0

您好,我的数据库中有 2 个表,一个用于课程,一个用于用户,每个表都有一个 id 列。

我正在尝试在它们之间建立一种关系,一个用户订阅一门课程。我试图将结果存储在名为订阅的第三个表中,该表有一个用于课程 ID 的列和一个用于用户 ID 的列。

用户在通过与新会话连接的登录后进行注册。用户点击订阅链接后

<a href='subscribe.php?id=".$row['id']."'>subscribe!</a>

它们被带到后端 php 页面,在该页面中插入数据库信息:

<?php 
session_start();

?>
   $userid = $_SESSION['userID'];    
   $cursoid = $_GET['id'];

    mysql_connect("localhost", "username", "password") or die(mysql_error()) ; 
    mysql_select_db("test") or die(mysql_error()) ; 


    mysql_query("INSERT INTO `subscriptions` 
                     (curso_id, user_id) 
                     VALUES ('$cursoid', '$userid ')")
                         or die(mysql_error());

此时我已经获得了课程的 ID 并将其插入其中,问题在于用户 ID 我没有得到任何东西。如何获取当前登录用户的 id?

这是我的登录功能类的代码:

    public function userLogin() {
$success = false;
try{
$con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "SELECT * FROM users WHERE username = :username AND password = :password LIMIT 1";
$stmt = $con->prepare( $sql );
$stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();

$valid = $stmt->fetchColumn();

if( $valid ) {
$success = true;

}


$con = null;
return $success;
}catch (PDOException $e) {
echo $e->getMessage();
return $success;

$user = $stmt->fetchObj();

    if( $user->user_id > 0 ) {

        $success = true;

        // User has been successfully verified, lets sessionize his user id so we can refer to later
        $_SESSION['userID'] = $user->user_id;}

}
}

最后是登录功能的代码:

session_start();
$usr = new Users;
$usr->storeFormValues( $_POST );
if( $usr->userLogin() ) {
    header( 'Location: cursos.php' ) ;
    $_SESSION["loggedIn"] = true;
    $_SESSION['username'] = $_POST['username'];
    $_SESSION['password'] = $_POST['password'];
    $_SESSION['id'] = $_POST['id'];
4

3 回答 3

1

每次要使用会话时,都必须在文件开头调用session_start函数。您在登录函数中调用它,但不要在 subscribe.php 中调用。试试这个:

session_start();

$userid = $_SESSION['id'];
$cursoid = $_GET['id'];
//rest of the code
于 2013-10-01T23:15:08.737 回答
1

您不应将 sessionIds 用作 userIds,而应在插入用户行后使用用户表的主键。此外,可能是迂腐,但你应该将你的用户变量重命名为$user$usr让我畏缩。

获取会话 id 的另一种方法是:session_id

- 编辑 - 

public function userLogin() {

    ....

    $user = $stmt->fetchObj();

    if( $user->user_id > 0 ) {

        $success = true;

        // User has been successfully verified, lets sessionize his user id so we can refer to later
        $_SESSION['userId'] = $user->user_id;
    }
}

// We sessionized user id after validation, so we now have access to it
$userid = $_SESSION['userId'];

// Using straight mysql api is frowned upon, this should be converted to PDO before production use
mysql_query("INSERT INTO `subscriptions` (curso_id, user_id) VALUES ('$cursoid', '$userid ')")
    or die(mysql_error());
于 2013-10-01T23:19:43.820 回答
0

你也有一个小错误,你在这一行有一个空格VALUES ('$cursoid', '$userid ')")

mysql_query("INSERT INTO `subscriptions` 
             (curso_id, user_id) 
             VALUES ('$cursoid', '$userid')")
                 or die(mysql_error());
于 2013-10-01T23:20:56.387 回答