dongqing904999 2013-10-08 01:42
浏览 42
已采纳

Php / Mysql如何用post插入当前用户

I'm rather new to php and mysql, but I've managed to achieve a lot over the past weeks. I currently have a form that users fill out, and it stores the category and contents they provide.

Additionally, in order to create users I've followed this tutorial ( http://www.wikihow.com/Create-a-Secure-Login-Script-in-PHP-and-MySQL ) and have working user accounts and security linked with the page. This may be a simple question but I'm a bit stumped with how to link up a feature I need.

In short I want the insert line from my send_post.php to detect the currently logged in user and store it in a row called "contributor" or the like.

mysqli_query($connect,"INSERT INTO mytable (category, contents, date)
VALUES ('$_POST[category]', '$_POST[contents]', NOW())");

So it obviously needs to be (category, contents, date, contributor) but I'm not sure how to pull the currently logged in username and define it as 'contributor' in my send_post.php

[Via the tutorial, usernames are stored in a separate table named 'members' along with their numerical ID, email, hashed password, and salt. I know how to call that information but no idea how to get the current user.]

Here is the full send_post.php

<?php
include 'db_connect.php';
include 'functions.php';
sec_session_start();
if(login_check($mysqli) == true) {

//Connecting to sql db.
$connect=mysqli_connect("localhost","mydbusername","mydbpass","mysqldb");

header("Location: http://mysite.com/1.php");

if (mysqli_connect_errno()) { echo "Fail"; } else { echo "Success"; }

//Sending form data to sql db.
mysqli_query($connect,"INSERT INTO mytable (category, contents, date)
VALUES ('$_POST[category]', '$_POST[contents]', NOW())");

} else {
   echo 'Access denied. <br/>';
}

?>

I would be very grateful and upvote for any help. Thanks

Edit, Current send_post.php

<?php
include 'db_connect.php';
include 'functions.php';
sec_session_start();
if(login_check($mysqli) == true) {

//Connecting to sql db.
$connect=mysqli_connect("localhost","myusername","mypassword","mysqldb");

header("Location: http://mysite.com/1.php");

if (mysqli_connect_errno()) { echo "Fail"; } else { echo "Success"; }

$stmt = $mysqli -> prepare('INSERT INTO mytable (category, contents, date, userid) 
                            VALUES (?,?,NOW(),?)');
$stmt -> bind_params('ssi', $_POST['category'], $_POST['contents'], $_SESSION['user_id']);
$stmt -> execute();


} else {
   echo 'Access denied. <br/>';
}

?>

EDIT 2, Errors: (actually I got 3)

[07-Oct-2013 21:05:54] PHP Fatal error: Call to undefined method mysqli_stmt::bind_params() in /home2/mememe/public_html/mysite/send_post.php on line 22

[07-Oct-2013 21:05:54] PHP Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home2/mememe/public_html/mysite/index_3.php:7) in /home2/mememe/public_html/mysite/functions.php on line 12

[07-Oct-2013 21:05:54] PHP Warning: session_regenerate_id() [function.session-regenerate-id]: Cannot regenerate session id - headers already sent in /home2/mememe/public_html/mysite/functions.php on line 13

Edit 3: echo returns

Array ( [user_id] => 3 [username] => THEUSERNAME [login_string] => tons of hash infor like 4eb86947c8007ef1d0bb658168a76affa5c666518d3b58d76bf3040dc36d7a399c6c110a8c7f0d9f03d2b4d63271bd1335c61311edb152670f010f04583e7578 )

  • 写回答

1条回答 默认 最新

  • duanmajing9332 2013-10-08 01:57
    关注

    By following that tutorial your current user id is stored in

    $_SESSION['user_id']
    

    The tutorial's login functions are here

    You need to add a userid field in you MySQL table called "mytable"

    then execute an SQL statement like this.

    $stmt = $mysqli -> prepare('INSERT INTO mytable (category, contents, date, userid) 
                                VALUES (?,?,NOW(),?)');
    $stmt -> bind_param('ssi', $_POST['category'], $_POST['contents'], $_SESSION['user_id']);
    $stmt -> execute();
    

    EDIT

    After reading the tutorial more they cleared the $_SESSION['user_id'] when executing login_check($mysqli) so before you call that insert

    $userId = $_SESSION['user_id'];
    

    Your code should be like this

    <?php
    include 'db_connect.php';
    include 'functions.php';
    sec_session_start();
    
    $userId = $_SESSION['user_id'];
    if(login_check($mysqli) == true) {
    
    //Connecting to sql db.
    $connect=mysqli_connect("localhost","mydbusername","mydbpass","mysqldb");
    
    header("Location: http://mysite.com/1.php");
    
    if (mysqli_connect_errno()) { echo "Fail"; } else { echo "Success"; }
    
    //Sending form data to sql db.
    $stmt = $mysqli -> prepare('INSERT INTO mytable (category, contents, date, userid) 
                                VALUES (?,?,NOW(),?)');
    $stmt -> bind_param('ssi', $_POST['category'], $_POST['contents'], $userId);
    $stmt -> execute();
    $stmt -> close();
    
    } else {
       echo 'Access denied. <br/>';
    }
    
    ?>
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于IMageEnView 图标定位问题
  • ¥20 求解答(matlab)
  • ¥30 ffmpeg库使用过程中遇到的问题
  • ¥15 pyqt5 中python如何通过Qtwebchannel主动发消息给web前端
  • ¥15 关于HTML中title获取xml内容的问题
  • ¥15 fanuc机器人PRIO083数字信号未复原错误,如何解决?
  • ¥20 如何为现有电路板增加远程控制功能
  • ¥15 UE5打包失败,求解决
  • ¥15 请问STM32G431的CANOPEN协议函数怎么写
  • ¥15 graphpad prism 三因素重复测定报错