php实现回帖

实现回帖功能的基本步骤

PHP实现回帖功能通常涉及数据库操作、表单处理和页面展示。以下是关键实现方法：

数据库表设计

创建存储帖子和回帖的表结构：

CREATE TABLE posts (
    id INT AUTO_INCREMENT PRIMARY KEY,
    title VARCHAR(255),
    content TEXT,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE replies (
    id INT AUTO_INCREMENT PRIMARY KEY,
    post_id INT,
    content TEXT,
    author VARCHAR(100),
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (post_id) REFERENCES posts(id)
);

表单处理

创建回帖提交表单（reply_form.php）：

<form action="submit_reply.php" method="post">
    <input type="hidden" name="post_id" value="<?php echo $_GET['post_id']; ?>">
    <textarea name="content" required></textarea>
    <input type="text" name="author" placeholder="Your name">
    <button type="submit">Submit Reply</button>
</form>

处理回帖提交（submit_reply.php）

<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $post_id = $_POST['post_id'];
    $content = $_POST['content'];
    $author = $_POST['author'];

    $conn = new PDO("mysql:host=localhost;dbname=forum", "username", "password");
    $stmt = $conn->prepare("INSERT INTO replies (post_id, content, author) VALUES (?, ?, ?)");
    $stmt->execute([$post_id, $content, $author]);

    header("Location: view_post.php?post_id=" . $post_id);
    exit();
}
?>

显示回帖列表（view_post.php）

<?php
$post_id = $_GET['post_id'];
$conn = new PDO("mysql:host=localhost;dbname=forum", "username", "password");

// 获取主帖
$post_stmt = $conn->prepare("SELECT * FROM posts WHERE id = ?");
$post_stmt->execute([$post_id]);
$post = $post_stmt->fetch();

// 获取回帖
$reply_stmt = $conn->prepare("SELECT * FROM replies WHERE post_id = ? ORDER BY created_at DESC");
$reply_stmt->execute([$post_id]);
$replies = $reply_stmt->fetchAll();

// 显示内容
echo "<h1>{$post['title']}</h1>";
echo "<p>{$post['content']}</p>";

foreach ($replies as $reply) {
    echo "<div class='reply'>";
    echo "<p>{$reply['author']} - {$reply['created_at']}</p>";
    echo "<p>{$reply['content']}</p>";
    echo "</div>";
}
?>

安全增强措施

增加输入验证和防止SQL注入：

$content = htmlspecialchars(trim($_POST['content']));
$author = htmlspecialchars(trim($_POST['author']));

使用预处理语句防止SQL注入（如上例所示）

会话管理

可选添加用户登录验证：

session_start();
if (!isset($_SESSION['user_id'])) {
    header("Location: login.php");
    exit();
}

性能优化

对于大量回帖的情况：

// 分页查询
$page = isset($_GET['page']) ? (int)$_GET['page'] : 1;
$limit = 10;
$offset = ($page - 1) * $limit;

$reply_stmt = $conn->prepare("SELECT * FROM replies WHERE post_id = ? ORDER BY created_at DESC LIMIT ? OFFSET ?");
$reply_stmt->execute([$post_id, $limit, $offset]);