是否有可能让'会话用户'显示

Question

您好那里我试图让用户评论并登录到他们的“登录名”帐户，当他们评论currenlty当用户想要显示评论它要求他们的名字和他们的评论。是否有可能以显示他们的名字得到它从会话显示呢？谢谢！

http://puu.sh/cByNU/697e58cdf6.jpg http://puu.sh/cByNU/697e58cdf6.jpg

在我登录的“试验”的形象有可能删除“名称”字段，当他们发布评论时，它将在搜索框（测试）处得到他们的名字。

感谢小号！

我的代码：

<?php 
session_start(); 
include "../includes/config.php"; 
    include "function.php"; 
    include ('../includes/header.php'); 
?> 

<!DOCTYPE HTML> 

<html> 
<head> 
<title>Honda</title> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'> 
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" /> 
<!--start lightbox --> 
<link rel="stylesheet" type="text/css" href="../css/jquery.lightbox.css"> 
<script src="../js/jquery.min.js"></script> 
<script src="../js/jquery.lightbox.js"></script> 
<script> 
    // Initiate Lightbox 
    $(function() { 
    $('.gallery1 a').lightbox(); 
    }); 
</script> 

</head> 
<body> 
<!--start header--> 
<div class="h_bg"> 
<div class="wrap"> 
<div class="wrapper"> 
<div class="header"> 
    <div class="logo"> 
     <a href="index.php"><img src="../images/logo.png"> </a> 
    </div> 
    <div class="cssmenu"> 
    <ul> 
     <li><a href="index.php"><span>Home</span></a></li> 
     <li><a href="about.php"><span>About</span></a></li> 
     <li class="active" class="has-sub"><a href="service.php"><span>Gallery</span></a> 
     </li> 
     <li class="last"><a href="contact.php"><span>Contact</span></a></li> 
    <div class="clear"></div> 

    <form action="search.php" method="GET"> 
        <div class="search"> 
        <h2>search</h2> 
      <form> 

       <input type="text" name="query" placeholder="Enter Your search..." /> 
       <input type="submit" value=""> 
      </form> 
     </div> 
     </form> 

           <div class="search1"> 


      <form action="" method="POST"> 
     <br> 
<h2>Welcome, <?=$_SESSION['sess_user'];?>!</h2><br><br> 
           <div class="pw"> 
       <a href="changepassword.php"><h3>Change details</h3></a> 
       </div> 

       <br><br> 
<h2><a href="logout.php">Logout</a></h2> 
    </form> 
    </div> 



    </div> 
    </ul> 
    </div> 
    <div class="clear"></div> 
</div> 
</div> 
</div> 
</div> 
<!-- start content --> 
<div class="content_bg"> 
<div class="wrap"> 
<div class="wrapper"> 
    <div class="main"> 
<div class="ser-main"> 
     <h2 class="style">Gallery of honda</h2> 
     <div class="ser-grid-list img_style"> 
     <div class="gallery1"> 
      <a href="../images/ser_pic1.jpg"><img src="../images/ser_pic1.jpg" alt=""></a> 
     </div> 
     </div> 
     <div class="ser-grid-list img_style"> 
     <div class="gallery1"> 
      <a href="../images/ser_pic2.jpg"><img src="../images/ser_pic2.jpg" alt=""></a> 
     </div> 
     </div> 
     <div class="ser-grid-list img_style"> 
     <div class="gallery1"> 
      <a href="../images/ser_pic3.jpg"><img src="../images/ser_pic3.jpg" alt=""></a> 
     </div> 
     </div> 
     <div class="ser-grid-list img_style"> 
     <div class="gallery1"> 
      <a href="../images/ser_pic4.jpg"><img src="../images/ser_pic4.jpg" alt=""></a> 
     </div> 










     </div> 
     <div class="clear"></div> 
    </div> 
</div> 
</div> 
</div> 
<div class="footer_bg"> 
<div class="wrap"> 
<div class="wrapper"> 
    <div class="footer"> 

       <div class="search69"> 


     <?php 

if(isset($_POST['submit']) 
    && !empty($_POST['name']) 
    && !empty($_POST['comment'])){ 

$name=$_POST['name']; 
$comment=$_POST['comment']; 
$submit=$_POST['submit']; 


$insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment') "); 
echo "<meta HTTP-EQUIV='REFRESH' content='0; url=service.php'>"; 
} 
else 
{ 
echo ""; 
} 
?> 





     <form class="comments" action="service.php" method="POST"> 



<h2>Name: </h2><br><input type="text" name="name" required/><br><br> 
<h2>Comment:</h2><textarea name="comment" rows="10" cols="50" required></textarea><br><br><br> 
<input type="submit" name="submit" value="Comment"> 

</form> 



<?php 


$getquery=mysql_query("SELECT * FROM comment ORDER BY id DESC"); 
while($rows=mysql_fetch_assoc($getquery)) 
{ 
$id=$rows['id']; 
$date=$rows['date']; 
$name=$rows['name']; 
$comment=$rows['comment']; 
echo '<h2><hr size="1"/><br><font color="green">' . $name . '</font><h2><br/>' . '<br/>' . $comment . '<br/><br><font color="red">' . $date. '</font><br/>' . '<hr size="1"/>' 
;} 



?> 





</div> 
     <div class="copy"> 
      <p class="w3-link">2014&nbsp;</p> 
      <a href="terms.php">Privacy & Policy</a> 



     </div> 
       <div class="f_nav"> 
     <ul> 
      <li><a href="#">Skype</a></li> 
      <li><a href="#">Linked in</a></li> 
      <li><a href="#">Twitter</a></li> 
      <li><a href="#">Facebook</a></li> 
     </ul> 
     </div> 
     <div class="clear"></div> 
    </div> 
</div> 
</div> 
</div> 
</body> 
</html> 

（ALL我的代码在该页面中）

Answer 1

UPDATE：

在这里你们会杀了我，因为我现在只是修改你的代码，而不是重写为mysqli或PDO，但正如我所看到的，你卡住了，所以我刚刚更新，因为我不想与此混淆。我做了一些修改，检查我的评论。 （迁插入到文件的顶部块，添加一个错误消息，删除unnecesarry变量，重命名变量行对行，等​​...）

<?php 
session_start(); 
include "../includes/config.php"; 
include "function.php"; 
include ('../includes/header.php'); 

//Set an empty errorMsg because later we will check it. 
$errorMsg = ''; 

//If everything is set, or the SESSION["sess_user"] not empty. 
//I moved this whole thing here, because if there are no output, we can 
//redirect user from PHP, and do not need to use META REFREHS... 
if (isset($_POST['submit']) && !empty($_POST['comment']) && (!empty($_POST["name"]) || !empty($_SESSION["sess_user"]))) { 
    if (!empty($_SESSION["sess_user"])) { 
     $name = $_SESSION["sess_user"]; 
    } else { 
     $name = $_POST["name"]; 
    } 
    //$comment = $_POST['comment']; //Use $_POST["comment"] directly 
    //$submit = $_POST['submit']; //Do not use it anywhere 
    $insert = mysql_query("INSERT INTO comment (name,comment) VALUES ('" . mysql_real_escape_string($name) . "','" . mysql_real_escape_string($_POST["comment"]) . "')"); 
    Header("Location: service.php"); 
} else { 
    $errorMsg = "You need to fill all the fields."; 
} 
?> 
<!DOCTYPE HTML> 
<html> 
    <head> 
     <title>Honda</title> 
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
     <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 
     <link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'> 
     <link href="../css/style.css" rel="stylesheet" type="text/css" media="all" /> 
     <!--start lightbox --> 
     <link rel="stylesheet" type="text/css" href="../css/jquery.lightbox.css"> 
     <script src="../js/jquery.min.js"></script> 
     <script src="../js/jquery.lightbox.js"></script> 
     <script> 
      // Initiate Lightbox 
      $(function() { 
       $('.gallery1 a').lightbox(); 
      }); 
     </script> 
    </head> 
    <body> 
     <!--start header--> 
     <div class="h_bg"> 
      <div class="wrap"> 
       <div class="wrapper"> 
        <div class="header"> 
         <div class="logo"> 
          <a href="index.php"><img src="../images/logo.png"> </a> 
         </div> 
         <div class="cssmenu"> 
          <ul> 
           <li><a href="index.php"><span>Home</span></a></li> 
           <li><a href="about.php"><span>About</span></a></li> 
           <li class="active" class="has-sub"><a href="service.php"><span>Gallery</span></a> 
           </li> 
           <li class="last"><a href="contact.php"><span>Contact</span></a></li> 
           <div class="clear"></div> 

           <form action="search.php" method="GET"> 
            <div class="search"> 
             <h2>search</h2> 
             <form> 

              <input type="text" name="query" placeholder="Enter Your search..." /> 
              <input type="submit" value=""> 
             </form> 
            </div> 
           </form> 
           <div class="search1"> 
            <form action="" method="POST"> 
             <br> 
             <h2>Welcome, <?= $_SESSION['sess_user']; ?>!</h2><br><br> 
             <div class="pw"> 
              <a href="changepassword.php"><h3>Change details</h3></a> 
             </div> 
             <br><br> 
             <h2><a href="logout.php">Logout</a></h2> 
            </form> 
           </div> 
         </div> 
         </ul> 
        </div> 
        <div class="clear"></div> 
       </div> 
      </div> 
     </div> 
    </div> 
    <!-- start content --> 
    <div class="content_bg"> 
     <div class="wrap"> 
      <div class="wrapper"> 
       <div class="main"> 
        <div class="ser-main"> 
         <h2 class="style">Gallery of honda</h2> 
         <div class="ser-grid-list img_style"> 
          <div class="gallery1"> 
           <a href="../images/ser_pic1.jpg"><img src="../images/ser_pic1.jpg" alt=""></a> 
          </div> 
         </div> 
         <div class="ser-grid-list img_style"> 
          <div class="gallery1"> 
           <a href="../images/ser_pic2.jpg"><img src="../images/ser_pic2.jpg" alt=""></a> 
          </div> 
         </div> 
         <div class="ser-grid-list img_style"> 
          <div class="gallery1"> 
           <a href="../images/ser_pic3.jpg"><img src="../images/ser_pic3.jpg" alt=""></a> 
          </div> 
         </div> 
         <div class="ser-grid-list img_style"> 
          <div class="gallery1"> 
           <a href="../images/ser_pic4.jpg"><img src="../images/ser_pic4.jpg" alt=""></a> 
          </div> 
         </div> 
         <div class="clear"></div> 
        </div> 
       </div> 
      </div> 
     </div> 
     <div class="footer_bg"> 
      <div class="wrap"> 
       <div class="wrapper"> 
        <div class="footer"> 
         <div class="search69"> 
          <?php 
          //Added here the errorMsg 
          if (!empty($errorMsg)) { 
           ?> 
           <div class="error"><?php echo $errorMsg; ?></div> 
           <?php 
          } 
          ?> 
          <form class="comments" action="service.php" method="POST"> 
           <?php 
           if (!empty($_SESSION['sess_user'])) { 
            //If user logged in, use the name of it 
            ?> 
            <h2>Name: </h2><br><?php echo $_SESSION['sess_user']; ?> 
            <br><br> 
            <?php 
           } else { 
            //Else, ask it 
            ?> 
            <h2>Name: </h2><br><input type="text" name="name" required/><br><br> 
            <?php 
           } 
           ?> 

           <h2>Comment:</h2><textarea name="comment" rows="10" cols="50" required></textarea><br><br><br> 
           <input type="submit" name="submit" value="Comment"> 
          </form> 

          <?php 
          $getquery = mysql_query("SELECT * FROM comment ORDER BY id DESC"); 
          //This is one row, not rows 
          while ($row = mysql_fetch_assoc($getquery)) { 
           /* 
           * These are not necessary 
           $id = $rows['id']; 
           $date = $rows['date']; 
           $name = $rows['name']; 
           $comment = $rows['comment']; 
           */ 
           echo '<h2><hr size="1"/><br><font color="green">' . $row['name'] . '</font><h2><br/>' . '<br/>' . $row['comment'] . '<br/><br><font color="red">' . $row['date'] . '</font><br/>' . '<hr size="1"/>' 
           ; 
          } 
          ?> 

         </div> 
         <div class="copy"> 
          <p class="w3-link">2014&nbsp;</p> 
          <a href="terms.php">Privacy & Policy</a> 
         </div> 
         <div class="f_nav"> 
          <ul> 
           <li><a href="#">Skype</a></li> 
           <li><a href="#">Linked in</a></li> 
           <li><a href="#">Twitter</a></li> 
           <li><a href="#">Facebook</a></li> 
          </ul> 
         </div> 
         <div class="clear"></div> 
        </div> 
       </div> 
      </div> 
     </div> 
</body> 
</html> 

注：，因为不使用MySQL的函数他们已被弃用。改用mysqli或PDO功能。

针对sql注入的acoid，所以逃避你的数据！

Answer 2

如果我得到它，你希望表单自动获取登录用户的名称。您应该：

<?php $username = isset($_SESSION['sess_user']) ? $_SESSION['sess_user'] : "";?> 

将用户名或“”存储到$ username中，具体取决于用户是否已验证。然后在你的输入行内输入：

<h2>Name: </h2><br><input type="text" name="name" value="<?php echo $username; ?>" required/><br><br>