PHP MySQL 用户个人资料页面
PHP MySQL User Profile Page
我有一个 PHP login/register 系统,它工作正常。我还有一个 profile.php 页面,用于显示当前登录用户的信息。现在,我想这样做,如果用户登录并转到 profile.php,他们将看到他们自己的个人资料页面及其信息,但如果用户导航到 profile.php?id=2 页面,他们必须查看 ID 为 2 的配置文件。它几乎完成了,但是当我更改 id?=2 时,只有 ID 发生了变化。知道为什么它不起作用吗?
profile.php 代码:
<?php
session_start();
// If the user is not logged in redirect to the login page...
if (!isset($_SESSION['loggedin'])) {
header('Location: /admin/index.php');
exit;
}
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'root';
$DATABASE_PASS = '';
$DATABASE_NAME = 'phplogin';
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if (mysqli_connect_errno()) {
exit('Failed to connect to MySQL: ' . mysqli_connect_error());
}
$stmt = $con->prepare('SELECT username, realname, password, email, second_email, sex, age, country, city, timestamp FROM accounts WHERE id = ?');
$stmt->bind_param('i', $_SESSION['id']);
$stmt->execute();
$stmt->bind_result($username, $realname, $password, $email, $second_email, $sex, $age, $country, $city, $timestamp);
$stmt->fetch();
$stmt->close();
if (isset($_GET['id']) && $_GET['id'] != "") {
$id = $_GET['id'];
} else {
$id = $_SESSION['user_id'];
}
$mysqli = $con;
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
## query database
# fetch data from mysql database
$sql = "SELECT * FROM accounts WHERE id = {$id} LIMIT 1";
if ($result = $mysqli->query($sql)) {
$user = $result->fetch_array();
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
require_once($_SERVER['DOCUMENT_ROOT'].'/admin/includes/header.php');
if ($result->num_rows == 1) {
echo "
<section class='prfileMenu tabcontent' id='Profiles'>
<div class='profile_header'>
<span class='page_title'>Profile Page</span>
<hr class='page_title_hr'>
<div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>Basic Infos</div>
<div class='profile-datas-container'>
<table>
<tr>
<td>Username:</td>
<td id='profileUsername'>{$username}</td>
<td>
<a class='prov-delete-prof'>Delete</a>
<a class='edit-data'>Edit</a>
</td>
</tr>
<tr>
<td>User ID:</td>
<td>{$id}</td>
<td></td>
</tr>
<tr>
<td>Priority:</td>
<td id='priority'>unknow</td>
<td></td>
</tr>
<tr>
<td>Joined:</td>
<td>{$timestamp}</td>
<td></td>
</tr>
<tr>
<td>Status:</td>
<td><span class='prof-status'>active<span></td>
<td></td>
</tr>
</table>
</div>
</div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>General</div><br>
<div class='profile-datas-container'>
<table>
<tr>
<td>Real Name:</td>
<td>{$realname}</td>
<td></td>
</tr>
<tr>
<td>Email:</td>
<td>{$email}</td>
<td></td>
</tr>
<tr>
<td>Second Email:</td>
<td>".$second_email."</td>
<td></td>
</tr>
<tr>
<td>Age:</td>
<td>".$age."</td>
<td></td>
</tr>
<tr>
<td>Sex:</td>
<td>".$sex."</td>
<td></td>
</tr>
<tr>
<td>Country:</td>
<td>".$country."</td>
<td></td>
</tr>
<tr class='exception-border'>
<td>City:</td>
<td>".$city."</td>
<td></td>
</tr>
</table>
</div>
</div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>Security</div>
<div class='profile-datas-container'>
<table>
<tr>
<td>New Email:</td>
<td>Changes to this email address are delayed by 1 week.</td>
<td class='edit-data'>Get</td>
</tr>
<tr>
<td>New Password</td>
<td>unknown</td>
<td class='edit-data'>Get</td>
</tr>
<tr>
<td>New Passkey:</td>
<td>Unavailable</td>
<td class='edit-data'>Get</td>
</tr>
<tr>
<td>2FA:</td>
<td>Disabled</td>
<td></td>
</tr>
</table>
</div>
</div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>Advanced</div>
<div class='profile-datas-container'>
<table>
<tr>
<td>Activation Code:</td>
<td>6058bf4fa2c2a</td>
<td></td>
</tr>
<tr>
<td>Beta Program:</td>
<td>Disabled</td>
<td class='edit-data'>Enable</td>
</tr>
</table>
</div>
</div>
</section>
</main>
";
} else {
echo "
<section class='prfileMenu tabcontent' id='Profiles'>
<div class='profile_header'>
<span class='page_title'>Error: 404</span>
<hr class='page_title_hr'>
<div>
<div class='centered-tag'>
<h1 class='error-blank'>404</h1>
<p>Page not found</p>
<span>The page you're looking for may have been removed, renamed, or temporarily unavailable. </span>
<div class='forbidden-backto-button-container'>
<a>Back to Dashboard</a>
</div>
</div>
</div>
</div>
</section>
</main>
";
}
?>
<script src='/admin/includes/assets/js/adminrank.js'></script>
<script src='/admin/includes/assets/js/productivity_meter.js'></script>
<?php
require_once($_SERVER['DOCUMENT_ROOT'].'/admin/includes/footer.php'); ?>
您必须将 $id 绑定到您的查询并检查它之前是否存在 $_GET["id"]
if (isset($_GET['id']) && $_GET['id'] != "") {
$id = $_GET['id'];
} else {
$id = $_SESSION['user_id'];
}
$stmt = $con->prepare('SELECT username, realname, password, email, second_email, sex, age, country, city, timestamp FROM accounts WHERE id = ?');
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->bind_result($username, $realname, $password, $email, $second_email, $sex, $age, $country, $city, $timestamp);
$stmt->fetch();
$stmt->close()
;
我有一个 PHP login/register 系统,它工作正常。我还有一个 profile.php 页面,用于显示当前登录用户的信息。现在,我想这样做,如果用户登录并转到 profile.php,他们将看到他们自己的个人资料页面及其信息,但如果用户导航到 profile.php?id=2 页面,他们必须查看 ID 为 2 的配置文件。它几乎完成了,但是当我更改 id?=2 时,只有 ID 发生了变化。知道为什么它不起作用吗?
profile.php 代码:
<?php
session_start();
// If the user is not logged in redirect to the login page...
if (!isset($_SESSION['loggedin'])) {
header('Location: /admin/index.php');
exit;
}
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'root';
$DATABASE_PASS = '';
$DATABASE_NAME = 'phplogin';
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if (mysqli_connect_errno()) {
exit('Failed to connect to MySQL: ' . mysqli_connect_error());
}
$stmt = $con->prepare('SELECT username, realname, password, email, second_email, sex, age, country, city, timestamp FROM accounts WHERE id = ?');
$stmt->bind_param('i', $_SESSION['id']);
$stmt->execute();
$stmt->bind_result($username, $realname, $password, $email, $second_email, $sex, $age, $country, $city, $timestamp);
$stmt->fetch();
$stmt->close();
if (isset($_GET['id']) && $_GET['id'] != "") {
$id = $_GET['id'];
} else {
$id = $_SESSION['user_id'];
}
$mysqli = $con;
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
## query database
# fetch data from mysql database
$sql = "SELECT * FROM accounts WHERE id = {$id} LIMIT 1";
if ($result = $mysqli->query($sql)) {
$user = $result->fetch_array();
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
require_once($_SERVER['DOCUMENT_ROOT'].'/admin/includes/header.php');
if ($result->num_rows == 1) {
echo "
<section class='prfileMenu tabcontent' id='Profiles'>
<div class='profile_header'>
<span class='page_title'>Profile Page</span>
<hr class='page_title_hr'>
<div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>Basic Infos</div>
<div class='profile-datas-container'>
<table>
<tr>
<td>Username:</td>
<td id='profileUsername'>{$username}</td>
<td>
<a class='prov-delete-prof'>Delete</a>
<a class='edit-data'>Edit</a>
</td>
</tr>
<tr>
<td>User ID:</td>
<td>{$id}</td>
<td></td>
</tr>
<tr>
<td>Priority:</td>
<td id='priority'>unknow</td>
<td></td>
</tr>
<tr>
<td>Joined:</td>
<td>{$timestamp}</td>
<td></td>
</tr>
<tr>
<td>Status:</td>
<td><span class='prof-status'>active<span></td>
<td></td>
</tr>
</table>
</div>
</div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>General</div><br>
<div class='profile-datas-container'>
<table>
<tr>
<td>Real Name:</td>
<td>{$realname}</td>
<td></td>
</tr>
<tr>
<td>Email:</td>
<td>{$email}</td>
<td></td>
</tr>
<tr>
<td>Second Email:</td>
<td>".$second_email."</td>
<td></td>
</tr>
<tr>
<td>Age:</td>
<td>".$age."</td>
<td></td>
</tr>
<tr>
<td>Sex:</td>
<td>".$sex."</td>
<td></td>
</tr>
<tr>
<td>Country:</td>
<td>".$country."</td>
<td></td>
</tr>
<tr class='exception-border'>
<td>City:</td>
<td>".$city."</td>
<td></td>
</tr>
</table>
</div>
</div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>Security</div>
<div class='profile-datas-container'>
<table>
<tr>
<td>New Email:</td>
<td>Changes to this email address are delayed by 1 week.</td>
<td class='edit-data'>Get</td>
</tr>
<tr>
<td>New Password</td>
<td>unknown</td>
<td class='edit-data'>Get</td>
</tr>
<tr>
<td>New Passkey:</td>
<td>Unavailable</td>
<td class='edit-data'>Get</td>
</tr>
<tr>
<td>2FA:</td>
<td>Disabled</td>
<td></td>
</tr>
</table>
</div>
</div>
<div class='profile-container-wrapper'>
<div class='prof-datas-title'>Advanced</div>
<div class='profile-datas-container'>
<table>
<tr>
<td>Activation Code:</td>
<td>6058bf4fa2c2a</td>
<td></td>
</tr>
<tr>
<td>Beta Program:</td>
<td>Disabled</td>
<td class='edit-data'>Enable</td>
</tr>
</table>
</div>
</div>
</section>
</main>
";
} else {
echo "
<section class='prfileMenu tabcontent' id='Profiles'>
<div class='profile_header'>
<span class='page_title'>Error: 404</span>
<hr class='page_title_hr'>
<div>
<div class='centered-tag'>
<h1 class='error-blank'>404</h1>
<p>Page not found</p>
<span>The page you're looking for may have been removed, renamed, or temporarily unavailable. </span>
<div class='forbidden-backto-button-container'>
<a>Back to Dashboard</a>
</div>
</div>
</div>
</div>
</section>
</main>
";
}
?>
<script src='/admin/includes/assets/js/adminrank.js'></script>
<script src='/admin/includes/assets/js/productivity_meter.js'></script>
<?php
require_once($_SERVER['DOCUMENT_ROOT'].'/admin/includes/footer.php'); ?>
您必须将 $id 绑定到您的查询并检查它之前是否存在 $_GET["id"]
if (isset($_GET['id']) && $_GET['id'] != "") {
$id = $_GET['id'];
} else {
$id = $_SESSION['user_id'];
}
$stmt = $con->prepare('SELECT username, realname, password, email, second_email, sex, age, country, city, timestamp FROM accounts WHERE id = ?');
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->bind_result($username, $realname, $password, $email, $second_email, $sex, $age, $country, $city, $timestamp);
$stmt->fetch();
$stmt->close()
;