and it's linked to a 'confirm comment deleted page. Ideally I would like it to just become erased and have the page reload with it gone, and then send it to my db marked as dead.
Basically, users have a profile which allows other users to make comments.With the help of PHP I would like to be able to have the delete button only show up when a users is looking at their profile.
This is what I have so far:
$query = "SELECT * FROM `ProfileComments` WHERE `ToUserID` = '".$prof->id."' ORDER BY `date` DESC, `time` DESC LIMIT 10";
$request = mysql_query($query,$connection);
while($result = mysql_fetch_array($request)) {
$poster = new User($result['FromUserID']);
echo "<div id='CommentProfile'>";
echo "<div id='CommentPhotoProfile'>";
echo "<a href='http://www.blahblah.org/Profile.php?id=".$poster->id."'>";
echo "<img src='" . $poster->img('mini') . "' border='0'/>";
echo "</a>";
echo "</div>";
echo "<div id='ProfileCommentBody' class= 'round_10px'>";
echo "<div id='CommentNameProfile'>";
echo "<div class='ProfileCommentTail'> </div>";
echo "<a href='http://www.blahblah.org/Profile.php?id=".$poster->id."'>";
echo $poster->first_name. " ". $poster->last_name. " <span style='font-weight:normal'>says...</span>";
echo "</a>";
echo "</div>";
echo stripslashes(nl2br($result['commentProfileBody']));
echo "<div id='CommentInfoProfile'>";
echo date('M d, Y',strtotime($result['date']));
echo " at " . date('g:i A',strtotime($result['time']));
if ($prof->id == $prof->id)
echo "<a href='http://www.blahblah.org/DeleteComment.php?id=".$prof->id."'>";
echo " delete";
echo "</a>";
echo "</div>";
echo "</div>";
echo "</div>";
}
?>
I have asked this question a couple of times today and either gotten vague answers(which is partly my fault because I did not give enough example code which hopefully the above is enough) or I have gotten talked down to,questioned about my ability or told to go hire a developer. haha. So if you are a more experienced developer who wants to share their knowlege with an up and coming developer that would be GREATLY appreciated. Afterall is that not one of the purposes of this site?
开发者_开发问答If you don't have the time to explain this to me, a link to a great tutorial or resource that can help me find my way would be amazing! thank you.
Try changing the line:
if ($prof->id == $prof->id)
to
if ($poster->id == $prof->id)
so that the delete link only shows up when the profile belongs to the poster.
What exactly is the problem here? It looks like you've got the 'delete' link set up properly, now all you need to do is create that DeleteComment
page. In it, you would do something like this:
$id = $_GET['id']; // make sure to sanitize this variable
mysql_query("DELETE FROM ProfileComments WHERE id=$id");
header('location:'.$_SERVER['REQUEST_URI']); // redirect to last page
Others might also recommend that you use POST
rather than GET
for reasons I don't feel like getting into here (spiders might "click" it). And you'll probably want to make sure users are logged in or something like that too. And REQUEST_URI
isn't reliable either supposedly, because it depends on the client's browser sending that information to you. You can get around this by saving the last URL in a session or something like that.
if ($prof->id == $prof->id)
echo "<a href='http://www.blahblah.org/DeleteComment.php?id=".$prof->id."'>";
this should always result to true.
looks like you need
if ($logged_in_user->id == $prof->id)
echo "<a href='http://www.blahblah.org/DeleteComment.php?id=".$prof->id."'>";
i should also note that the id you're passing to your delete link is the id of the profile instead of the comment itself. you probably don't want to delete a whole profile here.
if ($prof->id == $prof->id)
This will always be true. Did you mean:
if ($prof->id == $poster->id)
I'm assuming $prof
is the profile of the logged-in user. If this isn't the case, you'll need to use something else here! (Please indicate what variables are if it's not clear in code samples, it'll help us help you)
Be sure to recheck this in DeleteComment.php
- just because there's no button doesn't mean an enterprising hacker won't make one for themselves!
Also,
echo "<a href='http://www.blahblah.org/DeleteComment.php?id=".$prof->id."'>";
If I understand your variables correctly, $prof
is the logged-in user profile; not the comment. So this has no way of specifying what comment needs to be deleted; only the currently logged-in user. You may want to pass in the comment's ID instead - since you didn't post your schema, I can't give specific code here though.
精彩评论