MySQL查询和联接表
[英]MySQL Query and Join Tables
问题描述
I'm working something with mysql and php and I'm trying to achieve some result for learning purposes. 
我正在使用mysql和php进行操作,并且正在尝试出于学习目的而获得一些结果。
So what I'm trying is to make conversation messages system and I have following: 所以我想做的是使对话消息系统,我有以下几点:
I have 2 tables, first conversation and second conversation_messages 我有2张桌子,第一次对话和第二次对话
First table conversation looks like following: 第一表对话如下所示:
c_id, user_one, user_two c_id,user_one,user_two
Second table conversation_messages looks like this: 第二张表construction_messages看起来像这样:
m_id, text, date, created_by, status, c_id m_id,文字,日期,created_by,状态,c_id
So in messages table I set Conversation ID and when user click conversation to open it, url change to messages.php?c_id=1 or something like that... And that's fine, becouse I get c_id from url and so on. 因此,在消息表中,我设置了会话ID,当用户单击会话以打开会话ID时,将URL更改为messages.php?c_id = 1或类似的内容……这很好,因为我从url中获取了c_id,依此类推。
My question is following: 我的问题如下:
Lets say I wan't to get all messages for conversation c_id = 1. How do I query trough table and get all messages for that conversation id. 可以说我不想获取对话c_id = 1的所有消息。如何查询槽表并获取该对话id的所有消息。 Also I need to query so it return results only if logged user is involved into conversation... So logged in user can see conversation messages only if he is person/user A (user_one) or user B(user_two). 另外,我还需要查询,以便仅当登录的用户参与对话时才返回结果。因此,登录的用户只有在其人/用户A(user_one)或用户B(user_two)时才能看到对话消息。 How do I do that and do I need to join tables. 我该怎么做,我是否需要联接表。 So what is the best way to do this. 那么什么是最好的方式做到这一点。
So when logged in user type manually into url messages.php?c_id=3 if he is not involved into that conversation I don't want him to see it. 因此,当用户手动登录时,请键入url messages.php?c_id = 3(如果他不参与该对话),我不希望他看到它。
Sorry I'm new here and don't know how to format code properly or anything. 抱歉,我是新来的,不知道如何正确格式化代码或其他任何格式。
Thanks in advance. 提前致谢。
2 个解决方案
解决方案1
1 已采纳 2014-07-01 17:46:36
You need to get the logged user id from a session and put into the query like that 您需要从会话中获取登录的用户ID,然后将其放入查询中
SELECT * FROM conversation_message, conversation
WHERE conversation.c_id = $ID_OF_CONVERSATION
AND (user_one = $ID_LOGGED_USER OR user_two = $ID_LOGGED_USER)
AND conversation_message.c_id = conversation.c_id
解决方案2
0 2014-07-01 17:46:07
In the broad strokes, if you want to add security to a certain endpoint, you need to allow or deny access after validating user input. 概括地说,如果要向某个端点添加安全性,则需要在验证用户输入后允许或拒绝访问。 In the example you gave, your user input is the c_id value of 3. In a simple PHP example, you could do something like this: 在您给出的示例中,用户输入的c_id值为3。在一个简单的PHP示例中,您可以执行以下操作:
$user_id = $_SESSION['user_id'];
$can_access = false;
$convo_id = $_GET['c_id'];
$safe_id = mysql_real_escape_string( $convo_id );
$rli = mysql_query( "SELECT * FROM conversation WHERE c_id = {$safe_id}" );
if( mysql_num_rows( $rli ) ) {
$convo = mysql_fetch_object( $rli );
$can_access = $convo->user_one == $user_id || $convo->user_two == $user_id;
}
Notice in this example that I pulled the "logged in" user's id from the session, which assumes that you are using sessions. 请注意,在此示例中,我从会话中提取了“已登录”用户的ID,假设您正在使用会话。 There are many different ways to create "logged in" user views, and that is somewhat outside the scope of this answer. 创建“已登录”用户视图的方式有很多,这超出了此答案的范围。 The end result here is a boolean value variable $can_access which indicates whether or not the user can access the page. 最终结果是一个布尔值变量$ can_access,它指示用户是否可以访问页面。 Assuming they can access the page, you could pull all the messages from the now validated conversation like so: 假设他们可以访问该页面,则可以从现在已验证的对话中拉出所有消息,如下所示:
$rli = mysql_query("SELECT * FROM conversation_messages WHERE c_id = {$safe_id}");
$messages = array();
while( $message = mysql_fetch_object( $rli ) ) {
$messages[ $message->m_id ] = $message;
}
The above gives you a PHP array containing all the messages associated with the conversation. 上面提供了一个PHP数组,其中包含与会话相关的所有消息。 Hope this is enough to get you started. 希望这足以让您入门。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.