用PHP实现论坛功能

yyf198905252025-12-30 11:04

数据库连接

php 复制代码 
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "forum_db";

$conn = new mysqli($servername, $username, $password, $dbname);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
?>
用户注册
php 复制代码 
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['register'])) {
    $username = $_POST['username'];
    $email = $_POST['email'];
    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
    
    $sql = "INSERT INTO users (username, email, password) VALUES ('$username', '$email', '$password')";
    
    if ($conn->query($sql) === TRUE) {
        echo "Registration successful";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}
?>
用户登录
php 复制代码 
<?php
session_start();

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    $sql = "SELECT * FROM users WHERE username='$username'";
    $result = $conn->query($sql);
    
    if ($result->num_rows > 0) {
        $row = $result->fetch_assoc();
        if (password_verify($password, $row['password'])) {
            $_SESSION['user_id'] = $row['id'];
            $_SESSION['username'] = $row['username'];
            echo "Login successful";
        } else {
            echo "Invalid password";
        }
    } else {
        echo "User not found";
    }
}
?>
创建帖子
php 复制代码 
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['create_post'])) {
    $title = $_POST['title'];
    $content = $_POST['content'];
    $user_id = $_SESSION['user_id'];
    
    $sql = "INSERT INTO posts (title, content, user_id) VALUES ('$title', '$content', '$user_id')";
    
    if ($conn->query($sql) === TRUE) {
        echo "Post created successfully";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}
?>
显示帖子列表
php 复制代码 
<?php
$sql = "SELECT posts.*, users.username FROM posts JOIN users ON posts.user_id = users.id ORDER BY created_at DESC";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    while($row = $result->fetch_assoc()) {
        echo "<h3>" . $row['title'] . "</h3>";
        echo "<p>By: " . $row['username'] . "</p>";
        echo "<p>" . $row['content'] . "</p>";
        echo "<hr>";
    }
} else {
    echo "No posts yet";
}
?>
添加回复
php 复制代码 
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['add_reply'])) {
    $post_id = $_POST['post_id'];
    $content = $_POST['content'];
    $user_id = $_SESSION['user_id'];
    
    $sql = "INSERT INTO replies (post_id, content, user_id) VALUES ('$post_id', '$content', '$user_id')";
    
    if ($conn->query($sql) === TRUE) {
        echo "Reply added successfully";
    } else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }
}
?>
显示回复
php 复制代码 
<?php
if (isset($_GET['post_id'])) {
    $post_id = $_GET['post_id'];
    $sql = "SELECT replies.*, users.username FROM replies JOIN users ON replies.user_id = users.id WHERE post_id=$post_id ORDER BY created_at ASC";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        while($row = $result->fetch_assoc()) {
            echo "<p>" . $row['username'] . " said:</p>";
            echo "<p>" . $row['content'] . "</p>";
            echo "<hr>";
        }
    } else {
        echo "No replies yet";
    }
}
?>

数据库表结构

sql 复制代码 
CREATE TABLE users (
    id INT AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(50) NOT NULL UNIQUE,
    email VARCHAR(100) NOT NULL UNIQUE,
    password VARCHAR(255) NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE posts (
    id INT AUTO_INCREMENT PRIMARY KEY,
    title VARCHAR(255) NOT NULL,
    content TEXT NOT NULL,
    user_id INT NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (user_id) REFERENCES users(id)
);

CREATE TABLE replies (
    id INT AUTO_INCREMENT PRIMARY KEY,
    post_id INT NOT NULL,
    content TEXT NOT NULL,
    user_id INT NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (post_id) REFERENCES posts(id),
    FOREIGN KEY (user_id) REFERENCES users(id)
);

安全注意事项

  • 使用预处理语句防止SQL注入
  • 对所有用户输入进行验证和过滤
  • 实现CSRF保护
  • 对密码进行哈希存储
  • 实现适当的错误处理
相关推荐
毕设源码-赖学姐3 小时前
【开题答辩全过程】以 基于PHP的国学诗词网站与推荐系统的设计与实现为例,包含答辩的问题和答案
开发语言·php
oMcLin5 小时前
如何在 Ubuntu 24.04 上安装 LAMP 堆栈(包括 PHP 8.3 和 MariaDB 11)
ubuntu·php·mariadb
运维闲章印时光5 小时前
单位本部与分部网络已实现互联互通,网络访问通畅,数据传输正常
开发语言·网络·php
福尔摩斯张1 天前
Linux的pthread_self函数详解:多线程编程中的身份标识器(超详细)
linux·运维·服务器·网络·网络协议·tcp/ip·php
Maybe I Simple1 天前
注解路由 + ApiDoc接入
php·html5·webman
笙枫1 天前
LangGraph Agent 架构基础:从概念到第一个可运行的Agent
开发语言·架构·php
小代码20161 天前
ubuntu vscode docker php 环境搭建
vscode·ubuntu·docker·php·laravel
Maybe I Simple1 天前
二进制打包|phar打包
php·webman
zorro_z1 天前
ThinkPHP8学习篇(十四):模板
php
热门推荐
01GitHub 镜像站点02从快手“12·22”直播攻击事件看:一次教科书式的业务层饱和攻击03Linux下V2Ray安装配置指南04电脑检测软件—图吧工具箱05Claude Code Skills 实用使用手册06jdk21下载、安装(Windows、Linux、macOS)07UV安装并设置国内源08Web安全中SQL注入绕过WAF的具体手法和实战案例09BongoCat - 跨平台键盘猫动画工具102025-04-03 Latex学习1——本地配置Latex + VScode环境