php - 我想建立一个博客系统，个人用户可以编辑和删除他的帖子，但这并不是每个用户都可以编辑删除任何用户帖子。

Question

我想建立一个博客系统，个人用户可以编辑和删除他的帖子，但这不起作用，每个用户都可以编辑删除任何用户帖子。我从 user_table 获取用户名并匹配 newsfeeds 表，然后设置一个条件，但它不起作用。那么我该如何解决这个问题

<?php 
///Data display post 
$display_latest_news = mysqli_query($con,"SELECT * FROM `newsfeeds` ORDER BY `news_id` DESC");

while($row = mysqli_fetch_array($display_latest_news))
{
    $news_id = $row['news_id'];
    $news_post= $row['news_post'];
    $news_image = $row['news_image'];
    $news_department= $row['news_department'];
    $news_date = $row['news_date'];
    $news_time= $row['news_time'];
    $username = $row['username'];
    $user_id= $row['user_id'];


    ?>
        <div class="panel panel-default">
                        <div class="panel-heading">
                            <div class="panel-title media">
                                <div class="media-left">
                                    <img class="avator" src="images/mypic.jpg" alt="profile picture" />
                                </div>
                                <div class="media-body">
                                    <a href="#"> <?php echo $username; ?> </a>
                                    <p> 2 Mins </p>
                                </div>
                                 <div class="media-right">

    <?php
$username_collect = mysqli_query($con,"SELECT `username` FROM `newsfeeds` WHERE `username`='$username'");

  while($check_usename = mysqli_fetch_array($username_collect))
  $username_url = $check_usename['username'];
//var_dump($username_url);
//exit();
  {
    if ($username_url) {
       ?>
        <a class="btn btn-default"  href="postedit.php?p_id=<?php echo $news_id;?>"><span class="glyphicon glyphicon-edit"> </span></a>
     <a onclick="return DELETE();" class="btn btn-default" href="postdelete.php?p_id=<?php echo  $news_id;?>"><span class="glyphicon glyphicon-remove"> </span></a>
       <?php        
    }
    else 
    {
         ?>
        <a class="btn btn-default" disabled="disabled" href="postedit.php?p_id=<?php echo $news_id;?>"><span class="glyphicon glyphicon-edit"> </span></a>
     <a onclick="return DELETE();" class="btn btn-default" disabled="disabled" href="postdelete.php?p_id=<?php echo  $news_id;?>"><span class="glyphicon glyphicon-remove"> </span></a>
       <?php 
    }
  }

//var_dump($username);
//exit();
  ?>

Answer 1

如果您在发布数据中包含 user_id，则意味着您正在从 session 或 cookie 中保存该 id，所以假设您需要将 session 中的 user_id 或 cookie 与 相匹配帖子数据中的 user_id

类似的东西

<?php if($_SESSION['user_id'] == $row['user_id']){ ?>
    <a class="btn btn-default"  href="postedit.php?p_id=<?php echo $news_id;?>"><span class="glyphicon glyphicon-edit"> </span></a>
    <a onclick="return DELETE();" class="btn btn-default" href="postdelete.php?p_id=<?php echo  $news_id;?>"><span class="glyphicon glyphicon-remove"> </span></a>

<?php } ?>

希望能解决您的问题!