0

これは私のstatus.phpファイルのコードですが、ステータスを投稿するとtype_unknownという1つのことしか表示されませんが、なぜ正しく機能していないのかわかりません。type_unknown もこのコーディングのコマンドです。このコマンドを実行してから、必要な変更を提案してください。

 <?php
    include_once("../php_includes/check_login_status.php");
    if($user_ok != true || $log_username == "") {
        exit();
    }
    ?><?php
    if (isset($_POST['action']) && $_POST['action'] == "status_post"){
        // Make sure post data is not empty
        if(strlen($_POST['data']) < 1){
            mysqli_close($db_conx);
            echo "data_empty";
            exit();
        }
        // Make sure type is either a or c
        if($_POST['type'] != "a" || $_POST['type'] != "c"){
            mysqli_close($db_conx);
            echo "type_unknown";
            exit();
        }
        // Clean all of the $POST vars that will interact with the database
        $type = preg_replace('#[^a-z]#', '', $_POST['type']);
        $account_name = preg_replace('#[^a-z0-9]#i', '', $_POST['user']);
        $data = htmlentities($_POST['data']);
        $data = mysqli_real_escape_string($db_conx, $data);
        // Make sure account name exists (the profile being posted on)
        $sql = "SELECT COUNT(id) FROM users WHERE username='$account_name' AND activated='1' LIMIT 1";
        $query = mysqli_query($db_conx, $sql);
        $row = mysqli_fetch_row($query);
        if($row[0] < 1){
            mysqli_close($db_conx);
            echo "$account_no_exist";
            exit();
        }
        // Insert the status post into the database now
        $sql = "INSERT INTO status(account_name, author, type, data, postdate) 
                VALUES('$account_name','$log_username','$type','$data',now())";
        $query = mysqli_query($db_conx, $sql);
        $id = mysqli_insert_id($db_conx);
        mysqli_query($db_conx, "UPDATE status SET osid='$id' WHERE id='$id' LIMIT 1");
        // Count posts of type "a" for the person posting and evaluate the count
        $sql = "SELECT COUNT(id) FROM status WHERE author='$log_username' AND type='a'";
        $query = mysqli_query($db_conx, $sql); 
        $row = mysqli_fetch_row($query);
        if ($row[0] > 9) { // If they have 10 or more posts of type a
            // Delete their oldest post if you want a system that auto flushes the oldest
            // (you can auto flush for post types c and b if you wish to also)
            $sql = "SELECT id FROM status WHERE author='$log_username' AND type='a' ORDER BY id ASC LIMIT 1";
            $query = mysqli_query($db_conx, $sql); 
            $row = mysqli_fetch_row($query);
            $oldest = $row[0];
            mysqli_query($db_conx, "DELETE FROM status WHERE osid='$oldest'");
        }
        // Insert notifications to all friends of the post author
        $friends = array();
        $query = mysqli_query($db_conx, "SELECT user1 FROM friends WHERE user2='$log_username' AND accepted='1'");
        while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) { array_push($friends, $row["user1"]); }
        $query = mysqli_query($db_conx, "SELECT user2 FROM friends WHERE user1='$log_username' AND accepted='1'");
        while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) { array_push($friends, $row["user2"]); }
        for($i = 0; $i < count($friends); $i++){
            $friend = $friends[$i];
            $app = "Status Post";
            $note = $log_username.' posted on: <br /><a href="user.php?u='.$account_name.'#status_'.$id.'">'.$account_name.'&#39;s Profile</a>';
            mysqli_query($db_conx, "INSERT INTO notifications(username, initiator, app, note, date_time) VALUES('$friend','$log_username','$app','$note',now())");          
        }
        mysqli_close($db_conx);
        echo "post_ok|$id";
        exit();
    }
    ?><?php 
    //action=status_reply&osid="+osid+"&user="+user+"&data="+data
    if (isset($_POST['action']) && $_POST['action'] == "status_reply"){
        // Make sure data is not empty
        if(strlen($_POST['data']) < 1){
            mysqli_close($db_conx);
            echo "data_empty";
            exit();
        }
        // Clean the posted variables
        $osid = preg_replace('#[^0-9]#', '', $_POST['sid']);
        $account_name = preg_replace('#[^a-z0-9]#i', '', $_POST['user']);
        $data = htmlentities($_POST['data']);
        $data = mysqli_real_escape_string($db_conx, $data);
        // Make sure account name exists (the profile being posted on)
        $sql = "SELECT COUNT(id) FROM users WHERE username='$account_name' AND activated='1' LIMIT 1";
        $query = mysqli_query($db_conx, $sql);
        $row = mysqli_fetch_row($query);
        if($row[0] < 1){
            mysqli_close($db_conx);
            echo "$account_no_exist";
            exit();
        }
        // Insert the status reply post into the database now
        $sql = "INSERT INTO status(osid, account_name, author, type, data, postdate)
                VALUES('$osid','$account_name','$log_username','b','$data',now())";
        $query = mysqli_query($db_conx, $sql);
        $id = mysqli_insert_id($db_conx);
        // Insert notifications for everybody in the conversation except this author
        $sql = "SELECT author FROM status WHERE osid='$osid' AND author!='$log_username' GROUP BY author";
        $query = mysqli_query($db_conx, $sql);
        while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
            $participant = $row["author"];
            $app = "Status Reply";
            $note = $log_username.' commented here:<br /><a href="user.php?u='.$account_name.'#status_'.$osid.'">Click here to view the conversation</a>';
            mysqli_query($db_conx, "INSERT INTO notifications(username, initiator, app, note, date_time) 
                         VALUES('$participant','$log_username','$app','$note',now())");
        }
        mysqli_close($db_conx);
        echo "reply_ok|$id";
        exit();
    }
    ?><?php 
    if (isset($_POST['action']) && $_POST['action'] == "delete_status"){
        if(!isset($_POST['statusid']) || $_POST['statusid'] == ""){
            mysqli_close($db_conx);
            echo "status id is missing";
            exit();
        }
        $statusid = preg_replace('#[^0-9]#', '', $_POST['statusid']);
        // Check to make sure this logged in user actually owns that comment
        $query = mysqli_query($db_conx, "SELECT account_name, author FROM status WHERE id='$statusid' LIMIT 1");
        while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
            $account_name = $row["account_name"]; 
            $author = $row["author"];
        }
        if ($author == $log_username || $account_name == $log_username) {
            mysqli_query($db_conx, "DELETE FROM status WHERE osid='$statusid'");
            mysqli_close($db_conx);
            echo "delete_ok";
            exit();
        }
    }
    ?><?php 
    if (isset($_POST['action']) && $_POST['action'] == "delete_reply"){
        if(!isset($_POST['replyid']) || $_POST['replyid'] == ""){
            mysqli_close($db_conx);
            exit();
        }
        $replyid = preg_replace('#[^0-9]#', '', $_POST['replyid']);
        // Check to make sure the person deleting this reply is either the account owner or the person who wrote it
        $query = mysqli_query($db_conx, "SELECT osid, account_name, author FROM status WHERE id='$replyid' LIMIT 1");
        while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
            $osid = $row["osid"];
            $account_name = $row["account_name"];
            $author = $row["author"];
        }
        if ($author == $log_username || $account_name == $log_username) {
            mysqli_query($db_conx, "DELETE FROM status WHERE id='$replyid'");
            mysqli_close($db_conx);
            echo "delete_ok";
            exit();
        }
    }
    ?>



/*new one demanded*/
<?php
$status_ui = "";
$statuslist = "";
if($isOwner == "yes"){
    $status_ui = '<textarea id="statustext" onkeyup="statusMax(this,250)" placeholder="What&#39;s new with you '.$u.'?"></textarea>';
    $status_ui .= '<button id="statusBtn" onclick="postToStatus(\'status_post\',\'a\',\''.$u.'\',\'statustext\')">Post</button>';
} else if($isFriend == true && $log_username != $u){
    $status_ui = '<textarea id="statustext" onkeyup="statusMax(this,250)" placeholder="Hi '.$log_username.', say something to '.$u.'"></textarea>';
    $status_ui .= '<button id="statusBtn" onclick="postToStatus(\'status_post\',\'c\',\''.$u.'\',\'statustext\')">Post</button>';
}
?><?php 
$sql = "SELECT * FROM status WHERE account_name='$u' AND type='a' OR account_name='$u' AND type='c' ORDER BY postdate DESC LIMIT 20";
$query = mysqli_query($db_conx, $sql);
$statusnumrows = mysqli_num_rows($query);
while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
    $statusid = $row["id"];
    $account_name = $row["account_name"];
    $author = $row["author"];
    $postdate = $row["postdate"];
    $data = $row["data"];
    $data = nl2br($data);
    $data = str_replace("&amp;","&",$data);
    $data = stripslashes($data);
    $statusDeleteButton = '';
    if($author == $log_username || $account_name == $log_username ){
        $statusDeleteButton = '<span id="sdb_'.$statusid.'"><a href="#" onclick="return false;" onmousedown="deleteStatus(\''.$statusid.'\',\'status_'.$statusid.'\');" title="DELETE THIS STATUS AND ITS REPLIES">delete status</a></span> &nbsp; &nbsp;';
    }
    // GATHER UP ANY STATUS REPLIES
    $status_replies = "";
    $query_replies = mysqli_query($db_conx, "SELECT * FROM status WHERE osid='$statusid' AND type='b' ORDER BY postdate ASC");
    $replynumrows = mysqli_num_rows($query_replies);
    if($replynumrows > 0){
        while ($row2 = mysqli_fetch_array($query_replies, MYSQLI_ASSOC)) {
            $statusreplyid = $row2["id"];
            $replyauthor = $row2["author"];
            $replydata = $row2["data"];
            $replydata = nl2br($replydata);
            $replypostdate = $row2["postdate"];
            $replydata = str_replace("&amp;","&",$replydata);
            $replydata = stripslashes($replydata);
            $replyDeleteButton = '';
            if($replyauthor == $log_username || $account_name == $log_username ){
                $replyDeleteButton = '<span id="srdb_'.$statusreplyid.'"><a href="#" onclick="return false;" onmousedown="deleteReply(\''.$statusreplyid.'\',\'reply_'.$statusreplyid.'\');" title="DELETE THIS COMMENT">remove</a></span>';
            }
            $status_replies .= '<div id="reply_'.$statusreplyid.'" class="reply_boxes"><div><b>Reply by <a href="user.php?u='.$replyauthor.'">'.$replyauthor.'</a> '.$replypostdate.':</b> '.$replyDeleteButton.'<br />'.$replydata.'</div></div>';
        }
    }
    $statuslist .= '<div id="status_'.$statusid.'" class="status_boxes"><div><b>Posted by <a href="user.php?u='.$author.'">'.$author.'</a> '.$postdate.':</b> '.$statusDeleteButton.' <br />'.$data.'</div>'.$status_replies.'</div>';
    if($isFriend == true || $log_username == $u){
        $statuslist .= '<textarea id="replytext_'.$statusid.'" class="replytext" onkeyup="statusMax(this,250)" placeholder="write a comment here"></textarea><button id="replyBtn_'.$statusid.'" onclick="replyToStatus('.$statusid.',\''.$u.'\',\'replytext_'.$statusid.'\',this)">Reply</button>';    
    }
}
?>
<script>
function postToStatus(action,type,user,ta){
    var data = _(ta).value;
    if(data == ""){
        alert("Type something first weenis");
        return false;
    }
    _("statusBtn").disabled = true;
    var ajax = ajaxObj("POST", "php_parsers/status_system.php");
    ajax.onreadystatechange = function() {
        if(ajaxReturn(ajax) == true) {
            var datArray = ajax.responseText.split("|");
            if(datArray[0] == "post_ok"){
                var sid = datArray[1];
                data = data.replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/\n/g,"<br />").replace(/\r/g,"<br />");
                var currentHTML = _("statusarea").innerHTML;
                _("statusarea").innerHTML = '<div id="status_'+sid+'" class="status_boxes"><div><b>Posted by you just now:</b> <span id="sdb_'+sid+'"><a href="#" onclick="return false;" onmousedown="deleteStatus(\''+sid+'\',\'status_'+sid+'\');" title="DELETE THIS STATUS AND ITS REPLIES">delete status</a></span><br />'+data+'</div></div><textarea id="replytext_'+sid+'" class="replytext" onkeyup="statusMax(this,250)" placeholder="write a comment here"></textarea><button id="replyBtn_'+sid+'" onclick="replyToStatus('+sid+',\'<?php echo $u; ?>\',\'replytext_'+sid+'\',this)">Reply</button>'+currentHTML;
                _("statusBtn").disabled = false;
                _(ta).value = "";
            } else {
                alert(ajax.responseText);
            }
        }
    }
    ajax.send("action="+action+"&type="+type+"&user="+user+"&data="+data);
}
function replyToStatus(sid,user,ta,btn){
    var data = _(ta).value;
    if(data == ""){
        alert("Type something first weenis");
        return false;
    }
    _("replyBtn_"+sid).disabled = true;
    var ajax = ajaxObj("POST", "php_parsers/status_system.php");
    ajax.onreadystatechange = function() {
        if(ajaxReturn(ajax) == true) {
            var datArray = ajax.responseText.split("|");
            if(datArray[0] == "reply_ok"){
                var rid = datArray[1];
                data = data.replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/\n/g,"<br />").replace(/\r/g,"<br />");
                _("status_"+sid).innerHTML += '<div id="reply_'+rid+'" class="reply_boxes"><div><b>Reply by you just now:</b><span id="srdb_'+rid+'"><a href="#" onclick="return false;" onmousedown="deleteReply(\''+rid+'\',\'reply_'+rid+'\');" title="DELETE THIS COMMENT">remove</a></span><br />'+data+'</div></div>';
                _("replyBtn_"+sid).disabled = false;
                _(ta).value = "";
            } else {
                alert(ajax.responseText);
            }
        }
    }
    ajax.send("action=status_reply&sid="+sid+"&user="+user+"&data="+data);
}
function deleteStatus(statusid,statusbox){
    var conf = confirm("Press OK to confirm deletion of this status and its replies");
    if(conf != true){
        return false;
    }
    var ajax = ajaxObj("POST", "php_parsers/status_system.php");
    ajax.onreadystatechange = function() {
        if(ajaxReturn(ajax) == true) {
            if(ajax.responseText == "delete_ok"){
                _(statusbox).style.display = 'none';
                _("replytext_"+statusid).style.display = 'none';
                _("replyBtn_"+statusid).style.display = 'none';
            } else {
                alert(ajax.responseText);
            }
        }
    }
    ajax.send("action=delete_status&statusid="+statusid);
}
function deleteReply(replyid,replybox){
    var conf = confirm("Press OK to confirm deletion of this reply");
    if(conf != true){
        return false;
    }
    var ajax = ajaxObj("POST", "php_parsers/status_system.php");
    ajax.onreadystatechange = function() {
        if(ajaxReturn(ajax) == true) {
            if(ajax.responseText == "delete_ok"){
                _(replybox).style.display = 'none';
            } else {
                alert(ajax.responseText);
            }
        }
    }
    ajax.send("action=delete_reply&replyid="+replyid);
}
function statusMax(field, maxlimit) {
    if (field.value.length > maxlimit){
        alert(maxlimit+" maximum character limit reached");
        field.value = field.value.substring(0, maxlimit);
    }
}
</script>
<div id="statusui">
  <?php echo $status_ui; ?>
</div>
<div id="statusarea">
  <?php echo $statuslist; ?>

4

2 に答える 2

0

問題は、条件のロジックにあるようです。これを次のように変更すると:

if($_POST['type'] != "a" && $_POST['type'] != "c")

その後、条件は期待どおりに機能するはずです。編集により「||」が変更されることに注意してください に '&&'。

なぜこの編集を行うのですか?$_POST['type'] == "a". その場合、次のようになります。

$_POST['type'] != "a" // false
$_POST['type'] != "c" // true

したがって、条件式は if( false || true ) に評価され、さらに if( true ) に評価されます。元のロジックが機能するのは、 $_POST['type'] != "a" AND $_POST['type'] != "c" の場合のみです (同じ変数に 2 つの変数が必要なため、これは決して起こりません)。値を同時に)。

http://en.wikipedia.org/wiki/Truth_table#Logical_disjunctionを参照

于 2013-08-23T13:23:47.653 に答える
0

問題がこの行に表示されている場合:

 if($_POST['type'] != "a" || $_POST['type'] != "c"){

その場合、名前typeが入った入力フォームがないか、投稿データがまったく転送されていない可能性があります。したがって、HTMLフォームに入力が呼び出されているかどうかを確認してくださいtype

于 2013-06-02T19:01:19.727 に答える