<?PHP //1.连接数据库 (创建一个数据库,创建数据表 test_admin) //id,adminuser,adminpass,created_at,login_at,login_ip require '../db.func.PHP'; require '../tools.func.PHP'; // POST提交 if (!empty($_POST['adminuser'])) { //2.查询用户名和密码是否正确 adminuser adminpass $prefix = getDBPrefix(); $adminuser = htmlentities($_POST['adminuser']); $adminpass = md5(htmlentities($_POST['adminpass'])); $sql = "SELECT id,adminuser FROM {$prefix}admin WHERE adminuser = '$adminuser' AND adminpass = '$adminpass'"; $res = queryOne($sql); if ($res) { //3.写入session setSession('admin',['adminuser' => $adminuser,'id' => $res['id']] ); $login_at = date('Y-m-d H:i:s'); $ip = $_SERVER['REMOTE_ADDR'] == '::1' ? '127.0.0.1' : $_SERVER['REMOTE_ADDR']; $login_ip = ip2long($ip); $sql = "UPDATE {$prefix}admin SET login_at = '$login_at',login_ip = '$login_ip' WHERE id = '{$res['id']}'"; execute($sql); //4.跳转到index.PHP header('location: index.PHP'); } else { setInfo('用户名或者密码错误'); } } ?> <!doctype html> <html> head> title>商城</<!-- required Meta tags --> Meta charset="utf-8"content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=0" name="viewport" /> http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" Fonts and icons link rel="stylesheet" type="text/css" href="assets/css/googlefonts.css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons" ="https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css" Material Kit CSS href="assets/css/material-dashboard.css?v=2.1.1" rel="stylesheet" /> bodydiv class="wrapper "> div> > ="container" style="width: 50%;margin-top: 250px;"> ="row"> ="col-md-12"> > ="card"> ="card-header card-header-primary"> h4 ="card-title">登录h4p ="card-category">以管理员身份登录后台p> ="card-body"> >PHP if (hasInfo()) echo getInfo(); ?>form action="login.PHP" method="post"> > ="form-group"> label ="bmd-label-floating">用户名labelinput type="text"="adminuser" class="form-control">密码="password"="adminpass"button ="submit"="btn btn-primary pull-right"button="clearfix"></formscript src="assets/js/core/jquery.min.js"script="assets/js/core/popper.min.js"="assets/js/core/bootstrap-material-design.min.js">
/* Navicat Premium Data Transfer Source Server : 127.0.0.1 Source Server Type : MysqL Source Server Version : 80012 Source Host : localhost:3306 Source Schema : shop Target Server Type : MysqL Target Server Version : 80012 File Encoding : 65001 Date: 26/01/2019 10:13:57 */ SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- Table structure for test_admin DROP TABLE IF EXISTS `test_admin`; CREATE TABLE `test_admin` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT,`adminuser` varchar(50) NULL DEFAULT '',`adminpass` char(32) 255) bigint(20) '0'PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; Records of test_admin BEGIN; INSERT INTO `test_admin` VALUES (1,admin',1)">0192023a7bbd73250516f069df18b5002019-01-23 20:21:032019-01-24 12:56:482130706433); COMMIT Table structure for test_cart `test_cart`; `test_cart` ( `id` decimal(10,1); font-weight: bold">2) unsigned 0.00text3 Records of test_cart INTO `test_cart` 2,1); font-weight: bold">21700.00,1); font-weight: bold">3,1)">{\"3\":{\"quantity\":2,\"product\":{\"id\":\"3\",\"name\":\"Macbook Pro\",\"price\":\"8800.00\",\"code\":\"88888888\",\"description\":\"Macbook Pro\"}},\"4\":{\"quantity\":1,\"product\":{\"id\":\"4\",\"name\":\"\\u534e\\u4e3a\\u624b\\u673a\",\"price\":\"4100.00\",\"code\":\"929868123123123\",\"description\":\"\\u5546\\u54c1\\u63cf\\u8ff0\\uff1a\\r\\n\\r\\n\\u8fd9\\u662f\\u534e\\u4e3a\\u624b\\u673a\"}}}@H_87_404@5,1)">2019-01-24 10:53:24 Table structure for test_order `test_order`; `test_order` ( `id` Records of test_order INTO `test_order` 17600.00,\"description\":\"Macbook Pro\"}}}2019-01-24 12:46:33 Table structure for test_product `test_product`; `test_product` ( `id` 200) 100) 5 Records of test_product INTO `test_product` Macbook Pro88888888@H_87_404@99,1); font-weight: bold">8800.00,1)">2019-01-24 00:19:28@H_87_404@4,1)">华为手机929868123123123商品描述:\r\n\r\n这是华为手机@H_87_404@4100.00,1)">2019-01-24 00:31:28 Table structure for test_user `test_user`; `test_user` ( `id` tinyint(3) unsigned 6 Records of test_user INTO `test_user` zhangsan4297f44b13955235245b2497399d7a93张三@H_87_404@28,1)">965794175@qq.com132000000002019-01-23 23:54:34wangwu'',1); font-weight: bold">0,1)">wangwu@test.com2019-01-24 09:21:45zhaoliuzhaoliu@test.com2019-01-24 09:35:05@H_87_404@1;
<?PHP * * Created by PHPStorm. * Date: 2019/1/23 * Time: 20:22 */ date_default_timezone_set('PRC'return [ 'DB_HOST' => '127.0.0.1','DB_PORT' => '3306','DB_USER' => 'root','DB_PASS' => '123456','DB_NAME' => 'test_shop','DB_PREFIX' => 'test_','DB_CHARSET' => 'utf8', ];
<?PHP function connect() { $config = require dirname(__FILE__) . '/config.PHP'; $MysqLi = @MysqLi_connect( $config['DB_HOST'] . ':' . $config['DB_PORT'],1)">$config['DB_USER'],1)">$config['DB_PASS'],1)">$config['DB_NAME'] ) or die('Connect Error: ' . MysqLi_connect_errno() . '-' . MysqLi_connect_error()); MysqLi_set_charset($MysqLi,1)">$config['DB_CHARSET']); return $MysqLi; } function queryOne($sql) { $MysqLi = connect(); $result = MysqLi_query(); $data = []; if ($result && MysqLi_num_rows($result) > 0) { $data = MysqLi_fetch_assoc($result); } $datafunction query() { while ($res = )) { $data[] = $res; } } getDBPrefix() { ; $config['DB_PREFIX']; } function execute( connect(); ); return MysqLi_affected_rows($MysqLi) > 0; }
<?* * Created by PHPStorm. * Date: 2019/1/23 * Time: 20:31 function setSession($key,1)">$data,1)">$prefix = '') { session_id() || @session_start(); if (!empty($prefix)) { $_SESSION[$prefix][$key] = ; } else { ; } } function getSession()) { isset($key]) ? $key] : []; } { []; } } function deleteSession($key] = nullfunction setInfo($info) { setSession('info',1)">$info,'system'); } getInfo() { $info = getSession('info',1)">); deleteSession('info',1)">); hasInfo() { return !empty(getSession('info',1)">)); }
判断是否有登陆权限auth.PHP
<?* * Created by PHPStorm. * Date: 2019/1/23 * Time: 22:07 if (empty(getSession('adminuser','admin'))) { header('location: login.PHP'exit; }
PHP require '../db.func.PHP'; require '../tools.func.PHP'; require 'auth.PHP'; //1.查询数据库 test_admin //2.写sql语句 $prefix = getDBPrefix(); $sql = "SELECT id,login_ip FROM {$prefix}admin ORDER BY created_at DESC"; $data = query($sql); //3.遍历数据 require 'header.PHP'; ="card-title ">所有管理员> 控制台所有管理员列表="table-responsive"table ="table table-hover"thead =" text-primary"th ID 用户名 创建时间 最后登录时间 最后登录IP theadtbodyPHP foreach ($data as $admin): ?> trtd> PHP echo $admin['id']; ?> PHP echo $admin['adminuser']; PHP echo $admin['created_at']; PHP echo $admin['login_at']; PHP echo long2ip($admin['login_ip']); PHP endforeach; tablePHP require 'footer.PHP'; ?>
header.PHP
PHP $script = basename($_SERVER['SCRIPT_FILENAME']); // 控制台 index.PHP admin_edit.PHP // 用户管理 users.PHP user_add.PHP user_edit.PHP // 商品管理 products.PHP product_add.PHP product_edit.PHP --> ="viewport"/> href="stylesheet"="sidebar" data-color="purple" data-background-color="white"="logo"a ="index.PHP"="simple-text logo-normal" 商城 a="sidebar-wrapper"ul ="nav"li ="nav-item <?PHP echo substr($script,5) == 'index' || substr($script,5) == 'admin' ? 'active' : ''; ?>"="nav-link"="index.PHP"i ="material-icons">dashboardi>控制台li="users.PHP">person>用户管理="products.PHP">library_books>商品管理="carts.PHP">shopping_cart>购物车管理="orders.PHP">list>订单管理 your sidebar here --> ul="main-panel" Navbar --> nav ="navbar navbar-expand-lg navbar-transparent navbar-absolute fixed-top "="container-fluid"="navbar-wrapper"="navbar-brand"="collapse navbar-collapse justify-content-end"="navbar-nav"="nav-item dropdown"="#" id="navbarDropdownProfile" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"="d-lg-none d-md-block" 管理员 ="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownProfile"="dropdown-item"="admin_edit.PHP">编辑="dropdown-divider"="logout.PHP">退出 your navbar here --> nav End Navbar ="content">
footer.PHP
>
PHP require '../tools.func.PHP'; require 'auth.PHP'; require '../db.func.PHP'; $current_user = getSession('admin'); //1.判断是否为post提交 if (!empty($_POST['adminpass'])) { //2.验证新密码和确认密码是否一致 $adminpass = md5(htmlentities($_POST['adminpass'])); $newpass = htmlentities($_POST['newpass']); $confirmpass = htmlentities($_POST['confirmpass']); if ($newpass != $confirmpass) { setInfo('两次密码输入不一致'); } else { //3.验证旧密码是否正确 (查询数据库 用id,adminpass) $prefix = getDBPrefix(); $sql = "SELECT id FROM {$prefix}admin WHERE id = '{$current_user['id']}' AND adminpass = '$adminpass' "; $res = queryOne($sql); //4.更新数据表 imooc_admin adminpass if ($res) { $pass = md5($newpass); $sql = "UPDATE {$prefix}admin SET adminpass = '$pass' WHERE id = '{$current_user['id']}'"; if (execute($sql)) { setInfo('修改密码成功'); } else { setInfo('修改密码失败'); } } else { setInfo('旧密码不正确!'); } } //5.显示结果到页面 } require 'header.PHP'; >修改密码>修改当前管理员密码?> ="admin_edit.PHP" disabled name value="<?PHP echo $current_user['adminuser']; ?>"> >旧密码>新密码="newpass">确认密码="confirmpass">修改?>
<?* * Created by PHPStorm. * Date: 2019/1/23 * Time: 22:06 // 1. 删除当前登录用户的session require '../tools.func.PHP'; deleteSession('admin'); header('location: login.PHP');
PHP require '../db.func.PHP'; require '../tools.func.PHP'; require 'auth.PHP'; // 1. 写SQL查询 $prefix = getDBPrefix(); $sql = "SELECT id,username,age,name,email,phone,created_at FROM {$prefix}user ORDER BY created_at DESC"; // 2. 执行查询 $res = query($sql); // 3. 遍历结果 require 'header.PHP'; ="col-10">所有用户> 用户列表="col-2"="user_add.PHP"="btn btn-round btn-info"="margin-left: 20px;">添加用户 姓名 年龄 邮箱 联系电话 注册时间 操作 PHP foreach ($res as $user): PHP echo $user['id']; PHP echo $user['username']; PHP echo $user['name']; PHP echo $user['age']; PHP echo $user['email']; PHP echo $user['phone']; PHP echo $user['created_at']; ="user_edit.PHP?id=<?PHP echo $user['id']; ?>" | ="user_del.PHP?id=<?PHP echo $user['id']; ?>">删除?>
PHP require '../tools.func.PHP'; require '../db.func.PHP'; require 'auth.PHP'; if (!empty($_POST['username'])) { // 1. 接收post数据 $username = htmlentities($_POST['username']); $password = htmlentities($_POST['password']); $confirmpass = htmlentities($_POST['confirmpass']); $name = htmlentities($_POST['name']); $age = htmlentities($_POST['age']); $email = htmlentities($_POST['email']); $phone = htmlentities($_POST['phone']); $created_at = date('Y-m-d H:i:s'); $prefix = getDBPrefix(); // 2. 验证密码输入是否一致 if ($password != $confirmpass) { setInfo('两次密码输入不一致'); } else { $password = md5($password); // 3. 写sql语句 $sql = "INSERT INTO {$prefix}user(username,password,created_at) VALUES('$username','$password','$age','$name','$email','$phone','$created_at')"; // 4. 执行添加,如果成功,显示成功信息 if (execute($sql)) { setInfo('添加成功'); } else { setInfo('添加失败'); } } } require 'header.PHP'; >添加一个用户="col-md-4"="username"="col-md-6">姓名="name">年龄="number"="age">联系电话="phone">电子邮箱="email"?>
PHP require '../db.func.PHP'; require '../tools.func.PHP'; require 'auth.PHP'; // 1. 接收id $id = intval($_GET['id']); if (empty($id)) { header('location: users.PHP'); } // 2. 根据id查询用户 $prefix = getDBPrefix(); $sql = "SELECT id,name FROM {$prefix}user WHERE id = '$id'"; $current_user = queryOne($sql); if (empty($current_user)) { header('location: users.PHP'); } // 3. 将查询出的用户的数据放入到表单当中 // 4. 判断是否为post提交 if (!empty($_POST['name'])) { // 5. 接收post数据 $name = htmlentities($_POST['name']); $age = htmlentities($_POST['age']); $email = htmlentities($_POST['email']); $phone = htmlentities($_POST['phone']); // 6. 更新数据记录 $sql = "UPDATE {$prefix}user SET name = '$name',age = '$age',email = '$email',phone = '$phone' WHERE id = '$id'"; if (execute($sql)) { $current_user = array_merge($current_user,$_POST); setInfo('更新成功'); } else { setInfo('更新失败'); } // 7. 显示结果 } require 'header.PHP'; >修改用户>修改一个用户="user_edit.PHP?id=<?PHP echo $id; ?>"="<?PHP echo $current_user['username']; ?>" disabled class="<?PHP echo $current_user['name']; ?>"="<?PHP echo $current_user['age']; ?>"="<?PHP echo $current_user['phone']; ?>"="<?PHP echo $current_user['email']; ?>">更新信息?>
<?* * Created by PHPStorm. * Date: 2019/1/24 * Time: 10:49 */ require '../db.func.PHP'require 'auth.PHP' 1. 接收id $id = intval($_GET['id']); 2. 从数据库当中删除对应的数据 $prefix = getDBPrefix(); $sql = "DELETE FROM {$prefix}user WHERE id = '$id'"if (execute()) { setInfo('删除成功'); } { setInfo('删除失败'); } 3. 跳回到列表页 header('location: users.PHP');
商品列表products.PHP
PHP require '../tools.func.PHP'; require 'auth.PHP'; require '../db.func.PHP'; $prefix = getDBPrefix(); $sql = "SELECT * FROM {$prefix}product ORDER BY created_at DESC "; $data = query($sql); require 'header.PHP'; >所有商品> 所有商品列表="product_add.PHP">添加商品> ="table table-hover"="table-layout:fixed; "th width="5%" 商品编号 商品名称 商品描述 商品库存 商品单价 商品上架时间 编辑 PHP foreach ($data as $pro): PHP echo $pro['id']; ?> PHP echo $pro['code']; PHP echo $pro['name']; PHP echo mb_substr($pro['description'],8,'utf-8') . '...'; PHP echo $pro['stock']; PHP echo $pro['price']; PHP echo $pro['created_at']; > ="#" | ?>
PHP require '../tools.func.PHP'; require 'auth.PHP'; require '../db.func.PHP'; // 1. 判断是否为post提交 if (!empty($_POST['name'])) { // 2. 接收post数据 $name = htmlentities($_POST['name']); $code = htmlentities($_POST['code']); $price = doubleval($_POST['price']); $stock = intval($_POST['stock']); $description = htmlentities($_POST['description']); $created_at = date('Y-m-d H:i:s'); // 3. 写sql语句 $prefix = getDBPrefix(); $sql = "INSERT INTO {$prefix}product(name,code,price,stock,description,created_at) VALUES('$name','$code','$price','$stock','$description','$created_at')"; // 4. 执行插入 if (execute($sql)) { setInfo('添加成功'); } else { setInfo('添加失败'); } // 5. 显示结果 } require 'header.PHP'; >添加一个商品>商品名称>商品单价="price">商品库存="stock">商品编号="code">商品描述="form-group bmd-form-group"textarea name="description"="form-control" rows="5"textarea?>
PHP require '../tools.func.PHP'; require '../db.func.PHP'; require 'auth.PHP'; $prefix = getDBPrefix(); $sql = "SELECT id,quantity,uid,created_at FROM {$prefix}cart ORDER BY created_at DESC"; $back_cart_data = []; $cart = query($sql); foreach ($cart as $c) { $sql = "SELECT username FROM {$prefix}user WHERE id = '{$c['uid']}'"; $user = queryOne($sql); $c['username'] = $user['username']; $back_cart_data[] = $c; } require 'header.PHP'; ="col-12">所有购物车> 所有购物车列表 购物车用户 商品总量 购物车总价 添加时间 PHP foreach ($back_cart_data as $cart): PHP echo $cart['id']; PHP echo $cart['username']; PHP echo $cart['quantity']; PHP echo $cart['price']; PHP echo $cart['created_at']; =""?>
订单列表orders.PHP
PHP require '../tools.func.PHP'; require 'auth.PHP'; require '../db.func.PHP'; $prefix = getDBPrefix(); $sql = "SELECT id,created_at FROM {$prefix}order ORDER BY created_at DESC"; $orders = query($sql); require 'header.PHP'; >所有订单> 所有订单列表 下单用户 订单价格 订单商品数量 下单时间 PHP foreach($orders as $order): PHP echo $order['id']; PHP echo $order['uid']; PHP echo $order['price']; PHP echo $order['quantity']; PHP echo $order['created_at']; ?>