简单博客系统PHP实现:注册、登录与文章发布
系统概述
本文将介绍如何使用PHP构建一个基础的博客系统,包含用户注册、登录和文章发布功能。这个系统适合初学者学习PHP开发的基本流程。
数据库设计
首先我们需要设计数据库结构,创建以下表:
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE TABLE posts (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
title VARCHAR(255) NOT NULL,
content TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (user_id) REFERENCES users(id)
);核心功能实现
1. 数据库连接
创建 config.php文件处理数据库连接:
<?php
$host = 'localhost';
$dbname = 'blog_system';
$username = 'root';
$password = '';
try {
$pdo = new PDO("mysql:host=$host;dbname=$dbname", $username, $password);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
die("数据库连接失败: " . $e->getMessage());
}
?>2. 用户注册功能
创建 register.php:
<?php
require 'config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
try {
$stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->execute([$username, $password]);
header("Location: login.php");
exit();
} catch (PDOException $e) {
$error = "用户名已存在";
}
}
?>
<!-- HTML注册表单 -->
<form method="post">
<input type="text" name="username" placeholder="用户名" required>
<input type="password" name="password" placeholder="密码" required>
<button type="submit">注册</button>
<?php if (isset($error)) echo "<p>$error</p>"; ?>
</form>3. 用户登录功能
创建 login.php:
<?php
session_start();
require 'config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
header("Location: index.php");
exit();
} else {
$error = "用户名或密码错误";
}
}
?>
<!-- HTML登录表单 -->
<form method="post">
<input type="text" name="username" placeholder="用户名" required>
<input type="password" name="password" placeholder="密码" required>
<button type="submit">登录</button>
<?php if (isset($error)) echo "<p>$error</p>"; ?>
</form>4. 文章发布功能
创建 create_post.php:
<?php
session_start();
require 'config.php';
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$title = trim($_POST['title']);
$content = trim($_POST['content']);
$user_id = $_SESSION['user_id'];
$stmt = $pdo->prepare("INSERT INTO posts (user_id, title, content) VALUES (?, ?, ?)");
$stmt->execute([$user_id, $title, $content]);
header("Location: index.php");
exit();
}
?>
<!-- HTML文章表单 -->
<form method="post">
<input type="text" name="title" placeholder="标题" required>
<textarea name="content" placeholder="内容" required></textarea>
<button type="submit">发布</button>
</form>5. 文章列表展示
创建 index.php显示所有文章:
<?php
require 'config.php';
$stmt = $pdo->query("SELECT posts.*, users.username FROM posts JOIN users ON posts.user_id = users.id ORDER BY created_at DESC");
$posts = $stmt->fetchAll();
?>
<!-- HTML文章列表 -->
<?php foreach ($posts as $post): ?>
<article>
<h2><?= htmlspecialchars($post['title']) ?></h2>
<p>作者: <?= htmlspecialchars($post['username']) ?></p>
<p><?= nl2br(htmlspecialchars($post['content'])) ?></p>
<time><?= $post['created_at'] ?></time>
</article>
<?php endforeach; ?>安全注意事项
- 始终使用
htmlspecialchars()输出用户内容,防止XSS攻击 - 使用
password_hash()和password_verify()处理密码 - 对数据库查询使用预处理语句防止SQL注入
- 敏感操作前检查用户登录状态
扩展建议
这个基础系统可以进一步扩展:
- 添加用户个人资料页面
- 实现文章编辑和删除功能
- 增加文章分类和标签
- 添加评论功能
- 实现分页显示文章
通过这个简单的博客系统,你可以学习到PHP开发的基本流程和数据库操作的核心概念。
评论 (0)
×暂无评论,快来发表第一条评论吧