评论和用户 PHP/SQL 不会插入数据
Comment & User PHP/SQL will not insert data
编辑
谢谢!我进行了更改,它现在正在正确插入数据。我知道这很简单...我想编码几个小时的好处。
回去工作,关闭创建回复功能....
再次感谢!
我最近更改了我的代码,允许用户在我正在开发的网站上发表评论和回复,以帮助改进我的编码。我按照 Youtube 上的教程进行评论,但很难将我创建的用户登录系统与评论数据库连接起来。
如果有人能给我一个正确方向的推动,我将不胜感激。 (我已经调试了几个小时......我觉得这是非常简单或明显的事情,我需要另一双眼睛才能指出问题所在)
问题:我可以在我的网页上发表评论,它会将评论和日期插入数据库。 uid 未保存在数据库中。网站不会输出results/comment.
///in the index to display comments
<?php
echo "<form method='POST' action='".setComments($conn)."'>
<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
<textarea name='message'></textarea><br>
<button type='submit' name='commentSubmit'>Comment</button>
</form>";
getComments($conn);
?>
comments.php
<?php
function setComments($conn) {
if (isset($_POST['commentSubmit'])) {
$uid = $_POST['uid'];
$date = $_POST['date'];
$message = $_POST['message'];
$sql = "INSERT INTO thecomments (uid, date, message) VALUES ('$uid', '$date', '$message')";
$result = mysqli_query($conn, $sql);
}
}
function getComments($conn) {
$sql = "SELECT * FROM thecomments";
$result = mysqli_query($conn, $sql);
while ($row = $result->fetch_assoc()) {
$id = $row['uid'];
$sql2 = "SELECT * FROM user WHERE id='$id'";
$result2 = $conn->query($sql2);
if ($row2 = $result2->fetch_assoc()) {
echo "<div class='comment-box'><p>";
echo $row2['uid']."<br>";
echo $row['date']."<br>";
echo nl2br($row['message']);
echo "</p>";
if (isset($_SESSION['u_id'])) {
if ($_SESSION['u_id'] == $row2['u_id']) {
echo "<form class='delete-form' method='POST' action='".deleteComments($conn)."'>
<input type='hidden' name='cid' value='".$row['cid']."'>
<button type='submit' name='commentDelete'>Delete</button>
</form>
<form class='edit-form' method='POST' action='editcomment.php'>
<input type='hidden' name='cid' value='".$row['cid']."'>
<input type='hidden' name='uid' value='".$row['uid']."'>
<input type='hidden' name='date' value='".$row['date']."'>
<input type='hidden' name='message' value='".$row['message']."'>
<button>Edit</button>
</form>";
} else {
echo "<form class='edit-form' method='POST' action='".deleteComments($conn)."'>
<input type='hidden' name='cid' value='".$row['cid']."'>
<button type='submit' name='commentDelete'>Reply</button>
</form>";
}
} else {
echo "<p class='commentmessage'>You need to be logged in to reply!</p>";
}
echo "</div>";
}
}
}
function editComments($conn) {
if (isset($_POST['commentSubmit'])) {
$cid = $_POST['cid'];
$uid = $_POST['uid'];
$date = $_POST['date'];
$message = $_POST['message'];
$sql = "UPDATE thecomments SET message='$message' WHERE cid='$cid'";
$result = mysqli_query($conn, $sql);
header("Location: index.php");
}
}
function deleteComments($conn) {
if (isset($_POST['commentDelete'])) {
$cid = $_POST['cid'];
$sql = "DELETE FROM thecomments WHERE cid='$cid'";
$result = mysqli_query($conn, $sql);
header("Location: index.php");
}
}
?>
login.php
<?php
session_start();
if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
//Error handlers
//Check if inputs are empty
if (empty($uid) || empty($pwd)) {
header("Location: ../index.php?login=empty");
exit();
}
else {
//Check if username exists in the database USING PREPARED STATEMENTS
$sql = "SELECT * FROM user WHERE uid=?";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?login=error");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "s", $uid);
//Run query in database
mysqli_stmt_execute($stmt);
//Get results from query
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$hashedPwdCheck = password_verify($pwd, $row['pwd']);
//If they didn't match!
if ($hashedPwdCheck == false) {
header("Location: ../index.php?login=error");
exit();
}
//If they did match!
elseif ($hashedPwdCheck == true) {
//Set SESSION variables and log user in
$_SESSION['u_id'] = $row['id'];
$_SESSION['u_first'] = $row['user_first'];
$_SESSION['u_last'] = $row['user_last'];
$_SESSION['u_email'] = $row['user_email'];
$_SESSION['u_uid'] = $row['uid'];
header("Location: main.php?login=success");
exit();
}
} else {
header("Location: ../index.php?login=error");
exit();
}
}
}
//Close the prepared statement
mysqli_stmt_close($stmt);
} else {
header("Location: ../index.php?login=error");
exit();
}
感谢您抽出时间提供帮助。去调试更多,如果有新的会更新。
更改索引中的行以使用 $_SESSION['u_uid']。这就是您要设置的会话变量。
<input type='hidden' name='uid' value='".$_SESSION['id']."'>
当您无法弄清楚为什么变量没有获取数据时,使用 var_dump($_SESSION) 是个好主意。
编辑
谢谢!我进行了更改,它现在正在正确插入数据。我知道这很简单...我想编码几个小时的好处。
回去工作,关闭创建回复功能....
再次感谢!
我最近更改了我的代码,允许用户在我正在开发的网站上发表评论和回复,以帮助改进我的编码。我按照 Youtube 上的教程进行评论,但很难将我创建的用户登录系统与评论数据库连接起来。 如果有人能给我一个正确方向的推动,我将不胜感激。 (我已经调试了几个小时......我觉得这是非常简单或明显的事情,我需要另一双眼睛才能指出问题所在)
问题:我可以在我的网页上发表评论,它会将评论和日期插入数据库。 uid 未保存在数据库中。网站不会输出results/comment.
///in the index to display comments
<?php
echo "<form method='POST' action='".setComments($conn)."'>
<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
<textarea name='message'></textarea><br>
<button type='submit' name='commentSubmit'>Comment</button>
</form>";
getComments($conn);
?>
comments.php
<?php
function setComments($conn) {
if (isset($_POST['commentSubmit'])) {
$uid = $_POST['uid'];
$date = $_POST['date'];
$message = $_POST['message'];
$sql = "INSERT INTO thecomments (uid, date, message) VALUES ('$uid', '$date', '$message')";
$result = mysqli_query($conn, $sql);
}
}
function getComments($conn) {
$sql = "SELECT * FROM thecomments";
$result = mysqli_query($conn, $sql);
while ($row = $result->fetch_assoc()) {
$id = $row['uid'];
$sql2 = "SELECT * FROM user WHERE id='$id'";
$result2 = $conn->query($sql2);
if ($row2 = $result2->fetch_assoc()) {
echo "<div class='comment-box'><p>";
echo $row2['uid']."<br>";
echo $row['date']."<br>";
echo nl2br($row['message']);
echo "</p>";
if (isset($_SESSION['u_id'])) {
if ($_SESSION['u_id'] == $row2['u_id']) {
echo "<form class='delete-form' method='POST' action='".deleteComments($conn)."'>
<input type='hidden' name='cid' value='".$row['cid']."'>
<button type='submit' name='commentDelete'>Delete</button>
</form>
<form class='edit-form' method='POST' action='editcomment.php'>
<input type='hidden' name='cid' value='".$row['cid']."'>
<input type='hidden' name='uid' value='".$row['uid']."'>
<input type='hidden' name='date' value='".$row['date']."'>
<input type='hidden' name='message' value='".$row['message']."'>
<button>Edit</button>
</form>";
} else {
echo "<form class='edit-form' method='POST' action='".deleteComments($conn)."'>
<input type='hidden' name='cid' value='".$row['cid']."'>
<button type='submit' name='commentDelete'>Reply</button>
</form>";
}
} else {
echo "<p class='commentmessage'>You need to be logged in to reply!</p>";
}
echo "</div>";
}
}
}
function editComments($conn) {
if (isset($_POST['commentSubmit'])) {
$cid = $_POST['cid'];
$uid = $_POST['uid'];
$date = $_POST['date'];
$message = $_POST['message'];
$sql = "UPDATE thecomments SET message='$message' WHERE cid='$cid'";
$result = mysqli_query($conn, $sql);
header("Location: index.php");
}
}
function deleteComments($conn) {
if (isset($_POST['commentDelete'])) {
$cid = $_POST['cid'];
$sql = "DELETE FROM thecomments WHERE cid='$cid'";
$result = mysqli_query($conn, $sql);
header("Location: index.php");
}
}
?>
login.php
<?php
session_start();
if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
//Error handlers
//Check if inputs are empty
if (empty($uid) || empty($pwd)) {
header("Location: ../index.php?login=empty");
exit();
}
else {
//Check if username exists in the database USING PREPARED STATEMENTS
$sql = "SELECT * FROM user WHERE uid=?";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?login=error");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "s", $uid);
//Run query in database
mysqli_stmt_execute($stmt);
//Get results from query
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$hashedPwdCheck = password_verify($pwd, $row['pwd']);
//If they didn't match!
if ($hashedPwdCheck == false) {
header("Location: ../index.php?login=error");
exit();
}
//If they did match!
elseif ($hashedPwdCheck == true) {
//Set SESSION variables and log user in
$_SESSION['u_id'] = $row['id'];
$_SESSION['u_first'] = $row['user_first'];
$_SESSION['u_last'] = $row['user_last'];
$_SESSION['u_email'] = $row['user_email'];
$_SESSION['u_uid'] = $row['uid'];
header("Location: main.php?login=success");
exit();
}
} else {
header("Location: ../index.php?login=error");
exit();
}
}
}
//Close the prepared statement
mysqli_stmt_close($stmt);
} else {
header("Location: ../index.php?login=error");
exit();
}
感谢您抽出时间提供帮助。去调试更多,如果有新的会更新。
更改索引中的行以使用 $_SESSION['u_uid']。这就是您要设置的会话变量。
<input type='hidden' name='uid' value='".$_SESSION['id']."'>
当您无法弄清楚为什么变量没有获取数据时,使用 var_dump($_SESSION) 是个好主意。