I'm creating a twitter-like stream of posts using PHP. If the user only wants to see posts that he created, how should I write the mysql query?
Here's what I have now: mysql_query("SELECT * FROM timeline ORDER BY dt DESC");
I assume that I need to add a WHERE
after timeline to indicate the user, but not sure what the proper code is. Would it be WHERE $_SESSION['username']
?
You're on the right lines.
Watch the contents of $_SESSION['username']. You should really escape it first:
$usr = mysql_real_escape_string($_SESSION['username']);
then
mysql_query("SELECT * FROM timeline WHERE username = '$usr' ORDER BY dt DESC ");
I don't know what your user name field is called, so substitute.
Note: mysql
is deprecated - use mysqli or PDO
While I wouldn't recommend this, it should work:
SELECT *
FROM timeline
WHERE user = '" . $_SESSION['username'] . "'
ORDER BY dt DESC
I would suggest using paramaterized queries and using pdo instead!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.