先ほどの続き2
ログインしていく
<?php
session_start();
require('library.php');
$error = [];
$email = '';
$password = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
if ($email === '' || $password === '') {
$error['login'] = 'blank';
} else {
// ログインチェック
$db = dbconnect();
$stmt = $db->prepare('select id, name, password from members where email = ? limit 1');
if (!$stmt) {
die($db->error);
}
$stmt->bind_param('s', $email);
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
$stmt->fetch();
if (password_verify($password, $hash)) {
// ログイン成功
session_regenerate_id();
$_SESSION['id'] = $id;
$_SESSION['name'] = $name;
header('Location: index.php');
exit();
} else {
$error['login'] = 'failed';
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<link rel="stylesheet" type="text/css" href="style.css"/>
<title>ログインする</title>
</head>
<body>
<div id="wrap">
<div id="head">
<h1>ログインする</h1>
</div>
<div id="content">
<div id="lead">
<p>メールアドレスとパスワードを記入してログインしてください。</p>
<p>入会手続きがまだの方はこちらからどうぞ。</p>
<p>»<a href="join/">入会手続きをする</a></p>
</div>
<form action="" method="post">
<dl>
<dt>メールアドレス</dt>
<dd>
<input type="text" name="email" size="35" maxlength="255" value="<?php echo h($email); ?>"/>
<?php if (isset($error['login']) && $error['login'] === 'blank'): ?>
<p class="error">* メールアドレスとパスワードをご記入ください</p>
<?php endif; ?>
<?php if (isset($error['login']) && $error['login'] === 'failed'): ?>
<p class="error">* ログインに失敗しました。正しくご記入ください。</p>
<?php endif; ?>
</dd>
<dt>パスワード</dt>
<dd>
<input type="password" name="password" size="35" maxlength="255" value="<?php echo h($password); ?>"/>
</dd>
</dl>
<div>
<input type="submit" value="ログインする"/>
</div>
</form>
</div>
</div>
</body>
</html>
index.php
<?php
session_start();
require('library.php');
if (isset(
$id = $_SESSION['id'];
$name = $_SESSION['name'];
} else {
header('Location: login.php');
exit();
}
$db = dbconnect();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);
$stmt = $db->prepare('INSERT INTO posts (message, member_id) VALUES (?, ?)');
if (!$stmt) {
die($db->error);
}
$stmt->bind_param('si', $message, $id);
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
header('Location: index.php');
exit();
}
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>ひとこと掲示板</title>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<div id="wrap">
<div id="head">
<h1>ひとこと掲示板</h1>
</div>
<div id="content">
<div style="text-align: right"><a href="logout.php">ログアウト</a></div>
<form action="" method="post">
<dl>
<dt><?php echo h($name); ?>さん、メッセージをどうぞ</dt>
<dd>
<textarea name="message" cols="50" rows="5"></textarea>
</dd>
</dl>
<div>
<p>
<input type="submit" value="投稿する"/>
</p>
</div>
</form>
<?php
$stmt = $db->prepare('SELECT p.id, p.member_id, p.message, p.created, m.name, m.picture FROM posts p JOIN members m ON m.id = p.member_id ORDER BY p.id DESC');
if (!$stmt) {
die($db->error);
}
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
$stmt->bind_result($id, $member_id, $message, $created, $name, $picture);
while ($stmt->fetch()):
?>
<div class="msg">
<?php if ($picture): ?>
<img src="member_picture/<?php echo h($picture); ?>" width="48" height="48" alt=""/>
<?php endif; ?>
<p><?php echo htmlspecialchars($message, ENT_QUOTES, 'UTF-8'); ?><span class="name">(<?php echo h($name); ?>)</span></p>
<p class="day"><a href="view.php?id=<?php echo h($id); ?>"><?php echo h($created); ?></a>
<?php if ($_SESSION['id'] === $member_id):?>
[<a href="delete.php?id=<?php echo h($id); ?>" style="color: #F33;">削除</a>]
<?php endif;?>
</p>
</div>
<?php endwhile; ?>
</div>
</div>
</body>
</html>
delete機能をつける
<?php
session_start();
require('library.php');
if (isset(
$id = $_SESSION['id'];
$name = $_SESSION['name'];
} else {
header('Location: login.php');
exit();
}
$post_id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
if (!$post_id) {
header('Location: index.php');
exit();
}
$db = dbconnect();
$stmt = $db->prepare('DELETE FROM posts WHERE id = ? and member_id=? LIMIT 1');
if (!$stmt) {
die($db->error);
}
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
header('Location: index.php');
exit();
?>
logoutする
<?php
session_start();
unset($_SESSION['id']);
unset($_SESSION['name']);
header('Location: login.php'); exit();
?>
view.php
<?php
session_start();
require('library.php');
if (isset(
$id = $_SESSION['id'];
$name = $_SESSION['name'];
} else {
header('Location: login.php');
exit();
}
$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
if (!$id) {
header('Location: index.php');
exit();
}
$db = dbconnect();
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>ひとこと掲示板</title>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<div id="wrap">
<div id="head">
<h1>ひとこと掲示板</h1>
</div>
<div id="content">
<p>«<a href="index.php">一覧にもどる</a></p>
<?php
$stmt = $db->prepare('SELECT p.id, p.member_id, p.message, p.created, m.name, m.picture FROM posts p JOIN members m ON m.id = p.member_id WHERE p.id = ? ORDER BY p.id DESC');
if (!$stmt) {
die($db->error);
}
$stmt->bind_param('i', $id);
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
if ($stmt->fetch()):
?>
<div class="msg">
<?php if ($picture): ?>
<img src="member_picture/<?php echo h($picture); ?>" width="48" height="48" alt=""/>
<?php endif; ?>
<p><?php echo h(
<p class="day"><a href="view.php?id=<?php echo h(
[<a href="delete.php?id=<?php echo h($id); ?>" style="color: #F33;">削除</a>]
</p>
</div>
<?php else: ?>
<p>その投稿は削除されたか、URLが間違えています</p>
<?php endif;?>
</div>
</div>
</body>
</html>
index.php
<?php
session_start();
require('library.php');
if (!isset(
header('Location: login.php');
exit();
}
$db = dbconnect();
// メッセージの投稿
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);
// $id の確認
$id = $_SESSION['id'];
if ($id === null) {
die("Error: member_id is NULL");
}
$stmt = $db->prepare('INSERT INTO posts (message, member_id) VALUES (?, ?)');
if (!$stmt) {
die($db->error);
}
$stmt->bind_param('si', $message, $id);
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
// リダイレクト
header('Location: index.php');
exit();
}
$name = $_SESSION['name'];
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>ひとこと掲示板</title>
<link rel="stylesheet" href="style.css"/>
</head>
<body>
<div id="wrap">
<div id="head">
<h1>ひとこと掲示板</h1>
</div>
<div id="content">
<div style="text-align: right"><a href="logout.php">ログアウト</a></div>
<form action="" method="post">
<dl>
<dt><?php echo h($name); ?>さん、メッセージをどうぞ</dt>
<dd>
<textarea name="message" cols="50" rows="5"></textarea>
</dd>
</dl>
<div>
<p><input type="submit" value="投稿する"/></p>
</div>
</form>
<?php $stmt = $db->prepare('select p.id,p.member_id,p.message,p.created,m.name,m.picture from posts p, members m where m.id=p.member_id order by id desc');
if (!$stmt) {
die($db->error);
}
$success = $stmt->execute();
if (!$success) {
die($db->error);
}
while ($stmt->fetch()):
?>
<div class="msg">
<?php if ($picture):?>
<img src="member_picture/<?php echo h($picture);?>" width="48" height="48" alt=""/>
<?php endif;?>
<p><?php echo h(
<p class="day"><a href="view.php?id=<?php echo h(
<?php if ($_SESSION['id'] === $members_id):
?>
[<a href="delete.php?id=" style="color: #F33;">削除</a>]
<?php endif; ?>
</p>
</div>
<?php endwhile; ?>
</div>
</div>
</body>
</html>
library.php
<?php
//htmlspecialcharasを短くする//
function h($value){
return htmlspecialchars($value, ENT_QUOTES);
}
//DBへの接続//
function dbconnect(){
$db =new mysqli('localhost','root','root','mini_bbs');
if(!$db){
die($db->error);
}
return $db;
}
?>
チェックしていく
<?php
session_start();
require('../library.php');
if(isset($_SESSION['form'])){
$form = $_SESSION['form'];
}else{
header('Location: index.php');
exit();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST'){
$db =dbconnect();
if(!$stmt){
die($db->error);
}
if(!$success){
die($db->error);
}
unset($_SESSION['form']);
header('Location: thanks.php');
}
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>会員登録</title>
<link rel="stylesheet" href="../style.css" />
</head>
<body>
<div id="wrap">
<div id="head">
<h1>会員登録</h1>
</div>
<div id="content">
<p>記入した内容を確認して、「登録する」ボタンをクリックしてください</p>
<form action="" method="post">
<dl>
<dt>ニックネーム</dt>
<dd><?php echo h($form['name']);?></dd>
<dt>メールアドレス</dt>
<dt><?php echo h($form['email']);?></dt>
<dd>info@example.com</dd>
<dt>パスワード</dt>
<dd>
【表示されません】
</dd>
<dt>写真など</dt>
<dd>
<img src="../member_picture/<?php echo h($form['image']);?>" width="100" alt="" />
</dd>
</dl>
<div><a href="index.php?action=rewrite">« 書き直す</a> | <input type="submit" value="登録する" /></div>
</form>
</div>
</div>
</body>
</html>
Discussion