用PHP实现论坛功能

yyf198905252025-12-30 11:04

数据库连接

php 复制代码 
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "forum_db";

$conn = new mysqli($servername, $username, $password, $dbname);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
?>
用户注册
php 复制代码 
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['register'])) {
    $username = $_POST['username'];
    $email = $_POST['email'];
    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
    
    $sql = "INSERT INTO users (username, email, password) VALUES ('$username', '$email', '$password')";
    
    if ($conn->query($sql) === TRUE) {
        echo "Registration successful";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}
?>
用户登录
php 复制代码 
<?php
session_start();

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    $sql = "SELECT * FROM users WHERE username='$username'";
    $result = $conn->query($sql);
    
    if ($result->num_rows > 0) {
        $row = $result->fetch_assoc();
        if (password_verify($password, $row['password'])) {
            $_SESSION['user_id'] = $row['id'];
            $_SESSION['username'] = $row['username'];
            echo "Login successful";
        } else {
            echo "Invalid password";
        }
    } else {
        echo "User not found";
    }
}
?>
创建帖子
php 复制代码 
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['create_post'])) {
    $title = $_POST['title'];
    $content = $_POST['content'];
    $user_id = $_SESSION['user_id'];
    
    $sql = "INSERT INTO posts (title, content, user_id) VALUES ('$title', '$content', '$user_id')";
    
    if ($conn->query($sql) === TRUE) {
        echo "Post created successfully";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}
?>
显示帖子列表
php 复制代码 
<?php
$sql = "SELECT posts.*, users.username FROM posts JOIN users ON posts.user_id = users.id ORDER BY created_at DESC";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    while($row = $result->fetch_assoc()) {
        echo "<h3>" . $row['title'] . "</h3>";
        echo "<p>By: " . $row['username'] . "</p>";
        echo "<p>" . $row['content'] . "</p>";
        echo "<hr>";
    }
} else {
    echo "No posts yet";
}
?>
添加回复
php 复制代码 
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['add_reply'])) {
    $post_id = $_POST['post_id'];
    $content = $_POST['content'];
    $user_id = $_SESSION['user_id'];
    
    $sql = "INSERT INTO replies (post_id, content, user_id) VALUES ('$post_id', '$content', '$user_id')";
    
    if ($conn->query($sql) === TRUE) {
        echo "Reply added successfully";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}
?>
显示回复
php 复制代码 
<?php
if (isset($_GET['post_id'])) {
    $post_id = $_GET['post_id'];
    $sql = "SELECT replies.*, users.username FROM replies JOIN users ON replies.user_id = users.id WHERE post_id=$post_id ORDER BY created_at ASC";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        while($row = $result->fetch_assoc()) {
            echo "<p>" . $row['username'] . " said:</p>";
            echo "<p>" . $row['content'] . "</p>";
            echo "<hr>";
        }
    } else {
        echo "No replies yet";
    }
}
?>

数据库表结构

sql 复制代码 
CREATE TABLE users (
    id INT AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(50) NOT NULL UNIQUE,
    email VARCHAR(100) NOT NULL UNIQUE,
    password VARCHAR(255) NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE posts (
    id INT AUTO_INCREMENT PRIMARY KEY,
    title VARCHAR(255) NOT NULL,
    content TEXT NOT NULL,
    user_id INT NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (user_id) REFERENCES users(id)
);

CREATE TABLE replies (
    id INT AUTO_INCREMENT PRIMARY KEY,
    post_id INT NOT NULL,
    content TEXT NOT NULL,
    user_id INT NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (post_id) REFERENCES posts(id),
    FOREIGN KEY (user_id) REFERENCES users(id)
);

安全注意事项

  • 使用预处理语句防止SQL注入
  • 对所有用户输入进行验证和过滤
  • 实现CSRF保护
  • 对密码进行哈希存储
  • 实现适当的错误处理
相关推荐
rookieﻬ°1 小时前
PHP框架漏洞
开发语言·php
CQU_JIAKE7 小时前
3.21【A】
开发语言·php
上海云盾-小余8 小时前
云主机安全加固:从系统、网络到应用的零信任配置
网络·安全·php
Eric.Lee202110 小时前
查看ubuntu机器正在使用的网络端口
网络·ubuntu·php
jinanwuhuaguo10 小时前
OpenClaw安全使用实践全景深度指南:从“裸奔龙虾”到“可信数字堡垒”的体系化构建
开发语言·php
xiangpanf11 小时前
Laravel学习指南:从入门到精通
php·laravel
南梦浅14 小时前
全过程步骤(从零到高可用企业网络)
开发语言·网络·php
xiangpanf14 小时前
Laravel 9.X新特性全解析
php·laravel
xiangpanf15 小时前
Laravel与ThinkPHP框架深度对比
php·laravel
hongtianzai15 小时前
Laravel7.x十大核心特性解析
java·c语言·开发语言·golang·php
热门推荐
01GitHub 镜像站点02Qwen3.5 开源全解析:从 0.8B 到 397B,代际升级 + 全场景选型指南03围棋-html版本04小黑课堂计算机二级WPSoffice题库软件下载安装教程(2026年3月最新版)05班级宠物园部署指南06OpenClaw 使用和管理 MCP 完全指南07UV安装并设置国内源08“wsl --install -d Ubuntu-22.04”下载慢,中国地区离线安装 Ubuntu 22.04 WSL方法(亲测2025年5月6日)09OpenClaw Control UI安全上下文访问配置10AI 编程三剑客:Spec-Kit、OpenSpec、Superpowers 深度对比与实战指南