php实现发帖
PHP 实现发帖功能
数据库准备
创建数据库表存储帖子信息,例如:
CREATE TABLE posts (
id INT AUTO_INCREMENT PRIMARY KEY,
title VARCHAR(255) NOT NULL,
content TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);表单设计
创建发帖表单页面(post_form.php):
<form action="submit_post.php" method="post">
<input type="text" name="title" placeholder="标题" required>
<textarea name="content" placeholder="内容" required></textarea>
<button type="submit">发布</button>
</form>处理提交
创建处理提交的PHP文件(submit_post.php):
<?php
// 连接数据库
$conn = new mysqli('localhost', 'username', 'password', 'database_name');
// 检查连接
if ($conn->connect_error) {
die("连接失败: " . $conn->connect_error);
}
// 获取表单数据
$title = $_POST['title'];
$content = $_POST['content'];
// 防止SQL注入
$title = $conn->real_escape_string($title);
$content = $conn->real_escape_string($content);
// 插入数据
$sql = "INSERT INTO posts (title, content) VALUES ('$title', '$content')";
if ($conn->query($sql) === TRUE) {
echo "发帖成功";
} else {
echo "错误: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>显示帖子
创建显示帖子的页面(view_posts.php):
<?php
$conn = new mysqli('localhost', 'username', 'password', 'database_name');
if ($conn->connect_error) {
die("连接失败: " . $conn->connect_error);
}
$sql = "SELECT * FROM posts ORDER BY created_at DESC";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<h3>" . htmlspecialchars($row['title']) . "</h3>";
echo "<p>" . nl2br(htmlspecialchars($row['content'])) . "</p>";
echo "<small>" . $row['created_at'] . "</small><hr>";
}
} else {
echo "暂无帖子";
}
$conn->close();
?>安全增强
使用预处理语句防止SQL注入:
$stmt = $conn->prepare("INSERT INTO posts (title, content) VALUES (?, ?)");
$stmt->bind_param("ss", $title, $content);
$stmt->execute();文件上传
如需支持图片上传:
<form enctype="multipart/form-data">
<input type="file" name="image">
</form>PHP处理上传:
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["image"]["name"]);
move_uploaded_file($_FILES["image"]["tmp_name"], $target_file);
