diff --git a/public/blog/index.php b/public/blog/index.php index 1100bac..1dd2246 100755 --- a/public/blog/index.php +++ b/public/blog/index.php @@ -13,7 +13,7 @@ 首页 关于 - 文章 + 文章 弹幕留言 短链生成 gitea @@ -46,7 +46,7 @@ open-ww3-project-img
@@ -81,7 +81,7 @@ color: rgb(202, 202, 202); overflow: auto; /* up、right、down、left */ - margin: -250px 0px 0px 700px; + margin: -255px 0px 0px 700px; } body { diff --git a/public/blog/logs.php b/public/blog/logs.php index e018805..3b5e068 100644 --- a/public/blog/logs.php +++ b/public/blog/logs.php @@ -1,6 +1,6 @@ query('SELECT id, date, content FROM logs ORDER BY id DESC'); // 执行查询logs表单中的id date content id重大到小排列的命令 + $select_id_date_content_from_logs_b_to_s /*查询logs表单中的id date content id从大到小排列*/ = $db->query('SELECT id, date, content FROM logs ORDER BY id DESC'); // 执行查询logs表单中的id date content id从大到小排列的命令 // 循环 写入 while ($row = $select_id_date_content_from_logs_b_to_s->fetchArray(SQLITE3_ASSOC)) { diff --git a/public/blog/post/index.php b/public/blog/post/index.php new file mode 100644 index 0000000..d99def8 --- /dev/null +++ b/public/blog/post/index.php @@ -0,0 +1,46 @@ +"; + // 如果连接成功,但是内部状态有问题 + if ($db->lastErrorCode() !==0) { + // 依旧显示为连接失败 + die("数据库连接失败"); + } + + // 内容区 + // 执行sql命令 查询表单 + $select_id_date_title_from_posts /*查询posts表单中的id date title id从小到大排列*/ = $db->query('SELECT id, date, title FROM posts ORDER BY id ASC'); // 执行查询posts表单中的id date title id从小到大排列的命令 + // 循环 写入 + + echo "

全部文章

"; + echo "文章如下↓"; + echo "
"; + echo "
"; + + while ($row = $select_id_date_title_from_posts->fetchArray(SQLITE3_ASSOC)) { + + echo "文章id: " . $row['id'] . "
"; + echo $row['date'] . "   " . "文章标题: " . $row['title'] . "
"; + echo "页面跳转

"; + } + + + + // 关闭数据库连接 + $db->close(); + + // 捕获php报错 + } catch (Exception $e) { + // 依旧显示为连接失败 + die("数据库连接失败"); + // 关闭数据库连接 + $db->close(); + } + +?> \ No newline at end of file diff --git a/public/blog/post/s/index.php b/public/blog/post/s/index.php new file mode 100644 index 0000000..55fdc48 --- /dev/null +++ b/public/blog/post/s/index.php @@ -0,0 +1,110 @@ + MAX_ARTICLE_ID +) { + http_response_code(400); // HTTP 400 Bad Request + + $error_msg = "错误:文章 ID 格式不正确。ID 必须是 1 到 " . MAX_ARTICLE_ID . " 之间的整数。"; + die($error_msg); +} + +// 通过检查后,将 ID 强制转换为整数 +$post_id = (int)$post_id; + +try { + /** + * 3. 连接 SQLite 数据库 + * 注意:如果 PHP 运行用户没有读取此路径文件的权限,这里会失败。 + */ + $db = new SQLite3($db_path); + + /** + * 4. 准备 SQL 查询语句 (核心安全防线:预处理语句) + * 使用占位符 :id 代替用户输入。 + */ + $sql = 'SELECT title, content FROM posts WHERE id = :id'; + + // 准备语句 + $stmt = $db->prepare($sql); + + // 绑定参数:将 :id 替换为 $post_id 的值,并明确指定它是一个整数类型 + $stmt->bindValue(':id', $post_id, SQLITE3_INTEGER); + + /** + * 5. 执行查询并获取结果 + */ + $result = $stmt->execute(); + + // 从结果集中获取一行数据 + $row = $result->fetchArray(SQLITE3_ASSOC); + + /** + * 6. 显示内容或 404 错误 + */ + if ($row) { + // 使用 htmlspecialchars() 函数防止 XSS 攻击 + $title = $row['title']; + $content = $row['content']; + + // --- 页面输出开始 --- + echo ""; + echo ""; + echo "{$title}"; + echo ""; + echo "

{$title}

"; + + // nl2br 用于将换行符转换成
+ echo "
" . nl2br($content) . "
"; + + echo ""; + echo ""; + // --- 页面输出结束 --- + + } else { + // 文章未找到 + http_response_code(404); // 404 Not Found + echo "

404 Not Found

"; + echo "

抱歉,ID 为 {$post_id} 的文章不存在。

"; + } + + /** + * 7. 清理资源 + */ + $db->close(); + //$stmt->close(); + +} catch (Exception $e) { + // 处理异常 + http_response_code(500); // 500 Internal Server Error + error_log("SQLite 错误: " . $e->getMessage()); + die("系统错误,请稍后重试。"); +} +?> \ No newline at end of file diff --git a/public/blog/read_file.php b/public/blog/read_file.php deleted file mode 100755 index b64f1b9..0000000 --- a/public/blog/read_file.php +++ /dev/null @@ -1,30 +0,0 @@ -
"; - echo "文章顺序ID: " . $sequence_id . "
"; // 输出顺序ID - echo "" . $data . "\n"; - echo "" . $title . "\n"; - echo " 跳转页面"; - //echo '链接 (URL): 链接'; - $sequence_id++; // 每次循环后,顺序ID加1 - } - } - - \ No newline at end of file diff --git a/public/index.php b/public/index.php index d13bcab..caee542 100755 --- a/public/index.php +++ b/public/index.php @@ -15,7 +15,7 @@ } // posts 路由 - include "./request/posts.php"; + // 整改中 // 所有路由匹配结束后,检查是否找到路由 diff --git a/public/request/posts.php b/public/request/posts.php deleted file mode 100755 index 6d5d992..0000000 --- a/public/request/posts.php +++ /dev/null @@ -1,50 +0,0 @@ -output(); diff --git a/src/views/post.php b/src/views/post.php deleted file mode 100755 index 27fd776..0000000 --- a/src/views/post.php +++ /dev/null @@ -1,35 +0,0 @@ -
-

- 全部文章 -

-
- -
"; - echo "文章顺序ID: " . $sequence_id . "
"; // 输出顺序ID - echo "" . $data . "\n"; - echo "" . $title . "\n"; - echo " 跳转页面"; - //echo '链接 (URL): 链接'; - $sequence_id++; // 每次循环后,顺序ID加1 - } - } - -//print_r ($lines); \ No newline at end of file diff --git a/src/views/posts.php b/src/views/posts.php deleted file mode 100755 index 161b2db..0000000 --- a/src/views/posts.php +++ /dev/null @@ -1,36 +0,0 @@ -output(); - - exit(); - } else { - $random_string = substr(str_shuffle("a_bc-def_ghij-klmno_-pq-rs_tu-vwxyz-_$&_#12-34-567-8-0"), 0, 16); - // 这是第一次请求,执行重定向 - echo "

" . "找到id为" . $post_id . "的文章
正在为您跳转" . "

"; - $delay = 0.5; - $_SESSION['redirected_to_post'] = $post_id; // 设置 session 标记 - header("Refresh: $delay; url=/blog/md/post/s/$post_id#content&$random_string"); - exit(); - } - } else { - echo "

没有id为" . $post_id . "的文章

"; - } -} else { - echo "

抱歉,没有找到对应id文章,请检查!

"; -} \ No newline at end of file