名称 |
模块 |
描述 |
index.php |
目录 |
网站首页,显示系统中的图书目录 |
show_cat.php |
目录 |
显示特定目录包含的所有图书 |
show_book.php |
目录 |
显示特定图书的详细信息 |
show_cart.php |
购物车 |
显示用户购物车的内容。也用来向购物车添加图书 |
checkout.php |
购物车 |
向用户显示所有的订单细节。获取商品运送细节 |
purchase.php |
购物车 |
从用户获取付款细节 |
process.php |
购物车 |
处理付款细节,将订单添加到数据库 |
login.php |
管理 |
允许管理员登录进行修改 |
logout.php |
管理 |
管理员退出 |
admin.php |
管理 |
主管理菜单 |
change_password_form.php |
管理 |
允许管理员修改密码的表格 |
change_password.php |
管理 |
修改管理员密码 |
insert_category_form.php |
管理 |
允许管理员向数据库中添加一个目录的表格 |
insert_category.php |
管理 |
向数据库中插入新目录 |
insert_book_form.php |
管理 |
管理员添加新书到系统的表单 |
insert_book.php |
管理 |
将新书插入到数据库 |
edit_category_form.php |
管理 |
管理员编辑目录的表单 |
edit_category.php |
管理 |
更新数据库中的目录 |
edit_book_form.php |
管理 |
管理员编辑图书信息的表单 |
edit_book.php |
管理 |
更新数据库中的图书信息 |
delete_category.php |
管理 |
从数据库中删除一个目录 |
delete_book.php |
管理 |
从数据库中删除一本图书 |
book_sc_fns.php |
函数 |
该应用程序的包含文件集合 |
admin_fns.php |
函数 |
管理脚本使用的函数集合 |
book_fns.php |
函数 |
用以保存和获取图书数据的函数集合 |
order_fns.php |
函数 |
用以保存和获取订单数据的函数集合 |
output_fns.php |
函数 |
输出HTML的函数集合 |
data_valid_fns.php |
函数 |
验证用户输入数据的函数集合 |
db_fns.php |
函数 |
连接book_sc数据库的函数集合 |
user_auth_fns.php |
函数 |
授权管理员用户的函数集合 |
book_sc.sql |
SQL |
创建book_sc数据库的SQL |
populate.sql |
SQL |
插入样本数据到book_sc数据库中的SQL |
CREATE DATABASE book_sc; #创建book_sc数据库
USE book_sc; #使用book_sc数据库
CREATE TABLE customers #创建用户表
(
customerid INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
name CHAR(60) NOT NULL,
address CHAR(80) NOT NULL,
city CHAR(30) NOT NULL,
state CHAR(10),
zip CHAR(10),
country CHAR(20) NOT NULL
);
CREATE TABLE orders #创建订单表
(
orderid INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
customerid INT UNSIGNED NOT NULL,
amount FLOAT(6,2),
date DATE NOT NULL,
order_status CHAR(10),
ship_name CHAR(60) NOT NULL,
ship_address CHAR(80) NOT NULL,
ship_city CHAR(30) NOT NULL,
ship_state CHAR(20),
ship_zip CHAR(10),
ship_country CHAR(20) NOT NULL
);
CREATE TABLE books #创建图书表
(
isbn CHAR(13) NOT NULL PRIMARY KEY,
author CHAR(80),
title CHAR(100),
catid INT UNSIGNED,
price FLOAT(4,2) NOT NULL,
description VARCHAR(255)
);
CREATE TABLE categories #创建目录表
(
catid INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
catname CHAR(60) NOT NULL
);
CREATE TABLE order_items #订单物品表
(
orderid INT UNSIGNED NOT NULL,
isbn CHAR(13) NOT NULL,
item_price FLOAT(4,2) NOT NULL,
quantity TINYINT UNSIGNED NOT NULL,
PRIMARY KEY(orderid,isbn)
);
CREATE TABLE admin #管理员表
(
username char(16) NOT NULL PRIMARY KEY,
password CHAR(40) NOT NULL
);
GRANT SELECT,INSERT,UPDATE,DELETE
on book_sc.*
to book_sc@localhost IDENTIFIED by 'password';
USE book_sc;
INSERT INTO books VALUES ('0672329166','Luke Welling and Laura Thomson','PHP and MySQL Web Development',1,49.99,
'PHP & MySQL Web Development teaches the reader to develop dynamic, secure e-commerce web sites. You will learn to integrate and implement these technologies by following real-world examples and working sample projects.');
INSERT INTO books VALUES ('067232976X','Julie Meloni','Sams Teach Yourself PHP, MySQL and Apache All-in-One',1,34.99,
'Using a straightforward, step-by-step approach, each lesson in this book builds on the previous ones, enabling you to learn the essentials of PHP scripting, MySQL databases, and the Apache web server from the ground up.');
INSERT INTO books VALUES ('0672319241','Sterling Hughes and Andrei Zmievski','PHP Developer\'s Cookbook',1,39.99,
'Provides a complete, solutions-oriented guide to the challenges most often faced by PHP developers\r\nWritten specifically for experienced Web developers, the book offers real-world solutions to real-world needs\r\n');
INSERT INTO categories VALUES (1,'Internet');
INSERT INTO categories VALUES (2,'Self-help');
INSERT INTO categories VALUES (5,'Fiction');
INSERT INTO categories VALUES (4,'Gardening');
INSERT INTO admin VALUES ('admin', sha1('admin'));
Please choose a category:";
$cat_array = get_categories(); //从数据库获取目录
display_categories($cat_array); //显示目录链接
if(isset($_SESSION['admin_user'])) //如果是管理员,显示管理员操作
display_button("admin.php","admin-menu","Admin Menu");
do_html_footer(); //页尾
?>
function get_categories() //从数据库中获取目录列表
{
$conn = db_connect(); //连接数据库
$query = "select catid,catname from categories";
$result = @$conn ->query($query);
if(!$result) //查询失败,返回false
return false;
$num_cats = @$result ->num_rows;
if($num_cats == 0) //数据库中无目录,返回false
return false;
$result = db_result_to_array($result);
return $result;
}
function display_categories($cat_array) //输出目录
{
if(!is_array($cat_array))
{
echo "No categories currently available
";
return;
}
echo "";
foreach($cat_array as $row)
{
$url = "show_cat.php?catid=". $row['catid'];
$title = $row['catname'];
echo "- ";
do_html_URL($url,$title);
echo "
";
}
echo "
";
echo "
";
}
function db_result_to_array($result) //结果到数组
{
$res_array = array();
for($count = 0; $row = $result ->fetch_assoc(); $count++)
$res_array[$count] = $row;
return $res_array;
}
function get_category_name($catid) //获取目录名
{
$conn = db_connect(); //连接数据库
$query = "select catname from categories where catid = '". $catid ."'";
$result = @$conn ->query($query);
if(!$result) //查询失败,原因为查询出错
return false;
$num_cats = @$result ->num_rows;
if($num_cats == 0) //查询失败,原因为无目录
return false;
$row = $result ->fetch_object();
return $row ->catname;
}
function get_books($catid) //从数据库中获取图书
{
if((!$catid) || ($catid == '')) //如果目录ID为空
return false;
$conn = db_connect();
$query = "select * from books where catid = '". $catid ."'";
$result = @$conn ->query($query);
if(!$result) //查询失败,原因为查询出错
return false;
$num_books = @$result ->num_rows;
if($num_books == 0) //查询失败,原因为无图书
return false;
$result = db_result_to_array($result);
return $result;
}
function display_books($book_array) //输出图书
{
if(!is_array($book_array))
echo "No books currently available in this category
";
else //有图书,建表
{
echo "";
foreach($book_array as $row)
{
$url = "show_book.php?isbn=". $row['isbn'];
echo "";
// 如果图片存在
if(@file_exists("images/". $row['isbn'] .".jpg"))
{
$title = "";
do_html_URL($url,$title);
}
else
echo " ";
echo " ";
$title = $row['title'] ." by ". $row['author'];
do_html_URL($url,$title);
echo " ";
}
echo "
";
}
echo "
";
}
function get_book_details($isbn) //从数据库中获取一本图书的详细说明
{
if((!$isbn) || ($isbn == '')) //如果图书统一书号为空
return false;
$conn = db_connect(); //连接数据库
$query = "select * from books where isbn = '". $isbn ."'";
$result = @$conn ->query($query);
if(!$result) //查询失败,原因为查询出错
return false;
$result = @$result ->fetch_assoc();
return $result;
}
function display_book_details($book) //输出图书详细说明
{
if(is_array($book))
{
echo "";
// 如果图片存在
if(@file_exists("images/". $book['isbn'] .".jpg"))
{
$size = getimagesize("images/". $book['isbn'] .".jpg");
if(($size[0] > 0) && ($size[1] > 0))
{
echo " ";
}
}
echo "";
echo "- Author:";
echo $book['author'];
echo "
- ISBN:";
echo $book['isbn'];
echo "
- Our Price:";
echo number_format($book['price'],2);
echo "
- Description:";
echo $book['description'];
echo "
";
}
else
{
echo "The details of this book cannot be displayed at this time.
";
}
echo "
";
}
$qty)
{
if($_POST[$isbn] == '0')
unset($_SESSION['cart'][$isbn]);
else
$_SESSION['cart'][$isbn] = $_POST[$isbn];
}
$_SESSION['total_price'] = calculate_price($_SESSION['cart']);
$_SESSION['items'] = calculate_items($_SESSION['cart']);
}
do_html_header("Your shopping cart");
if((@$_SESSION['cart']) && (array_count_values($_SESSION['cart'])))
{
display_cart($_SESSION['cart']);
}
else
{
echo "There are no items in your cart
";
}
$target = "index.php";
//如果只有一种物品添加到购物车,可以继续购物
if($new)
{
$details = get_book_details($new);
if($details['catid'])
{
$target = "show_cat.php?catid=". $details['catid'];
}
}
display_button($target,"continue-shopping","Continue Shopping");
//SSL链接--需要配置,PS:没配置,所以不能使用
// $path = $_SERVER['PHP_SELF']; //获取路径
// $server = $_SERVER['SERVER_NAME']; //获取主机名
// $path = str_replace('show_cart.php','',$path);
// display_button("https://". $server . $path ."checkout.php","go-to-checkout","Go To Checkout");
//非SSL链接
display_button("checkout.php","go-to-checkout","Go To Checkout");
do_html_footer();
?>
function display_cart($cart,$change = true,$images = 1) //显示购物车
{
echo "
";
}
function calculate_price($cart) //计算购物车中物品总价
{
$price = 0.0;
if(is_array($cart))
{
$conn = db_connect();
foreach($cart as $isbn => $qty)
{
$query = "select price from books where isbn ='". $isbn ."'";
$result = $conn ->query($query);
if($result)
{
$item = $result ->fetch_object();
$item_price = $item ->price;
$price += $item_price * $qty;
}
}
}
return $price;
}
function calculate_items($cart) //计算购物车中的物品总数
{
$items = 0;
if(is_array($cart))
{
foreach($cart as $isbn => $qty)
$items += $qty;
}
return $items;
}
Thers are no items in your cart";
}
display_button("show_cart.php","continue-shopping","Continue Shopping");
do_html_footer();
?>
function display_checkout_form() //输出付款台界面
{
?>
Could not store data, please try again.
";
display_button('checkout.php','back','Back');
}
}
else
{
echo "You did not fill in all the fields, please try again.
";
display_button('checkout.php','back','Back');
}
do_html_footer();
?>
function insert_order($order_details) //提取订单细节作为变量
{
extract($order_details);
//设置邮寄地址为当前地址
if((!$ship_name) && (!$ship_address) && (!$ship_city) && (!$ship_state) && (!$ship_zip) &&(!$ship_country))
{
$ship_name = $name;
$ship_address = $address;
$ship_city = $city;
$ship_state = $state;
$ship_zip = $zip;
$ship_country = $country;
}
//连接数据库
$conn = db_connect();
//事务开始,必须关闭自动提交
$conn ->autocommit(false);
$query = "select customrid from customers where
name ='". $name ."' and address = '". $address ."'
and city = '". $city ."' and state = '". $state ."'
and zip = '". $zip ."' and country = '". $country ."'";
$result = $conn ->query($query);
if(@$result ->num_rows > 0)
{
$customer = $result ->fetch_object();
$customerid = $customer ->customerid;
}
else
{
$query = "insert into customers values
('','". $name ."','". $address ."','". $city ."','". $state ."','". $zip ."','". $country ."')";
$result = $conn ->query($query);
if(!$result)
return false;
}
$customerid = $conn ->insert_id; //返回上次查询中自增量的ID
$date = date("Y-m-d");
$query ="insert into orders values
('','". $customerid ."','". $_SESSION['total_price'] ."','". $date ."','PARTIAL','". $ship_name ."','". $ship_address ."','". $ship_city ."','". $ship_state ."','". $ship_zip ."','". $ship_country ."')";
$result = $conn ->query($query);
if(!$result)
return false;
$query = "select orderid from orders where
customerid ='". $customerid ."' and
amount > (". $_SESSION['total_price'] ."-.001) and
amount < (". $_SESSION['total_price'] ."+.001) and
date ='". $date ."' and
order_status = 'PARTIAL' and
ship_name ='". $ship_name ."' and
ship_address ='". $ship_address ."' and
ship_city ='". $ship_city ."' and
ship_state ='". $ship_state ."' and
ship_zip ='". $ship_zip ."' and
ship_country ='". $ship_country ."'";
$result = $conn ->query($query);
if($result ->num_rows > 0)
{
$order = $result ->fetch_object();
$orderid = $order ->orderid;
}
else
return false;
foreach($_SESSION['cart'] as $isbn => $quantity)
{
$detail = get_book_details($isbn);
$query = "delete from order_items where
orderid = '". $orderid ."' and isbn = '". $isbn ."'";
$result = $conn ->query($query);
$query = "insert into order_items values
('". $orderid ."','". $isbn ."',". $detail['price'] .",$quantity)";
$result = $conn ->query($query);
if(!$result)
return false;
}
//事务关闭,开启自动提交
$conn ->commit();
$conn ->autocommit(true);
return $orderid;
}
function display_shipping($shipping) //输出包含运费的总价
{
?>
Shipping
TOTAL INCLUDING SHIPPING
$
function display_card_form($name) //输出信用卡信息
{
?>
function db_connect() //连接数据库
{
$result = new mysqli('localhost','book_sc','password','book_sc');
if(!$result) //连接失败
return false;
$result ->autocommit(true);
return $result;
}
Thank you for shopping with us. Your order has been placed.";
display_button("index.php","continue-shopping","Continue Shopping");
}
else
{
echo "Could not process your card. Please contact the card issuer or try again.
";
display_button("purchase.php","back","Back");
}
}
else
{
echo "You did not fill in all the fields,please try again.
";
display_button("purchase.php","back","Back");
}
do_html_footer();
?>
You could not be logged in.
You must be logged in to view this page.";
do_html_URL('login.php','Login');
do_html_footer();
exit;
}
}
do_html_header("Administration");
if(check_admin_user())
{
display_admin_menu();
}
else
{
echo "You are not authorized to enter the administration area.
";
do_html_URL('login.php','Login');
}
do_html_footer();
?>
function login($username,$password) //登录
{
$conn = db_connect(); //连接数据库
if(!$conn)
return 0;
//检查用户名唯一性
$query = "select * from admin where username='". $username ."'
and password = sha1('". $password ."')";
$result = $conn ->query($query);
if(!$result)
return 0;
if($result ->num_rows > 0)
return 1;
else
return 0;
}
function check_admin_user() //检查是否是管理员
{
if(isset($_SESSION['admin_user']))
return true;
else
return false;
}
function display_admin_menu() //输出管理员菜单
{
?>
Go to main site
Add a new category
Add a new book
Change admin password
You are not authorized to enter the administation area.";
}
do_html_footer();
?>
Category \"". $catname ."\" was added to the database.";
}
else
{
echo "Category \"". $catname ."\" could not be added to the database.
";
}
}
else
{
echo "You have not filled out the form. Please try again.
";
}
do_html_URL("admin.php","Back to administration menu");
}
else
{
echo "You are not authorised to view this page.
";
}
do_html_footer();
?>
Could not retrieve category details.";
}
do_html_URL("admin.php","Back to administration menu");
}
else
{
echo "You are not authorized to enter the administration area.
";
}
do_html_footer();
?>
Category was updated.";
}
else
{
echo "Category could not be updated.
";
}
}
else
{
echo "you have not filled out the form. Please try again.
";
}
do_html_URL("admin.php","Back to administration menu");
}
else
{
echo "You are not authorised to view this page.
";
}
do_html_footer();
?>
ISBN:
Book Title:
Book Author:
Category:
Price:
Description:
align="center">
";?>
";
}
?>
Old password:
New password:
Repeat new password:
query($query);
if((!$result) || ($result ->num_rows != 0))
return false;
$query = "insert into categories values
('','". $catname ."')";
$result = $conn ->query($query);
if(!$result)
return false;
else
return true;
}
function insert_book($isbn,$title,$author,$catid,$price,$description) //图书插入
{
$conn = db_connect(); //连接数据库
$query = "select * from books
where isbn='". $isbn ."'";
$result = $conn ->query($query);
if((!$result) || ($result ->num_rows != 0))
return false;
$query = "insert into books values
('". $isbn ."','". $author ."','". $title ."',
'". $catid ."','". $price ."','". $description ."')";
$result = $conn ->query($query);
if(!$result)
return false;
else
return true;
}
function update_category($catid,$catname) //更改目录名称
{
$conn = db_connect(); //连接数据库
$query = "update categories
set catname='". $catname ."'
where catid='". $catid ."'";
$result = @$conn ->query($query);
if(!$result)
return false;
else
return true;
}
function update_book($oldisbn,$isbn,$title,$author,$catid,$price,$description)
{
$conn = db_connect(); //连接数据库
$query = "update books
set isbn='". $isbn ."',
title='". $title ."',
author='". $author ."',
catid='". $catid ."',
price ='". $price ."',
description='". $description ."'
where isbn='". $oldisbn ."'";
$result = @$conn ->query($query);
if(!$result)
return false;
else
return true;
}
function delete_category($catid) //删除目录
{
$conn = db_connect(); //连接数据库
$query = "select *
from books
where catid='". $catid ."'";
$result = @$conn ->query($query);
if((!$result) || (@$result ->num_rows > 0)) //如果该目录有图书,无法删除该目录
return false;
$query = "delete from categories
where catid='". $catid ."'";
$result = @$conn ->query($query);
if(!$result)
return false;
else
return true;
}
function delete_book($isbn) //删除图书
{
$conn = db_connect(); //连接数据库
$query = "delete from books
where isbn='". $isbn ."'";
$result = @$conn ->query($query);
if(!$result)
return false;
else
return true;
}
?>