javascript - 2 个不同的 php 脚本 2 个不同的登录。如何进行一次登录?
问题描述
我有 2 个 PHP 脚本,每个都有自己的注册和登录表单。我希望能够从一个获取用户信息并在另一个上使用它,这样我的成员就不必在第二个 PHP 脚本上注册或登录。下面是两个脚本的登录、注册和注销功能
这是我已经有成员的 PHP 脚本 #1:
#check login from login form
public function login()
{
$this->form_validation->set_rules('useremail','Email','required|xss_clean');
$this->form_validation->set_rules('password','Password','required|xss_clean');
if ($this->form_validation->run() == FALSE)
{
$this->trylogin();
}
else
{
$this->load->model('auth_model');
$query = $this->auth_model->check_login($this->input->post('useremail'),$this->input->post('password'),'result');
if($query->num_rows()>0)
{
$row = $query->row();
if($row->banned==1)
{
$msg = '<div class="alert alert-danger">'.
'<button data-dismiss="alert" class="close" type="button">×</button>'.
'<strong>'.lang_key('user_banned').'</strong>'.
'</div>';
$this->session->set_flashdata('msg', $msg);
redirect(site_url('account/trylogin'));
}
else if($row->confirmed!=1)
{
$msg = '<div class="alert alert-danger">'.
'<button data-dismiss="alert" class="close" type="button">×</button>'.
'<strong>'.lang_key('account_not_confirmed').'</strong>'.
'</div>';
$this->session->set_flashdata('msg', $msg);
redirect(site_url('account/trylogin'));
}
else
{
if(is_admin($row->user_name,$row->user_type))
create_log($row->user_name);
$this->session->set_userdata('user_id',$row->id);
$this->session->set_userdata('user_name',$row->user_name);
$this->session->set_userdata('user_type',$row->user_type);
$this->session->set_userdata('user_email',$this->input->post('useremail'));
if($this->session->userdata('req_url')!='')
{
$req_url = $this->session->userdata('req_url');
$this->session->set_userdata('req_url','');
redirect($req_url);
}
redirect(site_url());
}
}
else
{
$msg = '<div class="alert alert-danger">'.
'<button data-dismiss="alert" class="close" type="button">×</button>'.
'<strong>'.lang_key('email_or_password_not_mathed').'</strong>'.
'</div>';
$this->session->set_flashdata('msg', $msg);
redirect(site_url('account/trylogin'));
}
}
}
#logout a user
public function logout()
{
$this->session->sess_destroy();
redirect(site_url());
}
#loads signup view
public function signup()
{
if(is_loggedin())
{
redirect(base_url());
}
if(get_settings('business_settings','enable_signup','Yes')=='No')
{
redirect(site_url());
}
$data['content'] = load_view('register_view','',TRUE);
$data['alias'] = 'signup';
load_template($data,$this->active_theme);
}
public function takepackage()
{
if(get_settings('business_settings','enable_signup','Yes')=='No')
{
redirect(site_url());
}
$this->form_validation->set_rules('package_id', 'Package id', 'required');
if ($this->form_validation->run() == FALSE)
{
$this->signup();
}
else
{
$package_id = $this->input->post('package_id');
$this->session->set_userdata('package_id',$package_id);
if($this->session->userdata('from')=='facebook')
{
$this->session->set_userdata('from','signup');
redirect(site_url('account/fbauth'));
}
else
redirect(site_url('account/signupform'));
}
}
public function signupform()
{
if(is_loggedin())
{
redirect(base_url());
}
if(get_settings('business_settings','enable_signup','Yes')=='No')
{
redirect(site_url());
}
if($this->session->userdata('package_id')=='')
{
if(get_settings('business_settings','enable_pricing','Yes')=='Yes')
redirect(site_url('account/signup'));
else
$value = array();
}
else
{
$this->load->model('admin/package_model');
$value['package'] = $this->package_model->get_package_by_id($this->session->userdata('package_id'));
}
$data['content'] = load_view('register_view',$value,TRUE);
$data['alias'] = 'signup';
load_template($data,$this->active_theme);
}
#controls different signup method routing
function newaccount($type='',$user_type='business')
{
if(is_loggedin())
{
redirect(base_url());
}
if(get_settings('business_settings','enable_signup','Yes')=='No')
{
redirect(site_url());
}
if($user_type=='business')
$this->session->set_userdata('signup_user_type',2);
else
$this->session->set_userdata('signup_user_type',3);
if($type=='fb')
redirect(site_url('account/fbauth'));
else if($type=='google_plus')
{
redirect(site_url('account/google_plus_auth'));
}
}
#signup form submits to this function
function register()
{
if(is_loggedin())
{
redirect(base_url());
}
if(get_settings('business_settings','enable_signup','Yes')=='No')
{
redirect(site_url());
}
$user_type = $this->input->post('user_type');
$this->form_validation->set_rules('first_name', lang_key('first_name'), 'required|xss_clean');
$this->form_validation->set_rules('last_name', lang_key('last_name'), 'required|xss_clean');
$this->form_validation->set_rules('gender', lang_key('gender'), 'required|xss_clean');
$this->form_validation->set_rules('username', lang_key('username'), 'required|callback_username_check|xss_clean');
$this->form_validation->set_rules('company_name',lang_key('company_name'), 'xss_clean');
$this->form_validation->set_rules('phone',lang_key('phone'), 'xss_clean');
$this->form_validation->set_rules('useremail', lang_key('user_email'), 'required|valid_email|xss_clean|callback_useremail_check');
$this->form_validation->set_rules('password', lang_key('password'), 'required|matches[repassword]|min_length[5]|xss_clean');
$this->form_validation->set_rules('repassword', lang_key('confirm_password'), 'required|xss_clean');
$this->form_validation->set_rules('terms_conditon',lang_key('terms_and_condition'),'xss_clean|callback_terms_check');
$enable_pricing = get_settings('business_settings','enable_pricing','Yes');
if ($this->form_validation->run() == FALSE)
{
$this->signup();
}
else
{
$this->load->library('encrypt');
$userdata['user_type'] = 2;//2 = users
$userdata['first_name'] = $this->input->post('first_name');
$userdata['last_name'] = $this->input->post('last_name');
$userdata['gender'] = $this->input->post('gender');
$userdata['user_name'] = $this->input->post('username');
$userdata['user_email'] = $this->input->post('useremail');
$userdata['password'] = $this->encrypt->sha1($this->input->post('password'));
$userdata['confirmation_key'] = uniqid();
$userdata['confirmed'] = 0;
$userdata['status'] = 1;
$this->load->model('user/user_model');
$user_id = $this->user_model->insert_user_data($userdata);
add_user_meta($user_id,'company_name',$this->input->post('company_name'));
add_user_meta($user_id,'phone',$this->input->post('phone'));
$this->send_confirmation_email($userdata);
$this->load->config('business_directory');
if($this->config->item('send_admin_email_user_signup')=='Yes')
$this->send_admin_notification_email();
redirect(site_url('account/success'));
}
}
这是 PHP 脚本 #2,我没有成员,希望 PHP 脚本 #1 成员无需注册或登录即可访问:
/* USER LOGIN */
public static function is_logged() {
global $db;
if( !isset( $_COOKIE['user-session'] ) ) {
return false;
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT user FROM " . DB_TABLE_PREFIX . "sessions WHERE session = ?" );
$stmt->bind_param( "s", $_COOKIE['user-session'] );
$stmt->bind_result( $id );
$stmt->execute();
$stmt->fetch();
if( !empty( $id ) ) {
$stmt->prepare( "SELECT name, email, avatar, points, credits, ipaddr, privileges, erole, subscriber, last_login, (SELECT COUNT(*) FROM " . DB_TABLE_PREFIX . "stores WHERE user = u.id), visits, valid, ban, date FROM " . DB_TABLE_PREFIX . "users u WHERE id = ?" );
$stmt->bind_param( "i", $id );
$stmt->bind_result( $name, $email, $avatar, $points, $credits, $ip, $privileges, $erole, $subscriber, $last_login, $stores, $visits, $valid, $ban, $date );
$stmt->execute();
$stmt->fetch();
// update action
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET points = IF(last_action < DATE(NOW()), points + ?, points), last_action = NOW() WHERE id = ?" );
$daily_points = \query\main::get_option( 'u_points_davisit' );
$stmt->bind_param( "ii", $daily_points, $id );
$stmt->execute();
$stmt->close();
return (object) array( 'ID' => $id, 'Name' => esc_html( $name ), 'Email' => esc_html( $email ), 'Avatar' => esc_html( $avatar ), 'Points' => $points, 'Credits' => $credits, 'IP' => esc_html( $ip ), 'Privileges' => $privileges, 'Erole' => @unserialize( $erole ), 'Last_login' => $last_login, 'Stores' => $stores, 'Visits' => $visits, 'Date' => $date, 'is_subscribed' => $subscriber, 'is_confirmed' => $valid, 'is_banned' => ( strtotime( $ban ) > time() ? true : false ), 'is_subadmin' => ( $privileges >= 1 ? true : false ), 'is_admin' => ( $privileges > 1 ? true : false ) );
} else {
$stmt->close();
return false;
}
}
}
/* BANNED */
public static function banned( $type = '', $IP = '' ) {
global $db;
switch( $type ) {
case 'registration':
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT COUNT(*) FROM " . DB_TABLE_PREFIX . "banned WHERE ipaddr = ? AND registration = 1" );
$userip = empty( $IP ) ? \site\utils::getIP() : $IP;
$stmt->bind_param( "s", $userip );
$stmt->bind_result( $count );
$stmt->execute();
$stmt->fetch();
$stmt->close();
if( $count > 0 ) return true;
return false;
break;
case 'login':
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT COUNT(*) FROM " . DB_TABLE_PREFIX . "banned WHERE ipaddr = ? AND login = 1" );
$userip = empty( $IP ) ? \site\utils::getIP() : $IP;
$stmt->bind_param( "s", $userip );
$stmt->bind_result( $count );
$stmt->execute();
$stmt->fetch();
$stmt->close();
if( $count > 0 ) return true;
return false;
break;
default:
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT id, redirect_to FROM " . DB_TABLE_PREFIX . "banned WHERE ipaddr = ? AND site = 1 AND ( expiration = 0 OR ( expiration = 1 AND expiration_date > NOW() ) )" );
$userip = empty( $IP ) ? \site\utils::getIP() : $IP;
$stmt->bind_param( "s", $userip );
$stmt->bind_result( $id, $new_location );
$stmt->execute();
$stmt->fetch();
$stmt->close();
if( !empty( $id ) ) return $new_location;
return false;
break;
}
return false;
}
/* USER LOGOUT */
public static function logout() {
global $db;
if( !isset( $_COOKIE['user-session'] ) ) {
return false;
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "DELETE FROM " . DB_TABLE_PREFIX . "sessions WHERE session = ?" );
$stmt->bind_param( "s", $_COOKIE['user-session'] );
$execute = $stmt->execute();
$stmt->close();
if( $execute ) {
return true;
}
return false;
}
}
/* USER LOGIN */
public static function login( $post, $privileges = 0 ) {
global $db;
$session = '';
if( self::banned( 'login' ) ) {
throw new \Exception( t( 'msg_banned', "Sorry, but this action isn't permitted for you at this time." ) );
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT id, password, ban FROM " . DB_TABLE_PREFIX . "users WHERE email = ? AND privileges >= ?" );
$stmt->bind_param( "si", $post['username'], $privileges );
$stmt->bind_result( $id, $password, $ban );
$stmt->execute();
$stmt->fetch();
if( empty( $id ) ) {
// user does not even exist
throw new \Exception( t( 'login_invalid', "Login details are invalid." ) );
} else if( strtotime( $ban ) > time() ) {
// banned user
throw new \Exception( t( 'login_banaccount', "Your account it's banned for security reasons, often for failed login attempts. Please try later." ) );
} else if( (string)$password !== (string) md5( $post['password'] ) ) {
// wrong password
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET fail_attempts = IF(fail_attempts >= " . BAN_AFTER_ATTEMPTS . ", 1, fail_attempts + 1), ban = IF(fail_attempts >= " . BAN_AFTER_ATTEMPTS . ", DATE_ADD(NOW(), INTERVAL " . BAN_AFTER_FAIL . " MINUTE), ban) WHERE email = ?" );
$stmt->bind_param( "s", $post['username'] );
$stmt->execute();
$stmt->close();
throw new \Exception( t( 'login_invalid', "Login details are invalid." ) );
} else {
$session = md5( \site\utils::str_random(15) );
// delete old sessions
$stmt->prepare( "DELETE FROM " . DB_TABLE_PREFIX . "sessions WHERE user = ?" );
$stmt->bind_param( "i", $id );
$stmt->execute();
// insert new session
$stmt->prepare( "INSERT INTO " . DB_TABLE_PREFIX . "sessions SET user = ?, session = ?, expiration = DATE_ADD(NOW(), INTERVAL " . ( isset( $post['keep_logged'] ) ? DEF_USER_SESSION_KL : DEF_USER_SESSION ) . " MINUTE), date = NOW()" );
$stmt->bind_param( "is", $id, $session );
if( !$stmt->execute() ) {
$stmt->close();
throw new \Exception( t( 'msg_error', "Error!" ) );
} else {
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET ipaddr = ?, last_login = NOW(), visits = visits + 1, fail_attempts = 0 WHERE id = ?" );
$userip = \site\utils::getIP();
$stmt->bind_param( "si", $userip, $id );
$stmt->execute();
$stmt->close();
}
}
}
return $session;
}
/* USER REGISTER */
public static function register( $post ) {
global $db;
$session = '';
$max_acc = (int) \query\main::get_option( 'accounts_per_ip' );
if( $max_acc !== 0 && (int) \query\main::users( array( 'ip' => \site\utils::getIP() ) ) >= $max_acc ) {
throw new \Exception( t( 'msg_error', "Error!" ) ); // administrator don't allow that manny accounts
} else if( self::banned( 'registration' ) ) {
throw new \Exception( t( 'msg_banned', "Sorry, but this action isn't permitted for you at this time." ) );
} else if( !isset( $post['email'] ) || !filter_var( $post['email'], FILTER_VALIDATE_EMAIL ) ) {
throw new \Exception( t( 'register_usevalide', "Please use a valid email address." ) );
} else if( !isset( $post['username'] ) ) {
throw new \Exception( t( 'register_complete_name', "Please fill the name." ) );
} else if( !preg_match( '/(^[a-zA-Z0-9 ]{3,25}$)/', $post['username'] ) ) {
throw new \Exception( t( 'register_invalid_name', "The name should not contain special characters, not less than 3 and no more than 25 characters." ) );
} else if( !isset( $post['password'] ) || !isset( $post['password2'] ) ) {
throw new \Exception( t( 'register_paswdreq', "Both passwords are required." ) );
} else if( !preg_match( '/(^[a-zA-Z0-9-_]{5,40}$)/', $post['password'] ) ) {
throw new \Exception( t( 'register_invalid_paswd', "Password should not contain special characters, not less than 5 and no more than 40 characters." ) );
} else if( $post['password'] != $post['password2'] ) {
throw new \Exception( t( 'register_passwdnm', "Passwords do not match!" ) );
} else {
if( !$session = self::insert_user( $post ) ) {
throw new \Exception( t( 'register_accexists', "This email address already exists." ) );
}
return $session;
}
}
/* INSERT USER */
public static function insert_user( $info = array(), $autologin = false, $autovalid = false ) {
/*
** ATTENTION
If $autologin is set to true, login don't require the password !
*/
global $db;
$stmt = $db->stmt_init();
$stmt->prepare( "INSERT INTO " . DB_TABLE_PREFIX . "users (name, email, password, points, ipaddr, last_action, valid, refid, date) VALUES (?, ?, ?, ?, ?, NOW(), ?, ?, NOW())" );
$passwd = isset( $info['password'] ) ? md5( $info['password'] ) : md5( \site\utils::str_random(15) );
$points = (int) \query\main::get_option( 'u_def_points' );
$IPaddr = \site\utils::getIP();
$valid = (int) ( $autovalid ? 1 : (boolean) \query\main::get_option( 'u_confirm_req' ) );
$refid = isset( $_COOKIE['referrer'] ) ? (int) $_COOKIE['referrer'] : 0;
$stmt->bind_param( "sssssii", $info['username'], $info['email'], $passwd, $points, $IPaddr, $valid, $refid );
$execute = $stmt->execute();
if( !$execute && !$autologin ) {
return false;
} else {
$stmt->prepare( "SELECT id FROM " . DB_TABLE_PREFIX . "users WHERE email = ?" );
$stmt->bind_param( "s", $info['email'] );
$stmt->execute();
$stmt->bind_result( $id );
$stmt->fetch();
$session = md5( \site\utils::str_random(15) );
$stmt->prepare( "INSERT INTO " . DB_TABLE_PREFIX . "sessions SET user = ?, session = ?, expiration = DATE_ADD(NOW(), INTERVAL " . DEF_USER_SESSION . " MINUTE), date = NOW()" );
$stmt->bind_param( "is", $id, $session );
$stmt->execute();
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET last_login = NOW(), visits = 1 WHERE id = ?" );
$stmt->bind_param( "i", $id );
$stmt->execute();
if( !$valid ) {
$cofirm_session = md5( \site\utils::str_random(15) );
if( \user\mail_sessions::insert( 'confirmation', array( 'user' => $id, 'session' => $cofirm_session ) ) )
\site\mail::send( $info['email'], t( 'email_acc_title', "Activate account" ) . ' - ' . \query\main::get_option( 'sitename' ), array( 'template' => 'account_confirmation' ), array( 'hello_name' => sprintf( t( 'email_text_hello', "Hello %s" ), $info['username'] ), 'confirmation_main_text' => t( 'email_acc_maintext', "Click on the link bellow to confirm your account." ), 'confirmation_button' => t( 'email_acc_button', "Activate account!" ), 'link' => \site\utils::update_uri( $GLOBALS['siteURL'] . 'verify.php', array( 'user' => $id, 'token' => $cofirm_session ) ) ) );
} else if( $valid && $refid !== 0 ) {
// add points to user who referred the new user
\user\update::add_points( $refid, \query\main::get_option( 'u_points_refer' ) );
}
$stmt->close();
return $session;
}
}
/* USER RECOVERY PASSWORD */
public static function recovery_password( $post, $path = '', $privileges = 0 ) {
global $db;
if( !isset( $post['email'] ) || !filter_var( $post['email'], FILTER_VALIDATE_EMAIL ) ) {
throw new \Exception( t( 'register_usevalide', "Please use a valid email address." ) );
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT id FROM " . DB_TABLE_PREFIX . "users WHERE email = ? AND privileges >= ?" );
$stmt->bind_param( "si", $post['email'], $privileges );
$stmt->bind_result( $user );
$execute = $stmt->execute();
$stmt->fetch();
$stmt->close();
if( !$execute || empty( $user ) ) {
throw new \Exception( t( 'fp_unkwacc', "Sorry, we couldn't find this account in our database." ) );
} else {
$session = md5( \site\utils::str_random(15) );
if( \user\mail_sessions::insert( 'password_recovery', array( 'user' => $user, 'session' => $session ) ) ) {
// send email
if( \site\mail::send( $post['email'], t( 'email_reset_title', "Reset your password" ) . ' - ' . \query\main::get_option( 'sitename' ), array( 'template' => 'password_reset', 'path' => $path ), array( 'reset_main_text' => t( 'email_reset_maintext', "Click on the link bellow to reset your password." ), 'reset_button' => t( 'email_reset_button', "Reset password!" ), 'link' => \site\utils::update_uri( '', array( 'uid' => $user, 'session' => $session ) ) ) ) )
return true;
}
throw new \Exception( t( 'msg_error', "Error!" ) );
}
}
}
/* RESET PASSWORD */
public static function reset_password( $id, $post ) {
global $db;
if( !isset( $post['password1'] ) || !preg_match( '/(^[a-zA-Z0-9-_]{5,40}$)/', $post['password1'] ) ) {
throw new \Exception( t( 'reset_pwd_wrong_np', "Password should not contain special characters, not less than 5 and no more than 40 characters." ) );
} else if( !isset( $post['password1'] ) || !isset( $post['password2'] ) || $post['password1'] != $post['password2'] ) {
throw new \Exception( t( 'reset_pwd_pwddm', "Passwords do not match!" ) );
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET password = ? WHERE id = ?" );
$password = md5( $post['password1'] );
$stmt->bind_param( "si", $password, $id );
$execute = $stmt->execute();
$stmt->close();
if( !$execute ) throw new \Exception( t( 'msg_error', "Error!" ) );
}
}
/* CHANGE PASSWORD */
public static function change_password( $id, $post ) {
global $db;
if( !isset( $post['new'] ) || !preg_match( '/(^[a-zA-Z0-9-_]{5,40}$)/', $post['new'] ) ) {
throw new \Exception( t( 'change_pwd_wrong_np', "Password should not contain special characters, not less than 5 and no more than 40 characters." ) );
} else if( !isset( $post['new'] ) || !isset( $post['new2'] ) || $post['new'] != $post['new2'] ) {
throw new \Exception( t( 'change_pwd_pwddm', "Passwords do not match!" ) );
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "SELECT password FROM " . DB_TABLE_PREFIX . "users WHERE id = ?" );
$stmt->bind_param( "i", $id );
$stmt->bind_result( $password );
$stmt->execute();
$stmt->fetch();
if( md5( $post['old'] ) == $password ) {
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET password = ? WHERE id = ?" );
$new = md5( $post['new'] );
$stmt->bind_param( "si", $new, $id );
$execute = $stmt->execute();
$stmt->close();
if( $execute ) {
return true;
} else throw new \Exception( t( 'msg_error', "Error!" ) );
} else {
$stmt->close();
throw new \Exception( t( 'change_pwd_wrongpwd', "Your current password it's wrong!" ) );
}
}
}
/* EDIT PROFILE */
public static function edit_profile( $id, $post ) {
global $db;
if( !isset( $post['username'] ) ) {
throw new \Exception( t( 'profile_complete_name', "Please fill the name." ) );
} else if( !preg_match( '/(^[a-zA-Z0-9 ]{3,25}$)/', $post['username'] ) ) {
throw new \Exception( t( 'profile_invalid_name', "The name should not contain special characters, not less than 3 and no more than 25 characters." ) );
} else {
$avatar = \site\images::upload( $_FILES['edit_profile_form_avatar'], 'avatar_', array( 'max_size' => 1024, 'max_width' => 600, 'max_height' => 600, 'current' => $GLOBALS['me']->Avatar ) );
$stmt = $db->stmt_init();
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET name = ?, avatar = ?, subscriber = ? WHERE id = ?" );
$subscriber = ( isset( $post['subscriber'] ) ? 1 : 0 );
$stmt->bind_param( "ssii", $post['username'], $avatar, $subscriber, $id );
$execute = $stmt->execute();
$stmt->close();
if( $execute ) {
return (object) array( 'avatar' => $avatar );
} else {
throw new \Exception( t( 'msg_error', "Error!" ) );
}
}
}
/* WRITE REVIEW */
public static function write_review( $id, $user, $post ) {
global $db;
if( !( $allow = (int) \query\main::get_option( 'allow_reviews' ) ) || !isset( $post['stars'] ) || !in_array( $post['stars'], array( 1,2,3,4,5 ) ) ) {
throw new \Exception( t( 'msg_error', "Error!" ) ); // this error can appear only when the user try to modify post data OR administrator don't allow new reviews
} else if( $allow === 2 && !$GLOBALS['me']->is_confirmed ) {
throw new \Exception( t( 'review_write_notv', "Your account isn't confirmed, you can't write reviews." ) );
} else if( !isset( $post['text'] ) || trim( $post['text'] ) == '' ) {
throw new \Exception( t( 'review_write_text', "Please fill a message." ) );
} else {
$stmt = $db->stmt_init();
$stmt->prepare( "INSERT INTO " . DB_TABLE_PREFIX . "reviews (user, store, text, stars, valid, lastupdate_by, lastupdate, date) VALUES (?, ?, ?, ?, ?, ?, NOW(), NOW())" );
$valid = (boolean) \query\main::get_option( 'review_validate' );
$stmt->bind_param( "iisiii", $user, $id, $post['text'], $post['stars'], $valid, $user );
$execute = $stmt->execute();
if( $execute ) {
if( ( $ppr = \query\main::get_option( 'u_points_review' ) ) > 0 ) {
$stmt->prepare( "UPDATE " . DB_TABLE_PREFIX . "users SET points = points + ? WHERE id = ?" );
$stmt->bind_param( "ii", $ppr, $user );
$stmt->execute();
}
$stmt->close();
return true;
} else {
throw new \Exception( t( 'msg_error', "Error!" ) );
}
}
}
解决方案
推荐阅读
- javascript - 如何将我的下拉选择值保存在数据库中......使用 javascript?
- css - 离子5动画改变列的宽度
- ansible - 如何将来自 POSTMAN 的 JWT 令牌包含到 Ansible Playbook 中
- c# - c# Word Application PrintPreview
- amazon-web-services - 如何在同一个 VPC 中使用 terraform 配置两个 ECS 集群?
- c# - 在 Visual Studio 中构建单个小 exe 文件的问题
- sql - SQL UPDATE option_value WHERE `option_name` = '%category_%' 问题
- ios - 如何通过在iOS中对齐顶部边缘来水平放置两个标签?
- python - 一系列矩阵的快速乘法
- ios - PHPickerViewController 通过 PHAsset 加载视频