php站内信实现

站内信系统设计要点

站内信系统需要实现用户之间的消息发送、接收、存储和管理功能。核心包括数据库设计、消息发送逻辑、消息列表展示和消息状态管理。

数据库表结构

创建两个主要表：users（用户表）和messages（站内信表）。

CREATE TABLE users (
    id INT AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(50) NOT NULL,
    email VARCHAR(100) NOT NULL
);

CREATE TABLE messages (
    id INT AUTO_INCREMENT PRIMARY KEY,
    sender_id INT NOT NULL,
    receiver_id INT NOT NULL,
    subject VARCHAR(255) NOT NULL,
    content TEXT NOT NULL,
    is_read TINYINT DEFAULT 0,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (sender_id) REFERENCES users(id),
    FOREIGN KEY (receiver_id) REFERENCES users(id)
);

发送站内信功能

创建发送消息的表单和处理脚本。发送页面包含收件人选择、主题和内容输入字段。

// send_message.php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $sender_id = $_SESSION['user_id'];
    $receiver_id = $_POST['receiver_id'];
    $subject = $_POST['subject'];
    $content = $_POST['content'];

    $stmt = $pdo->prepare("INSERT INTO messages (sender_id, receiver_id, subject, content) VALUES (?, ?, ?, ?)");
    $stmt->execute([$sender_id, $receiver_id, $subject, $content]);

    header('Location: inbox.php');
    exit;
}

收件箱功能实现

显示用户收到的消息列表，包含分页功能和未读消息标记。

// inbox.php
$user_id = $_SESSION['user_id'];
$page = isset($_GET['page']) ? (int)$_GET['page'] : 1;
$limit = 10;
$offset = ($page - 1) * $limit;

$stmt = $pdo->prepare("SELECT m.*, u.username as sender_name 
                      FROM messages m 
                      JOIN users u ON m.sender_id = u.id 
                      WHERE m.receiver_id = ? 
                      ORDER BY m.created_at DESC 
                      LIMIT ? OFFSET ?");
$stmt->execute([$user_id, $limit, $offset]);
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);

消息阅读状态更新

当用户查看消息详情时，更新消息的已读状态。

// view_message.php
$message_id = $_GET['id'];
$user_id = $_SESSION['user_id'];

// 验证消息属于当前用户
$stmt = $pdo->prepare("UPDATE messages SET is_read = 1 WHERE id = ? AND receiver_id = ?");
$stmt->execute([$message_id, $user_id]);

$stmt = $pdo->prepare("SELECT m.*, u.username as sender_name 
                      FROM messages m 
                      JOIN users u ON m.sender_id = u.id 
                      WHERE m.id = ?");
$stmt->execute([$message_id]);
$message = $stmt->fetch(PDO::FETCH_ASSOC);

用户界面优化

在消息列表中显示未读消息数量，使用不同样式区分已读和未读消息。

// 获取未读消息数量
$stmt = $pdo->prepare("SELECT COUNT(*) as unread_count FROM messages WHERE receiver_id = ? AND is_read = 0");
$stmt->execute([$_SESSION['user_id']]);
$unread = $stmt->fetch(PDO::FETCH_ASSOC)['unread_count'];

安全考虑

实现CSRF防护和输入验证，防止SQL注入和XSS攻击。

// 发送消息时的安全处理
function sanitize_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
}

$subject = sanitize_input($_POST['subject']);
$content = sanitize_input($_POST['content']);

性能优化

为常用查询字段添加索引，定期归档旧消息，考虑实现消息缓存。

CREATE INDEX idx_messages_receiver ON messages(receiver_id);
CREATE INDEX idx_messages_sender ON messages(sender_id);
CREATE INDEX idx_messages_read ON messages(is_read);