drcmg28484 2013-03-19 09:59
浏览 19
已采纳

如何防止登录用户删除其他用户的帖子?

I have a problem, I can not prevent a logged in user to delete post by others users? In my code now, I can delete all users posts, but I want to be able to only delete my posts (the logged in user posts). Can somebody help me in the right direction on how to do that?

<div class="deletebtn"><a href="../delete/delete.php?id=' . $row['id'] . '"class=\"icon-2 info-tooltip\">Delete post</a></div>



$id=$_GET['id'];

$sql="DELETE FROM shouts WHERE id='$id'";
$result=mysql_query($sql);

if($result)
{
    echo('<div class="deletedpost">You have deleted a post. <a href="../pages/content.php">Tillbaka till Bloggen</a></div>');
}
else 
{
    echo "Something went wrong";
}
mysql_close();

Im using a href in one file, linking to another file where a use Sql code.

  • 写回答

5条回答 默认 最新

  • dtukyb8095 2013-03-19 10:03
    关注

    you can do this via session

    check if user is logged in or not. if logged in then delete the post

    if(isset($_SESSION['user']))
{
    //delete post
}

    Store userId in your table and update your delete query like this...

    $sql="DELETE FROM shouts WHERE id='$id' and userId = '$_SESSION[user]'";
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(4条)

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效