doujiongqin0687 2014-12-18 07:43
浏览 36
已采纳

Codeigniter - 仅允许特定用户编辑/删除帖子

Im trying to do so that only the author of the post can edit and delete it from the list where it is shown.

this is my view:

<?php if (($this->session->userdata('logged_in')==TRUE)) { ?>
                <a href="<?php echo site_url("edit/$data[id_post]")?>" type="button">edit</a>
                <a href="<?php echo site_url("delete/$data[id_post]")?>" type="button">delete</a>
                <?php } ?>

The above code makes sure that only logged in users can actually edit the post, however they can edit all posts, and not only their own. In my /create i have made a hidden field, so that my posts are saved with the id of the author, so that relationship works just fine. However my question is, how do i make sure that authors only can edit their own posts?

Thanks!

Update:

Here is the Contoller

public function index()
{
    if (($this->session->userdata('id')!=NULL)) 
    {       
    $data['view'] = $this->home_model->list_data();
    $created_by_sql = $this->db->query('SELECT id FROM user JOIN post ON user.id=post.id_user');
    if ($created_by_sql->num_rows() > 0)
    {
      foreach ($created_by_sql ->result() as $row)
      {
         $user_id = $row->id;
      }
    }
    $data["user_id"] = $user_id;
    $this->load->view('home_table',$data);

Here is model

public function list_data()
{   
    $this->db->select('*');
    $this->db->from('post as p');
    $this->db->join('user as u', 'p.id_user = u.id');
    $this->db->order_by("p.id_post", "desc");
    $query = $this->db->get(); 
    return $query->result_array();
}

And this is my View

<?php foreach($view as $data): ?>
<?php if (!empty($data['source'])) { ?>
     <div class="sumber">anda<?php echo $data['source'];?></div>
<?php } ?>
<?php if ($this->session->userdata('logged_in')==TRUE AND $user_id == $this->session->userdata('id')) { ?>
    <a href="<?php echo site_url("edit/$data[id_post]")?>" type="button">edit</a>
    <a href="<?php echo site_url("delete/$data[id_post]")?>" type="button">delete</a>
    <?php } else { echo 'id user not same with iduser_Login';} ?>`
<?php endforeach; ?>
  • 写回答

2条回答 默认 最新

  • du2986 2014-12-18 07:48
    关注

    First, You should put id of user into the session and You should insert one more if clause inside the the first if clause and check whether the authorid of article is equal to id of the user in the session.

    --UPDATE--

    According to the comments above, you should:

    Inside the controller:

    $created_by_sql = $this->db->query('SELECT id FROM user JOIN post ON user.id=post.id_user');
if ($created_by_sql->num_rows() > 0)
{
  foreach ($created_by_sql ->result() as $row)
  {
     $user_id = $row->id;
  }
}

$data["user_id"] = $user_id;

$this->load->view('home_table',$data);

    Inside the view:

    if($user_id == $this->session->userdata('id'))
{
  //delete button
}

    --UPDATE 2--

    We must reorganize the logic. First, in the controller:

    //get the posts:
$posts = array();
$sql = $this->db->query("select id AS post_id, title as post_title, id_user as user_id from post"); //please edit query to fit your needs
foreach($sql->result() as $row)
{
  $posts[] = $row; //now, each post row carries user_id of its author.
}

//send data to view:
$data["posts"] = $posts;
$data["current_user_id"] = $this->session->userdata('id');


//load view
$this->load->view('home_table',$data);

    Inside the view, we should print posts as follow:

    <?php 
for($i = 0; $i < count($posts); $i++)
{ 
    echo $posts[$i]["post_title"]; echo " | ";

    //compare 
    if($post[$i]["user_id"] == $current_user_id)
    {
        echo "CAN DELETE";
    }
    echo "<br />";
}
?>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 下图接收小电路,谁知道原理
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度