如何批准挂起的记录?

mwkjh3gx  于 2021-06-21  发布在  Mysql
关注(0)|答案(2)|浏览(296)

我在一个视频托管网站上工作,在这个网站上,用户上传的视频(称为“答案”,因为他们将在业余爱好制作的帮助请求作出回应)被放入一个待处理的列表中,供网站管理员审查并决定是否批准供公众观看。
所有视频记录都有一个名为“approved”的布尔数据段,该数据段设置为true('1')或false('0')。
我遇到的问题是实际的审批流程。不管我做什么,我都无法设置视频的“批准”状态。
这是我写的代码。。。
answer.php(主视频页)

<a class="btn btn-success btn-lg btn-block" href="<?php echo url_for('/approve.php?id=' . h(u($answer['id']))); ?>"><i class="mr-2 fas fa-check fa-2x"></i>Approve</a>

批准.php

if(!isset($_GET['id'])) {
      redirect_to(url_for('/pending.php'));
    }
    $id = $_GET['id'];

    if(is_post_request()) {

      $answer = [];
      $answer['id'] = $id;
      $answer['approved'] = $_POST['approved'];

      $result = approve_answer($id);
      $_SESSION['message'] = '<div class="text-success">The answer was successfully approved and ready for public viewing.</div>';  
      redirect_to(url_for('/pending.php'));

    } else {
      $answer = find_answer_by_id($id);
      $user = find_user_by_id($answer['user_id']);
    }

    ?>
    <?php $page_title = 'Confirm Approval'; ?>
    <?php include(SHARED_PATH . '/public_header.php'); ?>

    <div class="container my-2">
        <div class="my-2">
        <a class="back-link my-2" href="<?php echo url_for('/answer.php?id=' . h(u($answer['id']))); ?>"><i class="mr-2 fas fa-arrow-circle-left fa-2x"></i> Back to Answer</a>
        </div>

      <div class="answer approve">
        <h1>Confirm Approval</h1>
        <p>Are you sure you want to approve this answer?</p>
          <p class="item"><strong><?php echo h($answer['title']); ?></strong> by <emphasis><?php echo h($user['username']); ?></emphasis></p>
          <p><italics><?php echo h($answer['content']); ?></italics>

        <form action="<?php echo url_for('/approve.php?id=' . h(u($answer['id']))); ?>" method="post">
          <div id="operations">
            <input type="hidden" name="approved" value="1" />
            <input class="btn btn-success btn-lg btn-block" type="submit" name="approved" id="approved" value="Confirm" />
          </div>
        </form>
      </div>

    </div><!-- container -->

函数approve\u answer(query\u functions.php)

function approve_answer($answer) {
    global $db;

    $errors = validate_answer($answer);
    if(!empty($errors)) {
      return $errors;
    }

    $sql = "UPDATE answers SET ";
    $sql .= "approved='" . db_escape($db, '1') . "', ";
    $sql .= "WHERE id='" . db_escape($db, $answer['id']) . "' ";
    $sql .= "LIMIT 1";

    $result = mysqli_query($db, $sql);
    // For UPDATE statements, $result is true/false
    if($result) {
      return true;
    } else {
      // UPDATE failed
      echo mysqli_error($db);
      db_disconnect($db);
      exit;
    }

  }

我哪里出错了?

yjghlzjz

yjghlzjz1#

替换以下代码以进行查询。

$sql = "UPDATE answers SET ";
$sql .= "approved='" . db_escape('1') . "', ";
$sql .= "WHERE id='" . db_escape($answer['id']) . "' ";
$sql .= "LIMIT 1";
nimxete2

nimxete22#

if(!isset($_GET['id'])) {
      redirect_to(url_for('/pending.php'));
    }

    if(is_post_request()) {

      $result = approve_answer($_POST['id']);
      $_SESSION['message'] = '<div class="text-success">The answer was successfully approved and ready for public viewing.</div>';  
      redirect_to(url_for('/pending.php'));

    } else {
      $answer = find_answer_by_id($_GET['id']);
      $user = find_user_by_id($answer['user_id']);
    }

    ?>
    <?php $page_title = 'Confirm Approval'; ?>
    <?php include(SHARED_PATH . '/public_header.php'); ?>

    <div class="container my-2">
        <div class="my-2">
        <a class="back-link my-2" href="<?php echo url_for('/answer.php?id=' . h(u($answer['id']))); ?>"><i class="mr-2 fas fa-arrow-circle-left fa-2x"></i> Back to Answer</a>
        </div>

      <div class="answer approve">
        <h1>Confirm Approval</h1>
        <p>Are you sure you want to approve this answer?</p>
          <p class="item"><strong><?php echo h($answer['title']); ?></strong> by <emphasis><?php echo h($user['username']); ?></emphasis></p>
          <p><italics><?php echo h($answer['content']); ?></italics>

        <form action="<?php echo url_for('/approve.php?id=' . h(u($answer['id']))); ?>" method="post">
          <div id="operations">
            <input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
            <input class="btn btn-success btn-lg btn-block" type="submit" name="approved" id="approved" value="Confirm" />
          </div>
        </form>
      </div>

    </div><!-- container -->

查询

$sql = "UPDATE answers SET ";
    $sql .= "approved=1";
    $sql .= "WHERE id='" . db_escape($db, $answer) . "' ";

你可以试试这个代码。我仍然不知道你在哪里设置的值 $answer['user_id'] ? 但这应该能解决你的问题。

相关问题