITLE | URL  |
+-----------+--------+-------+------+
|         1 |      1 | t1    | u1   |
|         2 |      1 | t2    | u2   |
|         3 |      2 | t3    | u3   |
|         4 |      2 | t4    | u4   |
+-----------+--------+-------+------+
4 rows in set (0.00 sec)

RssFeeds 按用户

mysql> select u.*,r.URL from User as u Left Join RssFeeds as r On u.ROWID = r.USERID;
+-------+----------+-------+------+------+
| ROWID | USERNAME | EMAIL | PWD  | URL  |
+-------+----------+-------+------+------+
|     1 | a        | a     | a    | u1   |
|     1 | a        | a     | a    | u2   |
|     2 | b        | b     | b    | u3   |
|     2 | b        | b     | b    | u4   |
|     3 | c        | c     | c    | NULL |
+-------+----------+-------+------+------+
5 rows in set (0.00 sec)

使用 GROUP_CONCAT 方法

mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID GROUP BY u.ROWID;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD  | URL   | TITLE |
+-------+----------+-------+------+-------+-------+
|     1 | a        | a     | a    | u1,u2 | t1,t2 |
|     2 | b        | b     | b    | u3,u4 | t3,t4 |
|     3 | c        | c     | c    | NULL  | NULL  |
+-------+----------+-------+------+-------+-------+
3 rows in set (0.01 sec)

对于特定用户:

mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID WHERE ROWID = 1;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD  | URL   | TITLE |
+-------+----------+-------+------+-------+-------+
|     1 | a        | a     | a    | u1,u2 | t1,t2 |
+-------+----------+-------+------+-------+-------+
1 row in set (0.00 sec)
于 2013-07-19T14:42:33.370 回答
0

新答案基于 OP 的新问题:

以下是调试代码时的一些指示以及我是如何发现问题的:

1)使用以下代码将php错误报告添加到php文件中:

ini_set('display_errors',1);
error_reporting(E_ALL);

2)在ifwhile/for循环内回显以查看是否满足条件

3)var_dump()在使用变量时回显查询以查看运行的实际查询是什么:

$query = "SELECT TITLE, URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";
echo var_dump($query);
$result = mysqli_query($db_handle,$query);

修复如下:

$num_rows = mysql_num_rows($qry); 
if ($num_rows <= 0) { 
    //unset($_SESSION['uid']);
    //unset($_SESSION['pwd']);
    header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username                 $username with the specified password.Try again!")));
} else {
    session_start();
    $_SESSION['ROWID'] = $sid ;
    header("location:dashboard.php");
}

应该如下:(您之前没有定义$sid,也没有实际ROWID从数据库中检索$qry

if ($num_rows!==1) { 
    header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username $username with the specified password. Try again!")));
} else {
    $row = mysql_fetch_array($qry);
    session_start();
    $_SESSION['ROWID'] = $row['ROWID'] ;
    header("location:dashboard.php");
}

此外,在 myfeed.php 中:

$query = "SELECT URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";

应该是以下内容:(TITLE尽管您稍后试图在脚本中调用它,但您并没有检索该字段。)

$query = "SELECT TITLE, URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";

最后,您回显结果的语法是错误的。以下也在 myfeed.php 中:

if($result)
{
echo "BG </br>";
// while($row = mysqli_fetch_assoc($result)) {
  while($row = $result->fetch_array()){
 //  while( ($row = mysql_fetch_assoc($result))!== false){
 //echo "WELL DONE";
 echo "{$row["TITLE"]}  {$row["URL"]} </br>" ;
// $r[$index] = $row["URL"];
// $index++; 
// printf ("%s \n", $row["URL"]);

}
echo "HX";

应该:

if($result){
    echo "BG </br>";
    while($row = $result->fetch_array()){
        echo $row["TITLE"]." ".$row["URL"]." </br>" ;
    }
    echo "HX";

最后一点,您mysql_*在 login.php 中使用了扩展,但mysqli_*在 myfeeds.php 中使用了扩展。您应该将所有已弃用扩展的实例转换为新的扩展。大多数/所有注释代码都可以删除,因为它也不需要。测试这些更改并告诉我它是如何工作的。

于 2013-07-29T02:37:43.337 回答