我有一个已适应我的数据库的登录脚本(从互联网下载)。但是,我在从登录链接到我系统中包含已登录用户详细信息的页面时遇到问题。
登录系统所基于的users表有以下字段
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(18) NOT NULL,
`first_name` varchar(32) NOT NULL,
`last_name` varchar(32) NOT NULL,
`gender` varchar(15) NOT NULL DEFAULT 'undisclosed',
`bio` text NOT NULL,
`image_location` varchar(125) NOT NULL DEFAULT 'avatars/default_avatar.png',
`password` varchar(512) NOT NULL,
`email` varchar(1024) NOT NULL,
`email_code` varchar(100) NOT NULL,
`time` int(11) NOT NULL,
`confirmed` int(11) NOT NULL DEFAULT '0',
`generated_string` varchar(35) NOT NULL DEFAULT '0',
`ip` varchar(32) NOT NULL,
`EmployeeID` int(11) DEFAULT '0',
PRIMARY KEY (`id`)
保存用户详细信息的表包括以下字段
CREATE TABLE IF NOT EXISTS `chidren` (
`ChildID` int(11) NOT NULL AUTO_INCREMENT,
`EmployeeID` int(11) DEFAULT '0',
`ChildName` varchar(50) DEFAULT NULL,
`DateOfBirth` datetime DEFAULT NULL,
`Mother` varchar(50) DEFAULT NULL,
`Comment` longtext,
`Clerk` varchar(50) DEFAULT NULL,
`Picture` longblob,
`Pic` longblob,
PRIMARY KEY (`ChildID`),
KEY `ChildID` (`ChildID`),
KEY `EmployeeID` (`EmployeeID`)
如您所见,这两个表是使用 EmployeeID 字段连接的。
用户将被引导到他/她的页面的登录脚本是这样的
<?php
require 'core/init.php';
$general->logged_in_protect();
if (empty($_POST) === false) {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if (empty($username) === true || empty($password) === true) {
$errors[] = 'Sorry, but we need your username and password.';
} else if ($users->user_exists($username) === false) {
$errors[] = 'Sorry that username doesn\'t exists.';
} else if ($users->email_confirmed($username) === false) {
$errors[] = 'Sorry, but you need to activate your account.
Please check your email.';
} else {
if (strlen($password) > 18) {
$errors[] = 'The password should be less than 18 characters, without spacing.';
}
$login = $users->login($username, $password);
if ($login === false) {
$errors[] = 'Sorry, that username/password is invalid';
}else {
session_regenerate_id(true);// destroying the old session id and creating a new one
$_SESSION['id'] = $login;
header('Location: home.php');
exit();
}
}
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="css/style.css" >
<title>Login</title>
</head>
<body>
<div id="container">
<?php include 'includes/menu.php'; ?>
<h1>Login</h1>
<?php
if(empty($errors) === false){
echo '<p>' . implode('</p><p>', $errors) . '</p>';
}
?>
<form method="post" action="">
<h4>Username:</h4>
<input type="text" name="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" />
<h4>Password:</h4>
<input type="password" name="password" />
<br>
<input type="submit" name="submit" />
</form>
<br>
<a href="confirm-recover.php">Forgot your username/password?</a>
</div>
</body>
</html>
登录脚本附带的主页是这个(我已经包含这个以防万一它有助于解决我的问题)
<?php
require 'core/init.php';
$general->logged_out_protect();
$username = htmlentities($user['username']); // storing the user's username after clearning for any html tags.
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="css/style.css" >
<title>Home</title>
</head>
<body>
<div id="container">
<?php include 'includes/menu.php'; ?>
<h1>Hello <?php echo $username, '!'; ?></h1>
</div>
</body>
</html>
这是我的页面,不幸的是失败了。
<html>
<head>
<link rel="stylesheet" type="text/css" href="mystyle.css" />
<title></title>
</head>
<body>
<?php
require 'core/init.php';
$general->logged_out_protect();
// query db and get date only for the user that logged in. Used GROUP BY because one employee will have more than one child
$EmployeeID = $_GET['EmployeeID'];
$result = mysql_query("SELECT * FROM children WHERE EmployeeID=$EmployeeID
GROUP BY holder.EmployeeID")
or die(mysql_error());
// display data in table
echo "<table border='1' cellpadding='10'>";
echo "<tr> <th>Child Name</th> <th>Mother</th> <th>Date of Birth</th> ";
while($row = mysql_fetch_array( $result )) {
// echo out the contents of each row into a table
echo "<tr>";
//echo '<td>' . $row['EmployeeID'] . '</td>';
echo '<td>' . $row['ChildName'] . '</td>';
echo '<td>' . $row['Mother'] . '</td>';
echo '<td>' . $row['DateOfBirth'] . '</td>';
//the following two fields link to files exactly the same as this one. Again the linking is by EmployeeID
echo '<td><a href="arm/spouse.php?EmployeeID=' . $row['EmployeeID'] . '">SPOUSE DETAILS</a></td>';
echo '<td><a href="arm/employeedatails.php?EmployeeID=' . $row['EmployeeID'] . '">WORK DETAILS</a></td>';
echo "</tr>";
}
// close table>
echo "</table>";
?>
<p>Click on any of the above to see your other details</p>
</body>
</html>
我的问题是我无法正确编码页面,因此它只能绘制有关已登录用户的数据。事实上,在我所有的尝试中,页面只是给我错误,下面是我尝试的代码该页面,我使用了 GET 函数,以便该页面仅显示有关特定用户的数据。
在你说之前,是的,我在我的页面中没有使用过 mysqli(这会是错误的原因吗?)但是我对 mysqli 完全陌生,只是一个 mysql 的初学者。但如果帮助将在 mysqli 中,我将不胜感激,因为我发现它更安全。我是从 MSACCESS 迁移的人(我只需要迁移才能将我的程序放在网络上)。