我的已读消息页面显示多条消息，而不是一条 PHP

Question

我在PHP做了一个私信系统。它有点工作，写入、发送、读取和回复工作。

但是有一个问题。如果我按下我想在收件箱或发件箱中阅读的特定消息（不管哪个），我的页面应该只显示我按下的特定消息，显示 inbox/outbox 中的所有消息。在我的页面上看起来像这样 ->

From:testing@l.seSubject:hello Message:Testing 这个.. From:testing@l.se Subject:hello 消息：test From:testing@l.se主题：hej 消息：skicka :回复

正如你们所看到的，它是连续的所有消息。编辑：属于正确用户的消息。所以它不是属于不同用户的消息。

我的消息 sql 是

id int(11) AI PK 
from_user varchar(45) 
to_user varchar(45) 
subject varchar(400) 
message text 
date date 
read tinyint(4)

我很确定我的错误应该在

这里的某处

read.inc.php

<?php 

$user = $_SESSION['username'];

 $sql = "SELECT * FROM private_messages WHERE to_user = '$user'";

     $stmt = $dbh->prepare($sql);

     $stmt->execute();

     ?>

     <?php

     if ($stmt->rowCount() > 0){

         echo "<table";
         echo "<tr>";

        while ($rows = $stmt->fetch(PDO::FETCH_ASSOC)){
            $id = $rows['id'];
            $to_user = $rows['to_user'];
            echo "<td>";
     ?>
     <?php
        echo "<td>From:";
        echo "</td>";
        echo "<td>";
        echo "".$from = $rows['from_user']."";
        echo "</td>";
        echo "</tr>";
        echo "<tr>";
        echo "<td>";
        echo "Subject:";
        echo "<td>";
        echo "<td>";
        echo "".$subject = $rows['subject']."";
        echo "</td>";
        echo "</tr>";
        echo "<tr>";
        echo "<td>";
        echo "Message:";    
        echo "<td>";
        echo "".$message = $rows['message']."";
        echo "</td>";
        echo "</tr>";   

        }

         echo "<tr>";
         echo "<td colspan='2'><a href='messages.php?
      id=compose&mid=$id&subject=RE:$subject&to=$from'>Reply Message</a>
       </td>";
         echo "</tr>";
         echo "</table>";

  if ($to_user==$user) {

  $stmt = $dbh->prepare("UPDATE `private_messages` SET `read`=1 WHERE 
  `id`=id");

        $a = 1;
        $stmt->bindParam(':1',$a);
        $stmt->bindParam(':id',$id);

        } 

     } else {
        echo "You cant see the conversation..";
     }

?>

如果有人想看，我也会粘贴收件箱和发件箱。

这是outbox.inc.php

    <?php
$user = $_SESSION[ 'username' ];

$sql = "SELECT * FROM private_messages WHERE from_user = '$user'";

$stmt = $dbh->prepare( $sql );


$stmt->execute();

?>
<?php

if ( $stmt->rowCount() > 0 ) {

    ?>

<!doctype html>
<html>

<head>
    <meta charset="utf-8">
    <title>Untitled Document</title>
</head>

<body>
    <?php
    echo "<table>";
    echo "<tr>";
    echo "<td>&nbsp;";
    echo "</td>";
    echo "<td>to: </td>";
    echo "<td>subject: </td>";
    echo "<td>Date: </td>";
    echo "</tr>";

    while ( $rows = $stmt->fetch( PDO::FETCH_ASSOC ) ) {
        $id = $rows[ 'id' ];
        ?>
    <?php
    echo "<tr>";
    echo "<td>&nbsp;</td>";
    echo "<td>" . $from = $rows[ 'to_user' ] . "</td>";
    echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject = $rows[ 
   'subject' ] . "</a></td>";
    echo "<td>" . $date = $rows[ 'date' ] . "</td>";
    echo "<tr>";

    }
    }
    else {

        echo "<table> <tr align='left'> <td> </td> <td>to_user: </td><td> 
  Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not send a 
   message </th></tr></table>";

    }

    echo "</table>";
    ?>
</body>
</html>

最后我的

inbox.inc.php

    <?php
$user = $_SESSION[ 'username' ];

$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";

$stmt = $dbh->prepare( $sql );

$stmt->bindValue( ':to_user', $_SESSION[ 'username' ], PDO::PARAM_INT );

$stmt->execute();


?>
<?php

if ( $stmt->rowCount() > 0 ) {

    ?>
    <!doctype html>
    <html>

    <head>
        <meta charset="utf-8">
        <title>Untitled Document</title>
    </head>

    <body>
        <?php
        echo "<table>";
        echo "<tr>";
        echo "<td>&nbsp;";
        echo "</td>";
        echo "<td>from_user: </td>";
        echo "<td>subject: </td>";
        echo "<td>Date: </td>";
        echo "</tr>";
        // om stmt är större än noll då finns de poster gör då detta
        // skriv ut posterna med en while loop
        while ( $rows = $stmt->fetch(PDO::FETCH_ASSOC)) {
            $id = $rows['id'];

            echo "<tr>";
            echo "<td>&nbsp; </td>";
            echo "<td>" . $from = $rows[ 'from_user' ] . "</td>";
            echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject = 
           $rows[ 'subject'] . "</a></td>";
            echo "<td>" . $date = $rows[ 'date' ] . "</td>";
            echo "<tr>";

        }
        } else {

            echo "<table> <tr align='left'> <td> </td> <td>from_user: </td>
     <td> Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not 
     recive a message </th></tr></table>";

        }
        echo "</table>";
        ?>
    </body>
    </html>

这里有很多代码，抱歉。

/问候罗伯特

Answer 1

您的 read.inc.php 中包含以下内容，它会获取给定用户的所有消息：

$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";`

要仅获取您在收件箱中单击的邮件，您应该使用如下查询：

$sql = "SELECT * FROM private_messages WHERE to_user = '$user' AND id = $mid LIMIT 1";

（其中 $mid 是您从查询字符串中的 $_GET['mid'] 获得的变量）。

那么您将不需要循环，因为您只获取一行。

请注意，像这样在查询中使用变量（尤其是通过查询字符串传输时）是非常糟糕的，并且 can/will 会导致 SQL 注入攻击。像在 inbox.inc.php!

中那样使用绑定变量（使用 bindParam/bindVariable 或在执行中）

我的已读消息页面显示多条消息，而不是一条 PHP

My read message page shows multiple messages instead of one PHP

php

mysql

pdo

chat

read.inc.php

这是outbox.inc.php

inbox.inc.php