php怎么实现私信
使用数据库存储私信
创建一个数据库表来存储私信内容,表结构可以包含发送者ID、接收者ID、私信内容、发送时间等字段。使用SQL语句创建表:
CREATE TABLE private_messages (
id INT AUTO_INCREMENT PRIMARY KEY,
sender_id INT NOT NULL,
receiver_id INT NOT NULL,
message TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
is_read BOOLEAN DEFAULT FALSE
);发送私信功能
构建一个表单让用户输入私信内容,提交后插入到数据库:
// 处理发送私信
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$sender_id = $_SESSION['user_id'];
$receiver_id = $_POST['receiver_id'];
$message = htmlspecialchars($_POST['message']);
$stmt = $pdo->prepare("INSERT INTO private_messages (sender_id, receiver_id, message) VALUES (?, ?, ?)");
$stmt->execute([$sender_id, $receiver_id, $message]);
header("Location: messages.php");
exit;
}显示私信列表
查询当前用户的私信并显示:
$user_id = $_SESSION['user_id'];
$stmt = $pdo->prepare("SELECT * FROM private_messages WHERE receiver_id = ? ORDER BY created_at DESC");
$stmt->execute([$user_id]);
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($messages as $message) {
echo "<div class='message'>";
echo "<p>" . htmlspecialchars($message['message']) . "</p>";
echo "<small>From User ID: " . $message['sender_id'] . "</small>";
echo "</div>";
}标记已读功能
当用户查看私信时更新已读状态:
if (isset($_GET['message_id'])) {
$message_id = $_GET['message_id'];
$stmt = $pdo->prepare("UPDATE private_messages SET is_read = TRUE WHERE id = ?");
$stmt->execute([$message_id]);
}实时通知
使用AJAX轮询或WebSocket实现新消息通知:
// 前端JavaScript轮询检查新消息
setInterval(function() {
fetch('check_new_messages.php')
.then(response => response.json())
.then(data => {
if (data.new_messages > 0) {
document.getElementById('notification').style.display = 'block';
}
});
}, 5000);// check_new_messages.php
$user_id = $_SESSION['user_id'];
$stmt = $pdo->prepare("SELECT COUNT(*) FROM private_messages WHERE receiver_id = ? AND is_read = FALSE");
$stmt->execute([$user_id]);
$count = $stmt->fetchColumn();
echo json_encode(['new_messages' => $count]);安全性考虑
对用户输入进行验证和过滤,防止SQL注入和XSS攻击。使用预处理语句处理数据库查询,对输出内容使用htmlspecialchars()函数转义。
