后台登陆页login.php
<?php //1.连接数据库 (创建一个数据库,创建数据表 test_admin) //id, adminuser, adminpass, created_at, login_at, login_ip require '../db.func.php'; require '../tools.func.php'; // POST提交 if (!empty($_POST['adminuser'])) { //2.查询用户名和密码是否正确 adminuser adminpass $prefix = getDBPrefix(); $adminuser = htmlentities($_POST['adminuser']); $adminpass = md5(htmlentities($_POST['adminpass'])); $sql = "SELECT id, adminuser FROM {$prefix}admin WHERE adminuser = '$adminuser' AND adminpass = '$adminpass'"; $res = queryOne($sql); if ($res) { //3.写入session setSession('admin', ['adminuser' => $adminuser, 'id' => $res['id']] ); $login_at = date('Y-m-d H:i:s'); $ip = $_SERVER['REMOTE_ADDR'] == '::1' ? '127.0.0.1' : $_SERVER['REMOTE_ADDR']; $login_ip = ip2long($ip); $sql = "UPDATE {$prefix}admin SET login_at = '$login_at', login_ip = '$login_ip' WHERE id = '{$res['id']}'"; execute($sql); //4.跳转到index.php header('location: index.php'); } else { setInfo('用户名或者密码错误'); } } ?> <!doctype html> <html> <head> <title>商城</title> <!-- Required meta tags --> <meta charset="utf-8"> <meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" name="viewport" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <!-- Fonts and icons --> <link rel="stylesheet" type="text/css" href="assets/css/googlefonts.css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons" /> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css"> <!-- Material Kit CSS --> <link href="assets/css/material-dashboard.css?v=2.1.1" rel="stylesheet" /> </head> <body> <div class="wrapper "> <div> <div> <div class="container" style=" 50%;margin-top: 250px;"> <div class="row"> <div class="col-md-12"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <h4 class="card-title">登录</h4> <p class="card-category">以管理员身份登录后台</p> </div> <div class="card-body"> <p><?php if (hasInfo()) echo getInfo(); ?></p> <form action="login.php" method="post"> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">用户名</label> <input type="text" name="adminuser" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">密码</label> <input type="password" name="adminpass" class="form-control"> </div> </div> </div> <button type="submit" class="btn btn-primary pull-right">登录</button> <div class="clearfix"></div> </form> </div> </div> </div> </div> </div> </div> </div> </div> </div> <script src="assets/js/core/jquery.min.js"></script> <script src="assets/js/core/popper.min.js"></script> <script src="assets/js/core/bootstrap-material-design.min.js"></script> </body> </html>
数据库结构shop.sql
/* Navicat Premium Data Transfer Source Server : 127.0.0.1 Source Server Type : MySQL Source Server Version : 80012 Source Host : localhost:3306 Source Schema : shop Target Server Type : MySQL Target Server Version : 80012 File Encoding : 65001 Date: 26/01/2019 10:13:57 */ SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- -- Table structure for test_admin -- ---------------------------- DROP TABLE IF EXISTS `test_admin`; CREATE TABLE `test_admin` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `adminuser` varchar(50) NOT NULL DEFAULT '', `adminpass` char(32) NOT NULL DEFAULT '', `created_at` varchar(255) NOT NULL DEFAULT '', `login_at` varchar(255) NOT NULL DEFAULT '' , `login_ip` bigint(20) NOT NULL DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of test_admin -- ---------------------------- BEGIN; INSERT INTO `test_admin` VALUES (1, 'admin', '0192023a7bbd73250516f069df18b500', '2019-01-23 20:21:03', '2019-01-24 12:56:48', 2130706433); COMMIT; -- ---------------------------- -- Table structure for test_cart -- ---------------------------- DROP TABLE IF EXISTS `test_cart`; CREATE TABLE `test_cart` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `price` decimal(10,2) unsigned NOT NULL DEFAULT '0.00', `quantity` int(10) unsigned NOT NULL DEFAULT '0', `products` text, `uid` int(10) unsigned NOT NULL DEFAULT '0', `created_at` varchar(255) NOT NULL DEFAULT '' , PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of test_cart -- ---------------------------- BEGIN; INSERT INTO `test_cart` VALUES (2, 21700.00, 3, '{"3":{"quantity":2,"product":{"id":"3","name":"Macbook Pro","price":"8800.00","code":"88888888","description":"Macbook Pro"}},"4":{"quantity":1,"product":{"id":"4","name":"\u534e\u4e3a\u624b\u673a","price":"4100.00","code":"929868123123123","description":"\u5546\u54c1\u63cf\u8ff0\uff1a\r\n\r\n\u8fd9\u662f\u534e\u4e3a\u624b\u673a"}}}', 5, '2019-01-24 10:53:24'); COMMIT; -- ---------------------------- -- Table structure for test_order -- ---------------------------- DROP TABLE IF EXISTS `test_order`; CREATE TABLE `test_order` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `price` decimal(10,2) unsigned NOT NULL DEFAULT '0.00', `quantity` int(10) unsigned NOT NULL DEFAULT '0', `products` text, `uid` int(10) unsigned NOT NULL DEFAULT '0', `created_at` varchar(255) NOT NULL DEFAULT '' , PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of test_order -- ---------------------------- BEGIN; INSERT INTO `test_order` VALUES (1, 17600.00, 2, '{"3":{"quantity":2,"product":{"id":"3","name":"Macbook Pro","price":"8800.00","code":"88888888","description":"Macbook Pro"}}}', 5, '2019-01-24 12:46:33'); COMMIT; -- ---------------------------- -- Table structure for test_product -- ---------------------------- DROP TABLE IF EXISTS `test_product`; CREATE TABLE `test_product` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `name` varchar(200) NOT NULL DEFAULT '', `code` varchar(100) NOT NULL DEFAULT '', `description` text, `stock` int(10) unsigned NOT NULL DEFAULT '0', `price` decimal(10,2) unsigned NOT NULL DEFAULT '0.00', `created_at` varchar(255) NOT NULL DEFAULT '' , PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of test_product -- ---------------------------- BEGIN; INSERT INTO `test_product` VALUES (3, 'Macbook Pro', '88888888', 'Macbook Pro', 99, 8800.00, '2019-01-24 00:19:28'); INSERT INTO `test_product` VALUES (4, '华为手机', '929868123123123', '商品描述: 这是华为手机', 99, 4100.00, '2019-01-24 00:31:28'); COMMIT; -- ---------------------------- -- Table structure for test_user -- ---------------------------- DROP TABLE IF EXISTS `test_user`; CREATE TABLE `test_user` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `username` varchar(100) NOT NULL DEFAULT '', `password` char(32) NOT NULL DEFAULT '', `name` varchar(100) NOT NULL DEFAULT '', `age` tinyint(3) unsigned NOT NULL DEFAULT '0', `email` varchar(100) NOT NULL DEFAULT '', `phone` varchar(20) NOT NULL DEFAULT '', `created_at` varchar(255) NOT NULL DEFAULT '' , PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8; -- ---------------------------- -- Records of test_user -- ---------------------------- BEGIN; INSERT INTO `test_user` VALUES (3, 'zhangsan', '4297f44b13955235245b2497399d7a93', '张三', 28, '965794175@qq.com', '13200000000', '2019-01-23 23:54:34'); INSERT INTO `test_user` VALUES (4, 'wangwu', '4297f44b13955235245b2497399d7a93', '', 0, 'wangwu@test.com', '', '2019-01-24 09:21:45'); INSERT INTO `test_user` VALUES (5, 'zhaoliu', '4297f44b13955235245b2497399d7a93', '', 0, 'zhaoliu@test.com', '', '2019-01-24 09:35:05'); COMMIT; SET FOREIGN_KEY_CHECKS = 1;
配置数据库文件config.php
<?php /** * Created by PhpStorm. * Date: 2019/1/23 * Time: 20:22 */ date_default_timezone_set('PRC'); return [ 'DB_HOST' => '127.0.0.1', 'DB_PORT' => '3306', 'DB_USER' => 'root', 'DB_PASS' => '123456', 'DB_NAME' => 'test_shop', 'DB_PREFIX' => 'test_', 'DB_CHARSET' => 'utf8', ];
操作数据库函数db.func.php
<?php function connect() { $config = require dirname(__FILE__) . '/config.php'; $mysqli = @mysqli_connect( $config['DB_HOST'] . ':' . $config['DB_PORT'], $config['DB_USER'], $config['DB_PASS'], $config['DB_NAME'] ) or die('Connect Error: ' . mysqli_connect_errno() . '-' . mysqli_connect_error()); mysqli_set_charset($mysqli, $config['DB_CHARSET']); return $mysqli; } function queryOne($sql) { $mysqli = connect(); $result = mysqli_query($mysqli, $sql); $data = []; if ($result && mysqli_num_rows($result) > 0) { $data = mysqli_fetch_assoc($result); } return $data; } function query($sql) { $mysqli = connect(); $result = mysqli_query($mysqli, $sql); $data = []; if ($result && mysqli_num_rows($result) > 0) { while ($res = mysqli_fetch_assoc($result)) { $data[] = $res; } } return $data; } function getDBPrefix() { $config = require dirname(__FILE__) . '/config.php'; return $config['DB_PREFIX']; } function execute($sql) { $mysqli = connect(); mysqli_query($mysqli, $sql); return mysqli_affected_rows($mysqli) > 0; }
公共函数文件tools.func.php
<?php /** * Created by PhpStorm. * Date: 2019/1/23 * Time: 20:31 */ function setSession($key, $data, $prefix = '') { session_id() || @session_start(); if (!empty($prefix)) { $_SESSION[$prefix][$key] = $data; } else { $_SESSION[$key] = $data; } } function getSession($key, $prefix = '') { session_id() || @session_start(); if (!empty($prefix)) { return isset($_SESSION[$prefix][$key]) ? $_SESSION[$prefix][$key] : []; } else { return isset($_SESSION[$key]) ? $_SESSION[$key] : []; } } function deleteSession($key, $prefix = '') { session_id() || @session_start(); if (!empty($prefix)) { $_SESSION[$prefix][$key] = null; } else { $_SESSION[$key] = null; } } function setInfo($info) { setSession('info', $info, 'system'); } function getInfo() { $info = getSession('info', 'system'); deleteSession('info', 'system'); return $info; } function hasInfo() { return !empty(getSession('info', 'system')); }
判断是否有登陆权限auth.php
<?php /** * Created by PhpStorm. * Date: 2019/1/23 * Time: 22:07 */ if (empty(getSession('adminuser', 'admin'))) { header('location: login.php'); exit; }
登陆成功后进入后台首页index.php
<?php require '../db.func.php'; require '../tools.func.php'; require 'auth.php'; //1.查询数据库 test_admin //2.写sql语句 $prefix = getDBPrefix(); $sql = "SELECT id,adminuser,created_at,login_at,login_ip FROM {$prefix}admin ORDER BY created_at DESC"; $data = query($sql); //3.遍历数据 require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <h4 class="card-title ">所有管理员</h4> <p class="card-category"> 控制台所有管理员列表</p> </div> <div class="card-body"> <div class="table-responsive"> <table class="table table-hover"> <thead class=" text-primary"> <th> ID </th> <th> 用户名 </th> <th> 创建时间 </th> <th> 最后登录时间 </th> <th> 最后登录IP </th> </thead> <tbody> <?php foreach ($data as $admin): ?> <tr> <td> <?php echo $admin['id']; ?> </td> <td> <?php echo $admin['adminuser']; ?> </td> <td> <?php echo $admin['created_at']; ?> </td> <td> <?php echo $admin['login_at']; ?> </td> <td> <?php echo long2ip($admin['login_ip']); ?> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> </div> </div> </div> </div> <?php require 'footer.php'; ?>
header.php
<?php $script = basename($_SERVER['SCRIPT_FILENAME']); // 控制台 index.php admin_edit.php // 用户管理 users.php user_add.php user_edit.php // 商品管理 products.php product_add.php product_edit.php ?> <!doctype html> <html> <head> <title>商城</title> <!-- Required meta tags --> <meta charset="utf-8"> <meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" name="viewport"/> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/> <!-- Fonts and icons --> <link rel="stylesheet" type="text/css" href="assets/css/googlefonts.css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons"/> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css"> <!-- Material Kit CSS --> <link href="assets/css/material-dashboard.css?v=2.1.1" rel="stylesheet"/> </head> <body> <div class="wrapper "> <div class="sidebar" data-color="purple" data-background-color="white"> <div class="logo"> <a href="index.php" class="simple-text logo-normal"> 商城 </a> </div> <div class="sidebar-wrapper"> <ul class="nav"> <li class="nav-item <?php echo substr($script, 0, 5) == 'index' || substr($script, 0, 5) == 'admin' ? 'active' : ''; ?>"> <a class="nav-link" href="index.php"> <i class="material-icons">dashboard</i> <p>控制台</p> </a> </li> <li class="nav-item <?php echo substr($script, 0, 4) == 'user' ? 'active' : ''; ?>"> <a class="nav-link" href="users.php"> <i class="material-icons">person</i> <p>用户管理</p> </a> </li> <li class="nav-item <?php echo substr($script, 0, 7) == 'product' ? 'active' : ''; ?>"> <a class="nav-link" href="products.php"> <i class="material-icons">library_books</i> <p>商品管理</p> </a> </li> <li class="nav-item <?php echo substr($script, 0, 4) == 'cart' ? 'active' : ''; ?>"> <a class="nav-link" href="carts.php"> <i class="material-icons">shopping_cart</i> <p>购物车管理</p> </a> </li> <li class="nav-item <?php echo substr($script, 0, 5) == 'order' ? 'active' : ''; ?>"> <a class="nav-link" href="orders.php"> <i class="material-icons">list</i> <p>订单管理</p> </a> </li> <!-- your sidebar here --> </ul> </div> </div> <div class="main-panel"> <!-- Navbar --> <nav class="navbar navbar-expand-lg navbar-transparent navbar-absolute fixed-top "> <div class="container-fluid"> <div class="navbar-wrapper"> <a class="navbar-brand" href="index.php">控制台</a> </div> <div class="collapse navbar-collapse justify-content-end"> <ul class="navbar-nav"> <li class="nav-item dropdown"> <a class="nav-link" href="#" id="navbarDropdownProfile" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <i class="material-icons">person</i> <p class="d-lg-none d-md-block"> 管理员 </p> </a> <div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownProfile"> <a class="dropdown-item" href="admin_edit.php">编辑</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="logout.php">退出</a> </div> </li> <!-- your navbar here --> </ul> </div> </div> </nav> <!-- End Navbar --> <div class="content"> <div class="container-fluid">
footer.php
</div> </div> </div> </div> <script src="assets/js/core/jquery.min.js"></script> <script src="assets/js/core/popper.min.js"></script> <script src="assets/js/core/bootstrap-material-design.min.js"></script> </body> </html>
管理员账号密码修改admin_edit.php
<?php require '../tools.func.php'; require 'auth.php'; require '../db.func.php'; $current_user = getSession('admin'); //1.判断是否为post提交 if (!empty($_POST['adminpass'])) { //2.验证新密码和确认密码是否一致 $adminpass = md5(htmlentities($_POST['adminpass'])); $newpass = htmlentities($_POST['newpass']); $confirmpass = htmlentities($_POST['confirmpass']); if ($newpass != $confirmpass) { setInfo('两次密码输入不一致'); } else { //3.验证旧密码是否正确 (查询数据库 用id,adminpass) $prefix = getDBPrefix(); $sql = "SELECT id FROM {$prefix}admin WHERE id = '{$current_user['id']}' AND adminpass = '$adminpass' "; $res = queryOne($sql); //4.更新数据表 imooc_admin adminpass if ($res) { $pass = md5($newpass); $sql = "UPDATE {$prefix}admin SET adminpass = '$pass' WHERE id = '{$current_user['id']}'"; if (execute($sql)) { setInfo('修改密码成功'); } else { setInfo('修改密码失败'); } } else { setInfo('旧密码不正确!'); } } //5.显示结果到页面 } require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <h4 class="card-title">修改密码</h4> <p class="card-category">修改当前管理员密码</p> </div> <div class="card-body"> <?php if (hasInfo()) echo getInfo(); ?> <form action="admin_edit.php" method="post"> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">用户名</label> <input type="text" disabled name="adminuser" value="<?php echo $current_user['adminuser']; ?>" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">旧密码</label> <input type="password" name="adminpass" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">新密码</label> <input type="password" name="newpass" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">确认密码</label> <input type="password" name="confirmpass" class="form-control"> </div> </div> </div> <button type="submit" class="btn btn-primary pull-right">修改</button> <div class="clearfix"></div> </form> </div> </div> </div> </div> <?php require 'footer.php'; ?>
管理员后台登出logout.php
<?php /** * Created by PhpStorm. * Date: 2019/1/23 * Time: 22:06 */ // 1. 删除当前登录用户的session require '../tools.func.php'; deleteSession('admin'); header('location: login.php');
用户列表显示users.php
<?php require '../db.func.php'; require '../tools.func.php'; require 'auth.php'; // 1. 写sql查询 $prefix = getDBPrefix(); $sql = "SELECT id, username, age, name, email, phone, created_at FROM {$prefix}user ORDER BY created_at DESC"; // 2. 执行查询 $res = query($sql); // 3. 遍历结果 require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <div class="row"> <div class="col-10"> <h4 class="card-title ">所有用户</h4> <p class="card-category"> 用户列表</p> </div> <div class="col-2"> <a href="user_add.php" class="btn btn-round btn-info" style="margin-left: 20px;">添加用户</a> </div> </div> </div> <div class="card-body"> <p><?php if (hasInfo()) echo getInfo(); ?></p> <div class="table-responsive"> <table class="table table-hover"> <thead class=" text-primary"> <th> ID </th> <th> 用户名 </th> <th> 姓名 </th> <th> 年龄 </th> <th> 邮箱 </th> <th> 联系电话 </th> <th> 注册时间 </th> <th> 操作 </th> </thead> <tbody> <?php foreach ($res as $user): ?> <tr> <td> <?php echo $user['id']; ?> </td> <td> <?php echo $user['username']; ?> </td> <td> <?php echo $user['name']; ?> </td> <td> <?php echo $user['age']; ?> </td> <td> <?php echo $user['email']; ?> </td> <td> <?php echo $user['phone']; ?> </td> <td> <?php echo $user['created_at']; ?> </td> <td> <a href="user_edit.php?id=<?php echo $user['id']; ?>">编辑</a> | <a href="user_del.php?id=<?php echo $user['id']; ?>">删除</a> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> </div> </div> </div> </div> <?php require 'footer.php'; ?>
添加用户user_add.php
<?php require '../tools.func.php'; require '../db.func.php'; require 'auth.php'; if (!empty($_POST['username'])) { // 1. 接收post数据 $username = htmlentities($_POST['username']); $password = htmlentities($_POST['password']); $confirmpass = htmlentities($_POST['confirmpass']); $name = htmlentities($_POST['name']); $age = htmlentities($_POST['age']); $email = htmlentities($_POST['email']); $phone = htmlentities($_POST['phone']); $created_at = date('Y-m-d H:i:s'); $prefix = getDBPrefix(); // 2. 验证密码输入是否一致 if ($password != $confirmpass) { setInfo('两次密码输入不一致'); } else { $password = md5($password); // 3. 写sql语句 $sql = "INSERT INTO {$prefix}user(username, password, age, name, email, phone, created_at) VALUES('$username', '$password', '$age', '$name', '$email', '$phone', '$created_at')"; // 4. 执行添加,如果成功,显示成功信息 if (execute($sql)) { setInfo('添加成功'); } else { setInfo('添加失败'); } } } require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <h4 class="card-title">添加用户</h4> <p class="card-category">添加一个用户</p> </div> <div class="card-body"> <?php if (hasInfo()) echo getInfo(); ?> <form action="user_add.php" method="post"> <div class="row"> <div class="col-md-4"> <div class="form-group"> <label class="bmd-label-floating">用户名</label> <input type="text" name="username" class="form-control"> </div> </div> <div class="col-md-4"> <div class="form-group"> <label class="bmd-label-floating">密码</label> <input type="password" name="password" class="form-control"> </div> </div> <div class="col-md-4"> <div class="form-group"> <label class="bmd-label-floating">确认密码</label> <input type="password" name="confirmpass" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">姓名</label> <input type="text" name="name" class="form-control"> </div> </div> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">年龄</label> <input type="number" name="age" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">联系电话</label> <input type="text" name="phone" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">电子邮箱</label> <input type="email" name="email" class="form-control"> </div> </div> </div> <button type="submit" class="btn btn-primary pull-right">添加用户</button> <div class="clearfix"></div> </form> </div> </div> </div> </div> <?php require 'footer.php'; ?>
修改用户信息user_edit.php
<?php require '../db.func.php'; require '../tools.func.php'; require 'auth.php'; // 1. 接收id $id = intval($_GET['id']); if (empty($id)) { header('location: users.php'); } // 2. 根据id查询用户 $prefix = getDBPrefix(); $sql = "SELECT id,username,age,email,phone,name FROM {$prefix}user WHERE id = '$id'"; $current_user = queryOne($sql); if (empty($current_user)) { header('location: users.php'); } // 3. 将查询出的用户的数据放入到表单当中 // 4. 判断是否为post提交 if (!empty($_POST['name'])) { // 5. 接收post数据 $name = htmlentities($_POST['name']); $age = htmlentities($_POST['age']); $email = htmlentities($_POST['email']); $phone = htmlentities($_POST['phone']); // 6. 更新数据记录 $sql = "UPDATE {$prefix}user SET name = '$name', age = '$age', email = '$email', phone = '$phone' WHERE id = '$id'"; if (execute($sql)) { $current_user = array_merge($current_user, $_POST); setInfo('更新成功'); } else { setInfo('更新失败'); } // 7. 显示结果 } require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <h4 class="card-title">修改用户</h4> <p class="card-category">修改一个用户</p> </div> <div class="card-body"> <?php if (hasInfo()) echo getInfo(); ?> <form action="user_edit.php?id=<?php echo $id; ?>" method="post"> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">用户名</label> <input type="text" name="username" value="<?php echo $current_user['username']; ?>" disabled class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">姓名</label> <input type="text" name="name" value="<?php echo $current_user['name']; ?>" class="form-control"> </div> </div> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">年龄</label> <input type="number" name="age" value="<?php echo $current_user['age']; ?>" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">联系电话</label> <input type="text" name="phone" value="<?php echo $current_user['phone']; ?>" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label class="bmd-label-floating">电子邮箱</label> <input type="email" name="email" value="<?php echo $current_user['email']; ?>" class="form-control"> </div> </div> </div> <button type="submit" class="btn btn-primary pull-right">更新信息</button> <div class="clearfix"></div> </form> </div> </div> </div> </div> <?php require 'footer.php'; ?>
删除用户user_del.php
<?php /** * Created by PhpStorm. * Date: 2019/1/24 * Time: 10:49 */ require '../db.func.php'; require '../tools.func.php'; require 'auth.php'; // 1. 接收id $id = intval($_GET['id']); // 2. 从数据库当中删除对应的数据 $prefix = getDBPrefix(); $sql = "DELETE FROM {$prefix}user WHERE id = '$id'"; if (execute($sql)) { setInfo('删除成功'); } else { setInfo('删除失败'); } // 3. 跳回到列表页 header('location: users.php');
商品列表products.php
<?php require '../tools.func.php'; require 'auth.php'; require '../db.func.php'; $prefix = getDBPrefix(); $sql = "SELECT * FROM {$prefix}product ORDER BY created_at DESC "; $data = query($sql); require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <div class="row"> <div class="col-10"> <h4 class="card-title ">所有商品</h4> <p class="card-category"> 所有商品列表</p> </div> <div class="col-2"> <a href="product_add.php" class="btn btn-round btn-info" style="margin-left: 20px;">添加商品</a> </div> </div> </div> <div class="card-body"> <div class="table-responsive"> <table class="table table-hover" style="table-layout:fixed; "> <thead class=" text-primary"> <th width="5%"> ID </th> <th> 商品编号 </th> <th> 商品名称 </th> <th> 商品描述 </th> <th> 商品库存 </th> <th> 商品单价 </th> <th> 商品上架时间 </th> <th> 编辑 </th> </thead> <tbody> <?php foreach ($data as $pro): ?> <tr> <td> <?php echo $pro['id']; ?> </td> <td> <?php echo $pro['code']; ?> </td> <td> <?php echo $pro['name']; ?> </td> <td> <?php echo mb_substr($pro['description'], 0, 8, 'utf-8') . '...'; ?> </td> <td> <?php echo $pro['stock']; ?> </td> <td> <?php echo $pro['price']; ?> </td> <td> <?php echo $pro['created_at']; ?> </td> <td> <a href="#">编辑</a> | <a href="#">删除</a> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> </div> </div> </div> </div> <?php require 'footer.php'; ?>
添加商品product_add.php
<?php require '../tools.func.php'; require 'auth.php'; require '../db.func.php'; // 1. 判断是否为post提交 if (!empty($_POST['name'])) { // 2. 接收post数据 $name = htmlentities($_POST['name']); $code = htmlentities($_POST['code']); $price = doubleval($_POST['price']); $stock = intval($_POST['stock']); $description = htmlentities($_POST['description']); $created_at = date('Y-m-d H:i:s'); // 3. 写sql语句 $prefix = getDBPrefix(); $sql = "INSERT INTO {$prefix}product(name, code, price, stock, description, created_at) VALUES('$name', '$code', '$price', '$stock', '$description', '$created_at')"; // 4. 执行插入 if (execute($sql)) { setInfo('添加成功'); } else { setInfo('添加失败'); } // 5. 显示结果 } require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <h4 class="card-title">添加商品</h4> <p class="card-category">添加一个商品</p> </div> <div class="card-body"> <?php if (hasInfo()) echo getInfo(); ?> <form action="product_add.php" method="post"> <div class="row"> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">商品名称</label> <input type="text" name="name" class="form-control"> </div> </div> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">商品单价</label> <input type="number" name="price" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">商品库存</label> <input type="number" name="stock" class="form-control"> </div> </div> <div class="col-md-6"> <div class="form-group"> <label class="bmd-label-floating">商品编号</label> <input type="text" name="code" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="form-group"> <label>商品描述</label> <div class="form-group bmd-form-group"> <textarea name="description" class="form-control" rows="5"></textarea> </div> </div> </div> </div> <button type="submit" class="btn btn-primary pull-right">添加商品</button> <div class="clearfix"></div> </form> </div> </div> </div> </div> <?php require 'footer.php'; ?>
购物车列表页carts.php
<?php require '../tools.func.php'; require '../db.func.php'; require 'auth.php'; $prefix = getDBPrefix(); $sql = "SELECT id, price, quantity, uid, created_at FROM {$prefix}cart ORDER BY created_at DESC"; $back_cart_data = []; $cart = query($sql); foreach ($cart as $c) { $sql = "SELECT username FROM {$prefix}user WHERE id = '{$c['uid']}'"; $user = queryOne($sql); $c['username'] = $user['username']; $back_cart_data[] = $c; } require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <div class="row"> <div class="col-12"> <h4 class="card-title ">所有购物车</h4> <p class="card-category"> 所有购物车列表</p> </div> </div> </div> <div class="card-body"> <div class="table-responsive"> <table class="table table-hover"> <thead class=" text-primary"> <th> ID </th> <th> 购物车用户 </th> <th> 商品总量 </th> <th> 购物车总价 </th> <th> 添加时间 </th> <th> 编辑 </th> </thead> <tbody> <?php foreach ($back_cart_data as $cart): ?> <tr> <td> <?php echo $cart['id']; ?> </td> <td> <?php echo $cart['username']; ?> </td> <td> <?php echo $cart['quantity']; ?> </td> <td> <?php echo $cart['price']; ?> </td> <td> <?php echo $cart['created_at']; ?> </td> <td> <a href="">删除</a> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> </div> </div> </div> </div> <?php require 'footer.php'; ?>
订单列表orders.php
<?php require '../tools.func.php'; require 'auth.php'; require '../db.func.php'; $prefix = getDBPrefix(); $sql = "SELECT id, uid, price, quantity, created_at FROM {$prefix}order ORDER BY created_at DESC"; $orders = query($sql); require 'header.php'; ?> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header card-header-primary"> <div class="row"> <div class="col-12"> <h4 class="card-title ">所有订单</h4> <p class="card-category"> 所有订单列表</p> </div> </div> </div> <div class="card-body"> <div class="table-responsive"> <table class="table table-hover"> <thead class=" text-primary"> <th> ID </th> <th> 下单用户 </th> <th> 订单价格 </th> <th> 订单商品数量 </th> <th> 下单时间 </th> </thead> <tbody> <?php foreach($orders as $order): ?> <tr> <td> <?php echo $order['id']; ?> </td> <td> <?php echo $order['uid']; ?> </td> <td> <?php echo $order['price']; ?> </td> <td> <?php echo $order['quantity']; ?> </td> <td> <?php echo $order['created_at']; ?> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> </div> </div> </div> </div> <?php require 'footer.php'; ?>