php - 在php中通过ID显示用户个人资料数据

Question

我已经设置了整个 SQL 数据库。

个人资料页面已经可以使用，但现在它只显示登录者的个人资料信息。

我想将其设置为 profile.php?ID=1，以便任何人都可以查看数据库中的任何配置文件。

我尝试了几个不同的教程，并查看了这里其他人给出的答案，但我仍然无法让它工作。我被困住了。

 <?php
session_start();
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$colname_Recordset1 = "-1";
if (isset($_SESSION['MM_Username'])) {
  $colname_Recordset1 = $_SESSION['MM_Username'];
}
mysql_select_db($database_login_form, $login_form);
$query_Recordset1 = sprintf("SELECT * FROM users WHERE username = %s", GetSQLValueString($colname_Recordset1, "text"));
$Recordset1 = mysql_query($query_Recordset1, $login_form) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);

    include 'logout_script.php';
?>

Answer 1

尝试下面的代码。我已经标注了重要部分:

session_start();
// Try making a class that has a more current database connection
// mysql_ doesn't cut it anymore. This is just a basic example
class   Database
    {
        private static $singleton;
        private function __construct()
            {
            }

        public  static  function connect($host = "host",$user = "user",$pass="password",$db = "database_name")
            {
                if(!empty(self::$singleton))
                    return self::$singleton;

                try {
                        self::$singleton    =   new mysqli($host,$user,$pass,$db);
                    }
                catch(Exception $e) {
                        die($e);
                    }

                return self::$singleton;
            }
    }

// Create a fetch user function to make your querying easier on you
function get_user($userid = false)
    {
        $con    =   Database::connect();
        $user   =   (!$userid)? "":" where ID = ?";

        if($query = $con->prepare("select * from users{$user}")) {
            /* bind parameters for markers */
            $query->bind_param("s", $userid);
            /* execute query */
            $query->execute();
            /* bind result variables */
            $result = $query->get_result();
            if($result) {
                while($row = $result->fetch_assoc())
                    {
                        $new[]  =   $row;
                    }
                }

                $query->close();
            }

        return (empty($new))? 0 : $new;
    }

// First check if an id is set and if it's a number
if(!empty($_GET['ID']) && is_numeric($_GET['ID']))
    $userid =   $_GET['ID'];
// If not, try and get the logged in user id
elseif(!empty($_SESSION['ID']))
    $userid =   $_SESSION['ID'];
// Set as false (for error purposes)
else
    $userid =   false;

// IF not false
if($userid)
    //get the profile
    $profile    =   get_user($userid);

// If empty, let user know
if($profile == 0)
    echo 'Profile doesn\'t exist.';
// If good, include profile page
else
    include("profile.php");

// No reference for this so, not sure what this does
include 'logout_script.php';