Content Management System für ein Shop-System
Unser System hat eine festgelegte Ordnerstruktur, die die Übersichtlichkeit des Projektes während derImplementierung garantieren soll. Dabei werden auf oberster Ebene alle Dateien erstellt, da nicht so viel Dateien für das Shop-System gebraucht werden.
Abb. 4.1 Verzeichnisstruktur des Basissystems labshop
In Abb. 4.1 ist die Ordnerstruktur dargestellt, die für das Shop-System verwendet wird.
Im Ordner css werden alle einbindbaren Cascading-Stylesheet-Dateien abgelegt.
Der Ordner images wird für alle Bilder verwendet, die im Projekt benötigt werden.
Der Ordner js wird alle JavaScript-Dateien, die im Projekt benötigt werden, verwendet.
Der Ordner fonts wird alle Fonts-Dateien, die im Projekt benötigt werden, verwendet.
Der Ordner uploads wird für alle Bilder verwendet, die für jeden Datensatz hoch geladen bzw. gespeichert werden.
Im Hauptordner werden die Hauptdateien, Infodateien und Verwaltungsdateien abgelegt.
Hauptdateien
Die Hauptdateien auf unterster Ebene des Shopsystems werden wie folgt verwendet:labconnect.php
Diese Datei baut die Verbindung mit dem MYSQL-Server auf. Dabei müssen der Hostname, Datenbankname, Benutzername und das Passwort bekannt und richtig angegeben werden. Der Inhalt könnte wie folgt aussehen:<?php mysql_connect("localhost", "your_username", "your_password"); mysql_select_db("your_databasename"); function db_connect() { $result = new mysqli("localhost", "your_username", "your_password", "your_databasename"); if (!$result) return FALSE; $result->autocommit(TRUE); return $result; } ?>
labconfig.php
Diese Datei beinhaltet alle wichtigen Konfigurations- und Funktionsdateien, die für das ganze Projekt verwendet werden.<?php include_once("labconnect.php"); include_once("laboutput_fns.php"); include_once("labadmin_fns.php"); ?>
laboutput_fns.php
Diese Datei enthält die Funktionen, die für die Anzeigen aller Inhalte von diesem Projekt benötigt werden. In der Datei sind die CSS-Dateien und JavaScript-Dateien eingebunden. Um z.B. die Artikeln und Menupunkte auszuwählen, anzuzeigen und die Artikelpreise zu ermitteln, wurden die Funktionendisplay_articlesdetails(), display_cart(), display_checkout_form(), display_shipping(),
display_card_form(), calculate_shipping_cost(), do_admin_menu(), display_admin_nav()
und display_shop_articles() erstellt.
<?php function do_shop_header($title = '') { if(!$_SESSION['items']) $_SESSION['items'] = '0'; if(!$_SESSION['totalprice']) $_SESSION['totalprice'] = '0.00'; echo "<html xmlns='http://www.w3.org/1999/xhtml'>"; echo "<head>"; echo "<meta content='text/html; charset=utf-8' http-equiv='Content-Type' />"; echo "<title>Shop by Mehdi Bandegani</title>"; echo " <link href='http://www.bandegani.de/itkurs/css/bootstrap.min.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/metisMenu.min.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/timeline.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/startmin.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/morris.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/dataTables.bootstrap.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/dataTables.responsive.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/bootstrap-social.css' rel='stylesheet'> <link href='http://www.bandegani.de/itkurs/css/font-awesome.min.css' rel='stylesheet' type='text/css'> "; echo "<link rel='stylesheet' href='http://www.bandegani.de/itkurs/css/site.css'>"; echo "<link href='http://www.bandegani.de/itkurs/highlight/styles/github.css' rel='stylesheet'>"; echo "<body>"; // Gesamter Bereich:Anfang von wrapper echo "<div id='wrapper'>"; // Navigationsanfang echo "<nav class='navbar navbar-default navbar-fixed-top' role='navigation' style='background-color: #F0F8FF;'> <ul class='nav navbar-nav'> <li><a href='index.php'><span class='fa fa-home'></span> HOME</a></li> <li><a href='labshopdescription.php'><span class='fa fa-news'></span> DESCRIPTION</a></li> <li><a href='tcpdf/examples/index.php' target='_blank'><span class='fa fa-file'></span> PDF EXAMPLES</a></li> <li><a href='labshop.php'><span class='fa fa-cart'></span> CART</a></li>"; if (check_user() || check_admin_user()){ echo "<li><a href='lablogout.php'><span class='mif-user-minus icon'>LOGOUT</span></a></li>"; } else { echo "<li><a href='lablogin.php'><span class='mif-user-plus icon'>LOGIN</span></a></li>"; } if (isset($_SESSION['admin_user'])) { echo "<li><a href='labadmin.php'><span class='mif-user-plus icon'>ADMIN-MENU</span></a></li>"; } echo "</ul></nav>"; } function do_shop_footer() { echo "</div>"; echo "<footer class='page-footer font-small blue-grey lighten-5'> <div class='footer-copyright text-center py-3' style='background-color: #F0F8FF;'> <ul class='list-unstyled'> <br /> <li> <a href='https://www.haw-hamburg.de/startseite.html'>HAW-Hamburg</a> </li> <li> <a href='https://design.haw-hamburg.de/home/das-department-design/'>Departement Design</a> </li> <li> <a href='https://vorlesungsverzeichnis.design.haw-hamburg.de/'>Vorlesungsverzeichnis</a> </li> </ul> <a href='http://www.bandegani.de/'> <span class='fa fa-copyright'></span>2020 Copyright bandegani.de </a> </div> </footer>"; echo "<script src='http://www.bandegani.de/itkurs/js/jquery.min.js'></script>"; // Bootstrap Core JavaScript echo "<script src='http://www.bandegani.de/itkurs/js/bootstrap.min.js'></script>"; // Metis Menu Plugin JavaScript echo "<script src='http://www.bandegani.de/itkurs/js/metisMenu.min.js'></script>"; // Custom Theme JavaScript echo "<script src='http://www.bandegani.de/itkurs/js/startmin.js'></script>"; // DataTables JavaScript echo "<script src='http://www.bandegani.de/itkurs/js/dataTables/jquery.dataTables.min.js'></script>"; echo "<script src='http://www.bandegani.de/itkurs/js/dataTables/dataTables.bootstrap.min.js'></script>"; // Flot Charts JavaScript echo "<script src='js/flot/excanvas.min.js'></script> <script src='js/flot/jquery.flot.js'></script> <script src='js/flot/jquery.flot.pie.js'></script> <script src='js/flot/jquery.flot.resize.js'></script> <script src='js/flot/jquery.flot.time.js'></script> <script src='js/flot/jquery.flot.tooltip.min.js'></script> <script src='js/flot-data.js'></script> </body> </html>"; } function do_shop_main($url, $subcatid){ display_shop_nav($url); if ($subcatid<=0 ) { $subcatid=1; } $article_array = get_articles($subcatid); display_shop_articles($article_array, $url); } function display_shop_nav($url) { echo "<div class='navbar-default sidebar' role='navigation' style='background-color: #F0F8FF;'> <div class='sidebar-nav navbar-collapse' style='background-color: #F0F8FF;'> <ul class='nav' id='side-menu'> <li class='sidebar-search'> <div class='input-group custom-search-form'> <input type='text' class='form-control' placeholder='Search...'> <span class='input-group-btn'> <button class='btn btn-primary' type='button'> <i class='fa fa-search'></i> </button> </span> </div> </li> "; $catsql = "select * from lab_tblcategories"; $catres = mysql_query($catsql) or die ("no connection to the database ".mysql_error()); $catnum = mysql_num_rows($catres); if ($catnum== 0){ //return FALSE; echo "There are currently no categories available.<br />"; } else { $n=0; while ($catrow = mysql_fetch_assoc($catres)) { if($catrow['activ']==1) { $catid=$catrow['id']; $caturl = $url."?catid=" . ($catrow['id']); $catname = $catrow['name']; echo "<li>"; echo "<a href='$url'>$catname<span class='fa arrow'></span></a>"; echo "<ul class='nav nav-second-level'>"; $subcatsql = "select * from lab_tblsubcategories where catid=$catid"; $subcatres = mysql_query($subcatsql) or die ("no connection to the database ".mysql_error()); $subcatnum = mysql_num_rows($subcatres); if ($subcatnum!= 0){ $m=0; while ($subcatrow = mysql_fetch_assoc($subcatres)) { if($subcatrow['activ']==1) { $subcatname=$subcatrow['name']; $subcaturl = $url."?subcatid=" . ($subcatrow['id']); echo "<li>"; echo "<a href='$subcaturl'>".$subcatname."</a><br />"; echo "</li>"; } $m=$m+1; } } echo "</ul>"; echo "</li>"; } $n=$n+1; } } echo "</ul>"; echo "</div>"; echo "</div>"; echo "<br /><br />"; } function do_shop_URL($url, $name) { echo "<a href=$url>".$name."</a>"; } function do_shop_breadcrumb($url, $name){ echo "<ul class='breadcrumbs'>"; echo "<li class='page-item'><a href='".$url."' class='page-link'>".$name."</a></li>"; echo "</ul>"; } function do_login_form($url) { echo "<br /><br /><br />"; echo "<div class='row'> <div class='col-md-4 col-sm-4 col-xs-12'></div> <div class='col-md-4'> <div class='panel panel-primary'> <div class='panel-heading'> <h2 class='panel-title'>Login - Formular</h2> </div> <div class='panel-body'> "; echo "<form enctype='multipart/form-data' method='post' action='".$url."'>"; echo "<div class='form-group'> <label class='control-label' for='inputUsername'>Username:</label> <input type='text' name='email' class='form-control' id='inputUsername' required> <div style='height: 15px;'></div> </div> <div class='form-group'> <label class='control-label' for='inputPassword'>Password:</label> <input type='Password' name='password' class='form-control' id='inputPassword' required> <div style='height: 15px;'></div> </div> <div class='form-group'> <button type='submit' name='send' class='btn btn-primary'> <span class='fa fa-lock'></span> Login</button> </div> "; echo "</form> </div> </div> </div></div> "; } function do_admin_main($url, $section){ display_admin_nav($url); do_admin_menu($section); } function display_admin_nav($url){ echo "<div class='navbar-default sidebar' role='navigation' style='background-color: #F0F8FF;'> <div class='sidebar-nav navbar-collapse' style='background-color: #F0F8FF;'> <ul class='nav' id='side-menu'> <li class='sidebar-search'> <div class='input-group custom-search-form'> <input type='text' class='form-control' placeholder='Search...'> <span class='input-group-btn'> <button class='btn btn-primary' type='button'> <i class='fa fa-search'></i> </button> </span> </div> </li> "; echo "<li>"; echo "<a href='".$url."?section=InsertCategories'>Management Categories</a>"; echo "<ul class='nav nav-second-level'>"; echo "<li><a href='".$url."?section=InsertCategories'>Insert Categories</a></li>"; echo "<li><a href='".$url."?section=EditCategories'>Edit Categories</a></li>"; echo "<li><a href='".$url."?section=DeleteCategories'>Delete Categories</a></li>"; echo "</ul>"; echo "</li>"; echo "<li>"; echo "<a href='".$url."?section=InsertSubcategories'>Management Subcategories</a>"; echo "<ul class='nav nav-second-level'>"; echo "<li><a href='".$url."?section=InsertSubcategories'>Insert Subcategories</a></li>"; echo "<li><a href='".$url."?section=EditSubcategories'>Edit Subcategories</a></li>"; echo "<li><a href='".$url."?section=DeleteSubcategories'>Delete Subcategories</a></li>"; echo "</ul>"; echo "</li>"; echo "<li>"; echo "<a href='".$url."?section=InsertArticles'>Management Articles</a>"; echo "<ul class='nav nav-second-level'>"; echo "<li><a href='".$url."?section=InsertArticles'>Insert Articles</a></li>"; echo "<li><a href='".$url."?section=EditArticles'>Edit Articles</a></li>"; echo "<li><a href='".$url."?section=DeleteArticles'>Delete Articles</a></li>"; echo "</ul>"; echo "</li>"; echo "<li>"; echo "<a href='".$url."?section=InsertCustomers'>Management Customers</a>"; echo "<ul class='nav nav-second-level'>"; echo "<li><a href='".$url."?section=InsertCustomers'>Insert Customers</a></li>"; echo "<li><a href='".$url."?section=EditCustomers'>Edit Customers</a></li>"; echo "<li><a href='".$url."?section=DeleteCustomers'>Delete Customers</a></li>"; echo "</ul>"; echo "</li"; echo "<li>"; echo "<a href='".$url."?section=InsertDeliveries'>Management Deliveries</a>"; echo "<ul class='nav nav-second-level'>"; echo "<li><a href='".$url."?section=InsertDeliveries'>Insert Deliveries</a></li>"; echo "<li><a href='".$url."?section=EditDeliveries'>Edit Deliveries</a></li>"; echo "<li><a href='".$url."?section=DeleteDeliveries'>Delete Deliveries</a></li>"; echo "</ul>"; echo "</li>"; if (check_admin_user()){ echo "<li>"; echo "<a href='".$url."?section=InsertUsers'>Management Users</a>"; echo "<ul class='nav nav-second-level'>"; echo "<li><a href='".$url."?section=InsertUsers'>Insert Users</a></li>"; echo "<li><a href='".$url."?section=EditUsers'>Edit Users</a></li>"; echo "<li><a href='".$url."?section=DeleteUsers'>Delete Users</a></li>"; echo "</ul>"; echo "</li"; } echo "</ul>"; echo "</div>"; echo "</div>"; echo "<br /><br />"; } function do_admin_menu($section) { switch($section) { case "InsertCategories": include("labinsertcategories.php"); break; case "EditCategories": include("labeditcategories.php"); break; case "DeleteCategories": include("labdeletecategories.php"); break; case "InsertSubcategories": include("labinsertsubcategories.php"); break; case "EditSubcategories": include("labeditsubcategories.php"); break; case "DeleteSubcategories": include("labdeletesubcategories.php"); break; case "InsertArticles": include("labinsertarticles.php"); break; case "EditArticles": include("labeditarticles.php"); break; case "DeleteArticles": include("labdeletearticles.php"); break; case "InsertCustomers": include("labinsertcustomers.php"); break; case "EditCustomers": include("labeditcustomers.php"); break; case "DeleteCustomers": include("labdeletecustomers.php"); break; case "InsertDeliveries": include("labinsertdeliveries.php"); break; case "EditDeliveries": include("labeditdeliveries.php"); break; case "DeleteDeliveries": include("labdeletedeliveries.php"); break; case "InsertUsers": include("labinsertusers.php"); break; case "EditUsers": include("labeditusers.php"); break; case "DeleteUsers": include("labdeleteusers.php"); break; case "ChangeAdminpassword": include("labchangeadminpassword.php"); break; default: include("labchangeadminpassword.php"); break; } } // change Function function display_shop_articles($article_array, $url) { echo "<div id='page-wrapper'><div class='container-fluid'>"; if (!is_array($article_array)) { echo "<br />There are currently no articles in this category.<br />"; } else { $n=1; foreach ($article_array as $row) { if ($n % 2 != 0) { echo "<div class='row'>"; echo "<div class='col-lg-4'>"; echo "<div class='panel panel-danger'>"; echo "<div class='panel-heading'><b>Number: </b>".$row['number']."</div>"; echo "<div class='panel-body'>"; $name = "<img style='width:300px; height:300px;' src='".$row['pic']."' alt='".$row['number']."'>"; $articleurl = $url."?id=" . ($row['id']); do_shop_URL($articleurl, $name); echo "</div>"; echo "<div class='panel-footer'>"; echo $row['description']."<br />"; echo "<b><i>".$row['price']." EURO</i></b>"; echo "</div>"; echo "</div>"; echo "</div>"; } else { echo "<div class='col-lg-4'>"; echo "<div class='panel panel-success'>"; echo "<div class='panel-heading'><b>Number: </b>".$row['number']."</div>"; echo "<div class='panel-body'>"; $name = "<img style='width:300px; height:300px;' src='".$row['pic']."' alt='".$row['number']."'>"; $articleurl = $url."?id=" . ($row['id']); do_shop_URL($articleurl, $name); echo "</div>"; echo "<div class='panel-footer'>"; echo $row['description']."<br />"; echo "<b><i>".$row['price']." EURO</i></b>"; echo "</div>"; echo "</div>"; echo "</div>"; echo "</div>"; } if($n==count($article_array)){ echo "</div>"; } $n=$n+1; } } echo "</div></div>"; } //Add Funtions display_articlesdetails(), display_cart(), display_checkout_form(), display_shipping(), display_card_form() und calculate_shipping_cost() function display_articlesdetails($article, $id) { if (!is_array($article)) { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo 'The details for this article can not be viewed at the moment.'; echo "</div></div>"; } else { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='row'>"; echo "<div class='col-lg-8'>"; echo "<div class='panel panel-danger'>"; echo "<div class='panel-heading'><b>Number: </b>".$article['number']."<br />"; echo $article['description']."<br />"; echo $article['price']." EURO"; echo "</div>"; echo "<div class='panel-body'>"; echo "<img style='width:600px; height:600px;' src='".$article['pic']."' alt='".$article['pic']."'>"; echo "</div>"; echo "<div class='panel-footer'>"; echo "<a href='labshowcart.php?new=$id' class='button'><span class='fa fa-shopping-cart'></span> Shopping</a>"; echo " "; echo "<a href='labshop.php' class='button'><span class='fa fa-shopping-cart'></span> add shopping</a>"; echo "</div>"; echo "</div>"; echo "</div></div>"; } } function display_cart($cart, $change = TRUE, $images = 1) { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='table-responsive'>"; echo "<table class='table'><thead><tr><th>Image</th><th class='sortable-column sort-asc'>Articlenumber</th> <th>Description</th><th>Price</th><th>Quantity</th><th>Total</th></tr></thead><tbody> <form action = 'labshowcart.php' method = 'post'>"; foreach ($cart as $id => $qty) { $article = get_articlesdetails($id); echo "<tr>"; if ($images == TRUE) { echo "<td>"; if (file_exists($article['pic'])) { $size = GetImageSize($article['pic']); if ($size[0] > 0 && $size[1] > 0) { echo "<img src=".$article['pic']." width = ". ($size[0] / 3)." height =".($size[1] / 3)." />"; } } else echo "</td>"; } echo "<td>"; $articleurl = $url."?id=" . $id; echo "<a href = $articleurl>" . $article["number"] . "</a></td>"; echo "<td>Description(" . $article["description"]. " )"; echo "</td><td>" . number_format($article["price"], 2); echo "</td><td>"; // If we allow changes, sets are in text boxes if ($change == TRUE) echo "<input type = 'text' name = $id value = $qty size = 3>"; else echo $qty; echo "</td><td align = 'center'>" . number_format($article['price'] * $qty, 2) . "</td></tr>\n"; } // Show line with total echo "</tbody><thead><tr> <th colspan = " . (3 + $images) . "></th><th> " . $_SESSION['items'] . " </th><th> " . number_format($_SESSION['totalprice'], 2) . " </th></tr></thead>"; // save changes Button if ($change == TRUE) { echo "<tr> <td colspan = " . (3 + $images) . "></td> <td> <input type = 'hidden' name = 'save' value = true> <button type='image' name='save Changes' class='btn btn-primary'> <span class='fa fa-save '></span> save Changes</button> </td> <td></td> </tr>"; } echo "</form></table></div>"; echo "<a href='labshop.php' class='button'><span class='fa fa-shopping-cart'></span> add shopping</a> "; echo " "; echo "<a href='labcheckout.php' class='button'><span class='fa fa-paypal'></span> Continue to pay</a>"; echo "</div></div>"; } function display_checkout_form() { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='row'> <div class='col-md-6'> <div class='panel panel-primary'> <div class='panel-heading'> <h2 class='panel-title'>Customer - Form</h2> </div> <div class='panel-body'>"; echo "<form method='post' action='labpurchase.php'>"; echo "<div class='form-group'>"; echo "<label>Name:</label><input type='text' name='name' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Prename:</label><input type='text' name='prename' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Address:</label><input type='text' name='address' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Postcode:</label><input type='text' name='postcode' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>City:</label><input type='text' name='city' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Region:</label><input type='text' name='region' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Country:</label><input type='text' name='country' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Phone:</label><input type='text' name='phone' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Email:</label><input type='text' name='email' value=''>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label>Password:</label><input type='password' name='password' value=''>"; echo "</div>"; echo "<input type='checkbox' name='registered' data-role='checkbox' data-caption='Registered'><br />"; echo "<small class='text-muted'>If the entry should be active, the checkbox must be clicked!</small>"; echo "</div>"; echo "<div class='form-group'>"; echo "<button type='submit' value='Pay' class='button'><span class='fa fa-paypal'></span> Pay</button>"; echo "</div>"; echo "</form>"; echo "</div>"; echo "</div>"; echo "</div></div>"; echo "</div></div>"; } function display_shipping($shipping) { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<table class='table' border = 0 width = '100%' cellspacing = 0> <tr><td align = 'left'>Shipping</td> <td align = 'right'>".number_format($shipping, 2)."</td></tr> <tr><th bgcolor='#cccccc' align = 'left'>COSTS INCLUDED SHIPPING</th> <th bgcolor='#cccccc' align = 'right'>".number_format($shipping+$_SESSION['totalprice'], 2)."</th> </tr> </table><br />"; echo "</div></div>"; } function display_card_form($name) { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<table class='table' border = 0 width = '100%' cellspacing = 0> <form action = 'labprocess.php' method = 'post'> <tr><th colspan = 2 bgcolor='#cccccc'>Information about your credit card</th></tr> <tr> <td>Typ</td> <td><select name = 'card_type'><option>VISA<option>MasterCard<option>American Express</select></td> </tr> <tr> <td>Number</td> <td><input type = 'text' name = 'card_number' value = '' maxlength = 16 size = 40></td> </tr> <tr> <td>AMEX Code (if necessary)</td> <td><input type = 'text' name = 'amex_code' value = '' maxlength = 4 size = 4></td> </tr> <tr> <td>Expiry Date</td> <td>Month <select name = 'card_month'><option>01<option>02<option>03<option>04<option>05<option>06<option>07<option>08<option>09<option>10<option>11<option>12</select> Jahr <select name = 'card_year'><option>00<option>01<option>02<option>03<option>04<option>05<option>06<option>07<option>08<option>09<option>10</select></td> </tr> <tr> <td>Name of Cardholder</td> <td><input type = 'text' name = 'card_name' value = '". $name."' maxlength = 40 size = 40></td> </tr> <tr> <td colspan = 2 align = 'center'>"; echo "<br /><button type='submit' value='Pay' class='button'><span class='mif-paypal'></span> Pay</button>"; echo "</td> </tr> </table>"; echo "</div></div>"; } function calculate_shipping_cost() { return 20.00; } ?>
4.2.4 labadmin_fns.php
Diese Datei beinhaltet die administrative Aufgaben. Um z.B. den Preis von den Artikeln zu ermitteln, wurden die Funktionenget_articlesdetails(), calculate_price()
und calculate_items() erstellt.<?php
function check_login($email, $password) {
// Connection to the database
$sqlstr = "select * from lab_tblusers where email='$email' and password = md5('$password')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
if (!$num)
return 0;
if ($num > 0)
return 1;
else
return 0;
}
function check_admin($email, $password){
$sqlstr = "select * from lab_tblusers where email='$email' and password = md5('$password')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while ($row = mysql_fetch_assoc($res)) {
if ($row['id']==1)
return TRUE;
}
}
function check_user() {
// Check if someone is logged in, if not give a message
if (isset($_SESSION['user']))
return TRUE;
else
return FALSE;
}
function check_admin_user() {
//Check if someone is logged in, if not give a message
if (isset($_SESSION['admin_user']))
return TRUE;
else
return FALSE;
}
function get_articles($subcatid) {
// Query database for the articles of a category
if (!$subcatid || $subcatid == '')
return FALSE;
$sqlstr = "select * from lab_tblarticles where subcatid='$subcatid'";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
if ($num == 0)
return FALSE;
for ($count = 0; $row=mysql_fetch_assoc($res); $count++)
$res_array[$count] = $row;
return $res_array;
}
function get_cgi_param ($feld, $default) {
$var = $default;
$rmeth = $_SERVER['REQUEST_METHOD'];
if ($rmeth == "GET") {
if (isset ($_GET[$feld]) && $_GET[$feld] != "") {
$var = $_GET[$feld];
}
} elseif ($rmeth == "POST") {
if (isset ($_POST[$feld]) && $_POST[$feld] != "") {
$var = $_POST[$feld];
}
}
return $var;
}
// Adjust picture
function resize($file, $save, $width, $height=false) {
if(!$height)
$height = $width;
$infos = @getimagesize($file);
$iWidth = $infos[0];
$iHeight = $infos[1];
$iRatioW = $width / $iWidth;
$iRatioH = $height / $iHeight;
if($iRatioW < $iRatioH) {
$iNewW = $iWidth * $iRatioW;
$iNewH = $iHeight * $iRatioW;
} else {
$iNewW = $iWidth * $iRatioH;
$iNewH = $iHeight * $iRatioH;
} // if
if($infos[2] == 1)
$imgA = @imagecreatefromgif($file);
elseif($infos[2] == 2)
$imgA = @imagecreatefromjpeg($file);
elseif($infos[2] == 3)
$imgA = @imagecreatefrompng($file);
$imgB = @imagecreatetruecolor($iNewW, $iNewH);
if(!$imgB)
$imgB = @imagecreate($iNewW, $iNewH);
if(!@imagecopyresampled($imgB, $imgA, 0, 0, 0, 0, $iNewW, $iNewH, $infos[0], $infos[1]))
@imagecopyresized($imgB, $imgA, 0, 0, 0, 0, $iNewW, $iNewH, $infos[0], $infos[1]);
$re = null;
umask(0777);
if($infos[2] == 1)
$re = imagegif($imgB, $save);
elseif($infos[2] == 2)
$re = imagejpeg($imgB, $save, 100);
else
$re = imagepng($imgB, $save);
return true;
}
// New added
function get_articlesdetails($id) {
if (!$id || $id == '')
return FALSE;
$conn = db_connect();
$sqlstr = "select * from lab_tblarticles where id='$id'";
$res = @$conn->query($sqlstr);
if (!$res)
return FALSE;
$res = @$res->fetch_assoc();
return $res;
}
function calculate_price($cart) {
// Calculate the total price for all items in the shopping cart
$price = 0.0;
if (is_array($cart)) {
$conn = db_connect();
foreach($cart as $id => $qty) {
$sqlstr = "select price from lab_tblarticles where id='$id'";
$res = $conn->query($sqlstr);
if ($res) {
$item = $res->fetch_object();
$item_price = $item->price;
$price += $item_price * $qty;
}
}
}
return $price;
}
function calculate_items($cart) {
// Calculate the number of items in your cart
$items = 0;
if (is_array($cart)) {
foreach($cart as $id => $qty) {
$items += $qty;
}
}
return $items;
}
?>
4.2.5 index.php
Diese Datei enthält die Startseite des Projektes. In der Datei sind Session-variablen gesetzt, und die Funktionen für die Navigation und die Inhalte werden aufgerufen. In allen Menüpunkt-Dateien werden die Funktionen session_start(), do_shop_header() und do_shop_footer() eingesetzt.<?php
session_start();
include ('labconfig.php');
if(!$_SESSION['items']) $_SESSION['items'] = '0';
if(!$_SESSION['totalprice']) $_SESSION['totalprice'] = '0.00';
$catid = $_GET['catid'];
do_shop_header('Shopsystem-Index');
include ('labtexthome.php');
do_shop_footer();
?>
4.2.6 labhome.php
Der Inhalt dieser Datei in diesem Projekt entspricht der Datei (index.php). Diese Datei soll nach dem Klicken auf dem HOME-Menüpunkt aufgerufen werden.<?php
session_start();
include ('labconfig.php');
if(!$_SESSION['items']) $_SESSION['items'] = '0';
if(!$_SESSION['totalprice']) $_SESSION['totalprice'] = '0.00';
$catid = $_GET['catid'];
do_shop_header('Shopsystem-labhome');
include ('labtexthome.php');
do_shop_footer();
?>
4.2.7 labshopnews.php
Der Inhalt der Datei entspricht dem Inhalt dieses Dokuments.<?php
session_start();
include ('labconfig.php');
if(!$_SESSION['items']) $_SESSION['items'] = '0';
if(!$_SESSION['totalprice']) $_SESSION['totalprice'] = '0.00';
$catid = $_GET['catid'];
do_shop_header('Shopsystem-labshopnews');
include ('labtextnews.php');
do_shop_footer();
?>
4.3.1 Datenbanklayout
Hinweis: Siehe im News-Verwaltungssystem lab_tblusers4.3.2 Datenbankanwendung
Für das Shopsystem nutzen wir also MySQL. Da in diesem Shopsystem die Tabellen lab_tblcategories, lab_tblsubcategories und lab_tblarticles verwalten werden sollen, soll das System auch ein nutzerabhängiges Shopsystem sein. Mittels einer Tabelle lab_tblusers wird das erreicht. Dazu siehe auch das News- und Artikelverwaltungssysteme. Das Tabellenschema (Abb. 4.3.2) zeigt ebenfalls die Beziehungen der Tabellen zueinander.
Abb. 4.3.2 Tabellenschema für das Shopsystem
4.3.3 User-Tabelle
Die Tabellen kann man entweder mittels phpMyAdmin (Hilfsprogramm für die Verwaltung der Tabellen) oder unten stehenden SQL-Code kopieren und ausführen.Hinweis:Diese Tabelle wurde im News-Verwaltungssystem erstellt. Falls Sie schon die Tabelle erstellt haben, können Sie mit der Erstellung der weiteren Tabellen weiter machen!
Die Datenbanktabelle (lab_tblusers) hat folgende Spalten:
Abb. 4.3.3 Datenbanktabelle lab_tblusers
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblusers).
CREATE TABLE IF NOT EXISTS `lab_tblusers` ( `id` int(11) NOT NULL, `name` varchar(50) DEFAULT NULL, `prename` varchar(50) DEFAULT NULL, `modified` datetime DEFAULT NULL, `email` varchar(100) DEFAULT NULL, `password` varchar(32) DEFAULT NULL ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=utf8; ALTER TABLE `lab_tblusers` ADD PRIMARY KEY (`id`);
4.3.4 Tabelle für die Kategorie (lab_tblcategories)
Um die Artikeldaten einem Kategorienamen bzw. Unterkategorienamen zuzuordnen, legen wir eine Tabelle mit folgenden Feldern fest:
Abb. 4.3.4 Datenbanktabelle (lab_tblcategories)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblcategories).
CREATE TABLE IF NOT EXISTS `lab_tblcategories` ( `id` int(3) NOT NULL, `name` varchar(30) NOT NULL, `link` varchar(50) NOT NULL, `activ` tinyint(1) NOT NULL, `description` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=latin1; ALTER TABLE `lab_tblcategories` ADD PRIMARY KEY (`id`);
4.3.5 Tabelle für die Unterkategorie (lab_tblsubcategories)
Um die Artikeldaten einem Kategorienamen bzw. Unterkategorienamen zuzuordnen, legen wir eine Tabelle mit folgenden Feldern fest:
Abb. 4.3.5 Datenbanktabelle (lab_tblsubcategories)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblsubcategories).
CREATE TABLE IF NOT EXISTS `lab_tblsubcategories` ( `id` tinyint(4) NOT NULL, `name` varchar(100) CHARACTER SET latin1 NOT NULL, `catid` int(2) DEFAULT NULL, `link` varchar(50) COLLATE latin1_general_ci NOT NULL, `activ` tinyint(1) NOT NULL, `description` varchar(255) COLLATE latin1_general_ci DEFAULT NULL ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci; ALTER TABLE `lab_tblsubcategories` ADD PRIMARY KEY (`id`);
Mit dem Feld (catid) kann die Beziehung zu der Tabelle (lab_tblcategories) hergestellt werden.
4.3.6 Tabelle für die Artikeldaten (lab_tblarticles)
Die folgende Felder sind für die Artikeldaten festgelegt worden:
Abb. 4.3.6 Datenbanktabelle (lab_tblarticles)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblarticles).
CREATE TABLE IF NOT EXISTS `lab_tblarticles` ( `id` int(11) NOT NULL, `number` char(13) COLLATE latin1_general_ci NOT NULL, `name` char(80) CHARACTER SET utf8 NOT NULL, `pic` varchar(100) CHARACTER SET utf8 NOT NULL, `subcatid` int(10) NOT NULL, `userid` int(11) NOT NULL, `modified` date NOT NULL, `price` float(5,2) NOT NULL, `description` text CHARACTER SET utf8 NOT NULL ) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci; ALTER TABLE `lab_tblarticles` ADD PRIMARY KEY (`id`);
Mit den Feldern (subcatid) und (userid) werden jeweils die Beziehungen zu den Tabelle (lab_tblsubcategories) und (lab_tblusers) hergestellt.
4.4.1 Anmelden am System (lablogin.php)
Wir wollen uns am System anmelden, um z.B. Artikel-, Kategorie- oder Unterkategoriedaten zu verwalten. Um uns anzumelden, müssen wir zuerst die Felder im Formular (Abb. 4.4.1) ausfüllen und dann auf die Schaltfläche Login klicken. Der Benutzer, dessen Datensatz in der Tabelle(lab_tblusers) eingetragen ist, kann die Daten für das Shopsystem verwalten.
Abb. 4.4.1 Login-Formular bei der Datei (lablogin.php)
In diesem Shop-System sind zwei unterschiedliche Benutzer vor geplant. Ein Hauptbenutzer (Admin) hat das Recht auf allen Datensätzen(Abb. 4.4.2 und Abb. 4.4.3) zu verwalten. Alle anderen Benutzer können hier nur nicht die Tabelle des Users (lab_tblusers) verwalten. (siehe Abb. 4.4.4 und Abb. 4.4.5)
Abb. 4.4.2 Login-Formular für alle Zugriffsrechte (lablogin.php)
Abb. 4.4.3 Layout mit allen Zugriffsrechten (labadmin.php)
Abb. 4.4.4 Login-Formular für begrenzte Zugriffsrechte (lablogin.php)
Abb. 4.4.5 Layout mit begrenzten Zugriffsrechten (labadmin.php)
Wenn der Benutzer auf die Schaltfläche (login) klickt, wird die Verarbeitung in der Datei (labadmin.php) durchgeführt.
Der Inhalt der Datei (lablogin.php)
<?php
session_start();
include ('labconfig.php');
$url="labadmin.php";
// Sessionvariablen festlegen auf die wir innerhalb der Funktion zugreifen wollen
if(!$_SESSION['items']) $_SESSION['items'] = '0';
if(!$_SESSION['totalprice']) $_SESSION['totalprice'] = '0.00';
$catid = $_GET['catid'];
do_shop_header('Shopsystem-Login');
do_login_form($url);
if (isset($_SESSION['admin_user']) || isset($_SESSION['user'])) {
include($url);
}
do_shop_footer();
?>
4.4.2 Anmelden als Administrator am System (labadmin.php)
Durch die Funktion check_login($email, $password) werden die Eingaben überprüft und die Parameter $_POST['email'] in einer Variablen $_SESSION['admin_user'] gespeichert. So hat die angemeldete Person den Zugriff auf die weiteren Links(siehe unten wie z.B. labinsertarticles.php, labdeletearticles.php, labeditarticles.php, usw.).Der Inhalt der Datei (labadmin.php)
<?php require_once("labconfig.php"); session_start(); if(isset($_GET["section"])) { $section = $_GET["section"]; } else { $section = ""; } if(isset($_POST['send'])) { if ($_POST['email'] && $_POST['password']) { $email = $_POST['email']; $password = $_POST['password']; if (check_login($email, $password)) { if (check_admin($email, $password)) { // Wenn der Benutzer alle Zugriffsrechte haben soll.! $_SESSION['admin_user'] = $email; } else{ // Wenn der Benutzer- begrenzte Zugriffsrechte haben soll! $_SESSION['user'] = $email; } } } } do_shop_header("Administration by Mehdi Bandegani"); if (check_user() || check_admin_user()){ do_admin_main("labadmin.php", $section); } else { //Anmeldung gescheitert do_shop_header('Problem:'); echo "You could not be registered. You must be logged in to see this page.<br />"; do_shop_url('lablogin.php', 'Login'); } do_shop_footer(); ?>
4.4.3 Abmelden am System (lablogout.php)
Soll sich die angemeldete Person am System abmelden, ist die Datei (lablogout.php) vorgesehen.
Der Inhalt der Datei (lablogout.php)
<?php require_once("labconfig.php"); session_start(); $old_user = $_SESSION['user']; // speichern um zu testen, ob jemand angemeldet *war* unset($_SESSION['user']); $old_admin = $_SESSION['admin_user']; // speichern um zu testen, ob jemand angemeldet *war* unset($_SESSION['admin_user']); session_destroy(); do_shop_header('Administration-Logout'); $url="labadmin.php"; if (!empty($old_user)) { ?> <div class='row'> <div class='col-md-4 col-sm-4 col-xs-12'></div> <div class='col-md-4'> <span class='label label-success'>You are Logout!</span> </div></div> <?php } else { do_login_form($url); } do_shop_footer(); ?>
4.5.1 Kategorie-Daten in die Datenbank hinzufügen (labinsertcategories.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze in die entsprechenden Tabellen in dem Fall (lab_tblcategories) hinzugefügt werden. Die Abb.4.5.1, Abb.4.5.2 und Abb.4.5.3 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblcategories) hinzuzufügen.
Abb. 4.5.1 Kategorie-Formular für einen neuen Datensatz (labinsertcategories.php)
Abb. 4.5.2 Kategorie-Formular bei einem neuen Datensatz (labinsertcategories.php)
Abb. 4.5.3 Hinzugefügter Datensatz (labinsertcategories.php)
Der Inhalt der Datei (labinsertcategories.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["activ"])) {
$activ=1;
}else {
$activ=0;
}
$sqlstr = "insert lab_tblcategories"
. "(name, link, activ, description) values "
. "('" . $_POST["name"] . "', "
. "'" . $_POST["link"] . "', "
. "'" . $activ . "', "
. "'" . $_POST["description"] . "')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
display_list_categories();
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Insert category - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=InsertCategories'>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputName'>Name:</label>";
echo "<input type='text' name='name' class='form-control' id='inputName' placeholder='Enter Category name'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputLink'>Link:</label>";
echo "<input type='text' name='link' class='form-control' id='inputLink' placeholder='Enter link'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ'><br />";
echo "<small class='text-muted'>If the entry should be active, the checkbox must be clicked!</small>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputDescription'>Description:</label>";
echo "<textarea data-role='textarea' name='description' class='form-control' id='inputDescription'></textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-send'></span> Insert the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
}
function display_list_categories(){
$sqlstr = "select * from lab_tblcategories ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>List the database: <small>lab_tblcategories</small></h2>
</div>
<div class='panel-body'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Link</th>";
echo "<th>Activ</th>";
echo "<th>Description</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["link"] . "</td>";
echo "<td>" . $row["activ"] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.5.2 Kategorie-Daten in die Datenbank ändern (labeditcategories.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze in die entsprechenden Tabellen in dem Fall (lab_tblcategories) geändert werden. Die Abb.4.5.4, Abb.4.5.5 und Abb.4.5.6 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblcategories) zu ändern.
Abb. 4.5.4 Kategorie-Tabellenformular für die Änderung eines Datensatzes (labeditcategories.php)
Abb. 4.5.5 Kategorie-Formular für die Änderung eines Datensatzes (labeditcategories.php)
Abb. 4.5.6 Kategorie-Tabellenformular nach der Änderung eines Datensatzes (labeditcategories.php)
Der Inhalt der Datei (labeditcategories.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["activ"])) {
$activ=1;
}else {
$activ=0;
}
$sqlstr = "update lab_tblcategories set "
. " name = '" . $_POST["name"] . "',"
. " link = '" . $_POST["link"] . "',"
. " activ = '" . $activ . "',"
. " description = '" . $_POST["description"] . "'"
. " where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "The record has not been changed!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblcategories where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit Category - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditCategories'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Link:</label>";
echo "<input type='text' name='link' class='form-control' value='".$row['link']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<label class='control-label'>Description:</label>";
echo "<textarea name='description' class='form-control' data-role='textarea'>".$row['description']."</textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Edit the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_edit_categories();
}
function display_edit_categories(){
$sqlstr = "select * from lab_tblcategories ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tblcategories</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditCategories'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Link</th>";
echo "<th>Activ</th>";
echo "<th>Description</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["link"] . "</td>";
echo "<td>" . $row["activ"] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.5.3 Kategorie-Daten aus der Datenbank löschen (labdeletecategories.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze aus den entsprechenden Tabellen in dem Fall (lab_tblcategories) gelöscht werden. Die Abb.4.5.7 und Abb.4.5.8 zeigen den Ablauf, um einen Datensatz aus der Tabelle (lab_tblcategories) zu löschen.
Abb. 4.5.7 Kategorie-Tabellenformular für das Löschen eines Datensatzes (labdeletecategories.php)
Abb. 4.5.8 Kategorie-Formular für das Löschen eines Datensatzes (labdeletecategories.php)
Abb. 4.5.9 Kategorie-Formular für das Löschen eines Datensatzes (labdeletecategories.php)
Der Inhalt der Datei (labdeletecategories.php)
<?php
session_start();
if(isset($_POST['send'])){
$sqlstr = "delete from lab_tblcategories where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "The record has not been changed!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblcategories where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete Category - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteCategories'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Link:</label>";
echo "<input type='text' name='link' class='form-control' value='".$row['link']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<label class='control-label'>Description:</label>";
echo "<textarea name='description' class='form-control' data-role='textarea'>".$row['description']."</textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Delete the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_delete_categories();
}
function display_delete_categories(){
$sqlstr = "select * from lab_tblcategories ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete the database: <small>lab_tblcategories</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteCategories'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Link</th>";
echo "<th>Activ</th>";
echo "<th>Description</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["link"] . "</td>";
echo "<td>" . $row["activ"] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.6.1 Unterkategorie-Daten in die Datenbank hinzufügen (labinsertsubcategories.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze in die entsprechenden Tabellen in dem Fall (lab_tblsubcategories) hinzugefügt werden. Die Abb.4.6.1 und Abb.4.6.2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblsubcategories) hinzuzufügen.
Abb. 4.6.1 Unterkategorie-Formular für einen neuen Datensatz (labinsertsubcategories.php)
Abb. 4.6.2 Hinzugefügter Datensatz (labinsertsubcategories.php)
Der Inhalt der Datei (labinsertsubcategories.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["activ"])) {
$activ=1;
}else {
$activ=0;
}
$catid = get_cgi_param ("catid", 0);
if($catid){
$sqlstr = "insert lab_tblsubcategories"
. "(name, catid, link, activ, description) values "
. "('" . $_POST["name"] . "', "
. "'" . $catid . "', "
. "'" . $_POST["link"] . "', "
. "'" . $activ . "', "
. "'" . $_POST["description"] . "')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
display_list_subcategories();
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "You must selected a category name!";
echo "</div>";
echo "</div></div>";
}
}else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Insert subcategory - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=InsertSubcategories'>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputName'>Name:</label>";
echo "<input type='text' name='name' class='form-control' id='inputName' placeholder='Enter subcategory name'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputSubcategoryname'>Category name:</label>";
echo "<select name='catid' class='form-control' id='inputSubcategoryname' data-role='select'>";
$sqlstr = "SELECT id, name FROM lab_tblcategories ORDER BY name ASC";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while (list ($catid, $name) = mysql_fetch_row ($res)) {
echo ("<option value=\"$catid\">$name (catid: $catid)</option>\n");
}
echo "</select>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputLink'>Link:</label>";
echo "<input type='text' name='link' class='form-control' id='inputLink' placeholder='Enter link'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ'><br />";
echo "<small class='text-muted'>If the entry should be active, the checkbox must be clicked!</small>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputDescription'>Description:</label>";
echo "<textarea data-role='textarea' name='description' class='form-control' id='inputDescription'></textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-send'></span> Insert the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
function display_list_subcategories(){
$sqlstr = "select * from lab_tblsubcategories ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>List the database: <small>lab_tblsubcategories</small></h2>
</div>
<div class='panel-body'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Catid</th>";
echo "<th>Link</th>";
echo "<th>Activ</th>";
echo "<th>Description</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["catid"] . "</td>";
echo "<td>" . $row["link"] . "</td>";
echo "<td>" . $row["activ"] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.6.2 Unterkategorie-Daten in die Datenbank ändern (labeditsubcategories.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze in die entsprechenden Tabellen in dem Fall (lab_tblsubcategories) geändert werden. Die Abb.4.6.3, Abb.4.6.4 und Abb.4.6.5 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblsubcategories) zu ändern.
Abb. 4.6.3 Unterkategorie-Tabellenformular für die Änderung eines Datensatzes (labeditsubcategories.php)
Abb. 4.6.4 Unterkategorie-Formular für die Änderung eines Datensatzes (labeditsubcategories.php)
Abb. 4.6.5 Unterkategorie-Tabelle nach der Änderung eines Datensatzes (labeditsubcategories.php)
Der Inhalt der Datei (labeditsubcategories.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["activ"])) {
$activ=1;
}else {
$activ=0;
}
$catid = get_cgi_param ("catid", 0);
if($catid>1){
$sqlstr = "update lab_tblsubcategories set "
. " name = '" . $_POST["name"] . "',"
. " catid = '" . $catid . "',"
. " activ = '" . $activ . "',"
. " description = '" . $_POST["description"] . "'"
. " where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
mysql_free_result($res);
}else {
$sqlstr = "update lab_tblsubcategories set "
. " name = '" . $_POST["name"] . "',"
. " activ = '" . $activ . "',"
. " description = '" . $_POST["description"] . "'"
. " where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
mysql_free_result($res);
}
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblsubcategories where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit subcategory - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditSubcategories'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Category name:</label>";
echo "<select name='catid' class='form-control' data-role='select'>";
$sqlstr = "SELECT id, name FROM lab_tblcategories ORDER BY name ASC";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while (list ($catid, $name) = mysql_fetch_row ($res)) {
echo ("<option value=\"$catid\">$name (catid: $catid)</option>\n");
}
echo "</select>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<label class='control-label'>Description:</label>";
echo "<textarea name='description' class='form-control' data-role='textarea'>".$row['description']."</textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Edit the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_edit_subcategories();
}
function display_edit_subcategories(){
$sqlstr = "select * from lab_tblsubcategories ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tblsubcategories</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditSubcategories'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Catid</th>";
echo "<th>Activ</th>";
echo "<th>Description</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["catid"] . "</td>";
echo "<td>" . $row["activ"] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.6.3 Unterkategorie-Daten aus der Datenbank löschen (labdeletesubcategories.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze aus den entsprechenden Tabellen in dem Fall (lab_tblsubcategories) gelöscht werden. Die Abb.4.6.6 und Abb.4.6.7 zeigen den Ablauf, um einen Datensatz aus der Tabelle (lab_tblsubcategories) zu löschen.
Abb. 4.6.6 Unterkategorie-Tabellenformular für das Löschen eines Datensatzes (labdeletesubcategories.php)
Abb. 4.6.7 Unterkategorie-Formular für das Löschen eines Datensatzes (labdeletesubcategories.php)
Abb. 4.6.8 Unterkategorie-Formular für das Löschen eines Datensatzes (labdeletesubcategories.php)
Der Inhalt der Datei (labdeletesubcategories.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["activ"])) {
$activ=1;
}else {
$activ=0;
}
$catid = get_cgi_param ("catid", 0);
if($catid){
$sqlstr = "delete from lab_tblsubcategories where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "You must selected a Category!";
echo "</div>";
echo "</div></div>";
}
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblsubcategories where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete subcategory - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteSubcategories'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Category name:</label>";
echo "<select name='catid' class='form-control' data-role='select'>";
$sqlstr = "SELECT id, name FROM lab_tblcategories ORDER BY name ASC";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while (list ($catid, $name) = mysql_fetch_row ($res)) {
echo ("<option value=\"$catid\">$name (catid: $catid)</option>\n");
}
echo "</select>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Link:</label>";
echo "<input type='text' name='link' class='form-control' value='".$row['link']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Activ: </label>";
echo "<input type='checkbox' name='activ'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<label class='control-label'>Description:</label>";
echo "<textarea name='description' class='form-control' data-role='textarea'>".$row['description']."</textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Delete the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_delete_subcategories();
}
function display_delete_subcategories(){
$sqlstr = "select * from lab_tblsubcategories ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete the database: <small>lab_tblsubcategories</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteSubcategories'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Catid</th>";
echo "<th>Link</th>";
echo "<th>Activ</th>";
echo "<th>Description</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["catid"] . "</td>";
echo "<td>" . $row["link"] . "</td>";
echo "<td>" . $row["activ"] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.7.1 Artikel-Daten in die Datenbank hinzufügen (labinsertarticles.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze in die entsprechenden Tabellen in dem Fall (lab_tblarticles) hinzugefügt werden. Die Abb.4.7.1 und Abb.4.7.2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblarticles) hinzuzufügen.
Abb. 4.7.1 Artikel-Formular für einen neuen Datensatz (labinsertarticles.php)
Abb. 4.7.2 Hinzugefügter Datensatz (labinsertarticles.php)
Der Inhalt der Datei (labinsertarticles.php)
<?php
session_start();
if(isset($_POST['send'])){
$subcatid = get_cgi_param ("subcatid", 0);
$number = $_POST['number'];
$name = $_POST['name'];
$price = $_POST['price'];
$description = $_POST['description'];
$modified = date('Y-m-d', strtotime(str_replace('.', '-', $_POST['modified'])));
$file = $_FILES['pic']['name']; // Dies hab ich noch nicht getestet, da ich den Namen immer nach datum und user id abgespeichert hab.
$file = str_replace(" ", "_", "$file");
$file = htmlentities($file); // Mit leerzeichen -> _ hab ich auch noch nicht getestet, sollte so klappen
$file_type = GetImageSize($_FILES['pic']['tmp_name']);
if ( (($_FILES["pic"]["type"] == "image/gif") ||
($_FILES["pic"]["type"] == "image/jpeg") ||
($_FILES["pic"]["type"] == "image/png")) &&
($_FILES["file"]["size"] < 2048000) ) { // Dateitype nur gif, jpeg und png und max. Größe in bytes
move_uploaded_file($_FILES['pic']['tmp_name'], "uploads/temp-$file");
$file = "uploads/temp-$file";
$target = "uploads/$file";
$max_width = "800"; //Breite ändern
$max_height = "800"; //Höhe ändern
$quality = "90"; //Qualität ändern (max. 100)
$src_img = imagecreatefromjpeg($file);
$picsize = getimagesize($file);
$src_width = $picsize[0];
$src_height = $picsize[1];
if($src_width > $src_height){
if($src_width > $max_width){
$convert = $max_width/$src_width;
$dest_width = $max_width;
$dest_height = ceil($src_height*$convert);
} else {
$dest_width = $src_width;
$dest_height = $src_height;
}
} else {
if($src_height > $max_height) {
$convert = $max_height/$src_height;
$dest_height = $max_height;
$dest_width = ceil($src_width*$convert);
} else {
$dest_height = $src_height;
$dest_width = $src_width;
}
}
$dst_img = imagecreatetruecolor($dest_width,$dest_height);
imagecopyresampled($dst_img, $src_img, 0, 0, 0, 0, $dest_width, $dest_height, $src_width, $src_height);
imagejpeg($dst_img, "$target", $quality);
$sqlstr="INSERT INTO lab_tblarticles(number, name, pic, subcatid, modified, price, description) VALUES('$number', '$name', '$file', '$subcatid', '$modified', '$price', '$description')";$res = mysql_query($sqlstr) or die ("erroror inserting data ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkgreen fg-white'>";
echo "record has been added to the database!";
echo "</div>";
echo "</div></div>";
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "File types may only be gif, jpeg or png and the picture may not be larger than 2MB!";
echo "</div>";
echo "</div></div>";
}
display_list_articles();
}else {
$sqlstr = "select * from lab_tblsubcategories";
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Insert article - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=InsertArticles'>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputNumber'>Number:</label>";
echo "<input type='text' name='number' class='form-control' id='inputNumber' placeholder='Enter article number'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputName'>Name:</label>";
echo "<input type='text' name='name' class='form-control' id='inputName' placeholder='Enter article name'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPrice'>Price:</label>";
echo "<input type='text' name='price' class='form-control' id='inputPrice' placeholder='Enter article price'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputSubcategory'>Subcategory name:</label>";
echo "<select name='subcatid' class='form-control' id='inputSubcategory' data-role='select'>";
$sqlstr = "SELECT id, name FROM lab_tblsubcategories ORDER BY name ASC";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while (list ($subcatid, $name) = mysql_fetch_row ($res)) {
echo ("<option value=\"$subcatid\">$name (subatid: $subcatid)</option>\n");
}
echo "</select>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputDate'>Date:</label>";
echo "<input type='text' name='modified' class='form-control' id='inputDate' data-format='%d %B %Y'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputDescription'>Description:</label>";
echo "<textarea name='description' class='form-control' id='inputDescription' data-role='textarea'></textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='file' name='pic' data-role='file' data-caption='Choose file' required /></p>";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-send'></span> Insert the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
function display_list_articles(){
$sqlstr = "select * from lab_tblarticles ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>List the database: <small>lab_tblarticles</small></h2>
</div>
<div class='panel-body'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Number</th>";
echo "<th>Name</th>";
echo "<th>Subcatid</th>";
echo "<th>Date</th>";
echo "<th>Price</th>";
echo "<th>description</th>";
echo "<th>Pic</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["number"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["subcatid"] . "</td>";
echo "<td>" . date('d.m.Y', strtotime($row["modified"])) . "</td>";
echo "<td>" . $row["price"] . " €</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td>" . "<img style='float: left; margin-right: 25px; margin-bottom: 10px; width:50px; height:50px;' src='" . $row['pic'] ."'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.7.2 Artikel-Daten in die Datenbank ändern (labeditarticles.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze in die entsprechenden Tabellen in dem Fall (lab_tblarticles) geändert werden. Die Abb.4.7.3, Abb.4.7.4 und Abb.4.7.5 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblarticles) zu ändern.
Abb. 4.7.3 Artikel-Tabellenformular für die Änderung eines Datensatzes (labeditarticles.php)
Abb. 4.7.4 Artikel-Formular für die Änderung eines Datensatzes (labeditarticles.php)
Abb. 4.7.5 Artikel-Tabelle nach der Änderung eines Datensatzes (labeditarticles.php)
Der Inhalt der Datei (labeditarticles.php)
<?php
session_start();
if(isset($_POST['send'])){
$subcatid = get_cgi_param ("subcatid", 0);
$number = $_POST['number'];
$name = $_POST['name'];
$price = $_POST['price'];
$description = $_POST['description'];
$modified = date('Y-m-d', strtotime(str_replace('.', '-', $_POST['modified'])));
if (picdelelte($_SESSION['picalt'])==false){
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkgreen fg-white'>";
echo "Image file not find!";
echo "</div>";
echo "</div></div>";
}
$file = $_FILES['pic']['name']; // Dies hab ich noch nicht getestet, da ich den Namen immer nach datum und user id abgespeichert hab.
$file = str_replace(" ", "_", "$file");
$file = htmlentities($file); // Mit leerzeichen -> _ hab ich auch noch nicht getestet, sollte aba klappen
$file_type = GetImageSize($_FILES['pic']['tmp_name']);
if ((($_FILES["pic"]["type"] == "image/gif") ||
($_FILES["pic"]["type"] == "image/jpeg") ||
($_FILES["pic"]["type"] == "image/png")) &&
($_FILES["file"]["size"] < 2048000) ) { // Dateitype nur gif, jpeg und png und max. Größe in bytes
move_uploaded_file($_FILES['pic']['tmp_name'], "uploads/temp-$file");
$file = "uploads/temp-$file";
$target = "uploads/$file";
$max_width = "800"; //Breite ändern
$max_height = "800"; //Höhe ändern
$quality = "90"; //Qualität ändern (max. 100)
$src_img = imagecreatefromjpeg($file);
$picsize = getimagesize($file);
$src_width = $picsize[0];
$src_height = $picsize[1];
if($src_width > $src_height){
if($src_width > $max_width){
$convert = $max_width/$src_width;
$dest_width = $max_width;
$dest_height = ceil($src_height*$convert);
} else {
$dest_width = $src_width;
$dest_height = $src_height;
}
} else {
if($src_height > $max_height) {
$convert = $max_height/$src_height;
$dest_height = $max_height;
$dest_width = ceil($src_width*$convert);
} else {
$dest_height = $src_height;
$dest_width = $src_width;
}
}
$dst_img = imagecreatetruecolor($dest_width,$dest_height);
imagecopyresampled($dst_img, $src_img, 0, 0, 0, 0, $dest_width, $dest_height, $src_width, $src_height);
imagejpeg($dst_img, "$target", $quality);
$sqlstr = "update lab_tblarticles set "
. " number = '" . $_POST["number"] . "',"
. " name = '" . $_POST["name"] . "',"
. " pic = '" . $file . "',"
. " subcatid = '" . $subcatid. "',"
. " modified = '" . $modified. "',"
. " price = '" . $_POST["price"] . "',"
. " description = '" . $_POST["description"] . "'"
. " where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("erroror inserting data ".mysql_error());
$num = mysql_affected_rows($res);
if ($num>0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkgreen fg-white'>";
echo "record has been added to the database!";
echo "</div>";
echo "</div></div>";
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblarticles where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
$_SESSION['picalt']=$row['pic'];
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit article - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' action='".$url."?section=EditArticles' enctype='multipart/form-data'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Number:</label>";
echo "<input type='text' name='number' class='form-control' value='".$row['number']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Subcategory name:</label>";
echo "<select name='subcatid' class='form-control' data-role='select'>";
$sqlstr = "SELECT id, name FROM lab_tblsubcategories ORDER BY name ASC";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while (list ($subcatid, $name) = mysql_fetch_row ($res)) {
echo ("<option value=\"$subcatid\">$name (subcatid: $subcatid)</option>\n");
}
echo "</select>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Date:</label>";
echo "<input type='text' name='modified' class='form-control' value='".$row['modified']."' data-role='calendarpicker' data-format='%d %B %Y'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Price:</label>";
echo "<input type='text' name='price' class='form-control' value='".$row['price']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Image:</label>";
echo "<img style='float: left; margin-right: 25px; margin-bottom: 10px; width:50px; height:50px;' src='" . $_SESSION['picalt'] ."'>";
echo "<input type='file' name='pic' placeholder='load image' required />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Description:</label>";
echo "<textarea name='description' class='form-control' data-role='textarea'>".$row['description']."</textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Edit the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}else {
display_edit_articles();
}
function display_edit_articles(){
$sqlstr = "select * from lab_tblarticles ORDER BY id";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tblarticles</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditArticles'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Number</th>";
echo "<th>Name</th>";
echo "<th>Subcatid</th>";
echo "<th>Date</th>";
echo "<th>Pic</th>";
echo "<th>Price</th>";
echo "<th>Description</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["number"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["subcatid"] . "</td>";
echo "<td>" . date('d.m.Y', strtotime($row["modified"])) . "</td>";
echo "<td><img style='float: left; margin-right: 25px; margin-bottom: 10px; width:50px; height:50px;' src='" . $row['pic'] ."'></td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
function picdelelte($pic) {
if ( file_exists($pic) ) {
if( @unlink($pic) !== true )
throw new Exception('Could not delete file: ' . $pic . ' Please close all applications that are using it.');
}
return true;
}
?>
4.7.3 Artikel-Daten aus der Datenbank löschen (labdeletearticles.php)
Wenn ein Benutzer angemeldet ist, können u.a. Datensätze aus den entsprechenden Tabellen in dem Fall (lab_tblarticles) gelöscht werden. Die Abb.4.7.6 und Abb.4.7.7 zeigen den Ablauf, um einen Datensatz aus der Tabelle (lab_tblarticles) zu löschen.
Abb. 4.7.6 Artikel-Tabellenformular für das Löschen eines Datensatzes (labdeletearticles.php)
Abb. 4.7.7 Artikel-Formular für das Löschen eines Datensatzes (labdeletearticles.php)
Der Inhalt der Datei (labdeletearticles.php)
<?php
session_start();
if(isset($_POST['send'])){
$sqlstr = "delete from lab_tblarticles where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("erroror inserting data ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkgreen fg-white'>";
echo "record has been added to the database!";
echo "</div>";
echo "</div></div>";
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblarticles where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete article - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' action='".$url."?section=DeleteArticles' enctype='multipart/form-data'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Number:</label>";
echo "<input type='text' name='number' class='form-control' value='".$row['number']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Subcategory name:</label>";
echo "<select name='subcatid' class='form-control' data-role='select'>";
$sqlstr = "SELECT id, name FROM lab_tblsubcategories ORDER BY name ASC";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
while (list ($subcatid, $name) = mysql_fetch_row ($res)) {
echo ("<option value=\"$subcatid\">$name (subcatid: $subcatid)</option>\n");
}
echo "</select>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Date:</label>";
echo "<input type='text' name='modified' class='form-control' value='".$row['modified']."' data-role='calendarpicker' data-format='%d %B %Y'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Price:</label>";
echo "<input type='text' name='price' class='form-control' value='".$row['price']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Image:</label>";
echo "<img style='float: left; margin-right: 25px; margin-bottom: 10px; width:50px; height:50px;' src='" . $row['pic'] ."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Description:</label>";
echo "<textarea name='description' class='form-control' data-role='textarea'>".$row['description']."</textarea>";
echo "</div>";
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Delete the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}else {
display_delete_articles();
}
function display_delete_articles(){
$sqlstr = "select * from lab_tblarticles ORDER BY id";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete the database: <small>lab_tblarticles</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteArticles'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Number</th>";
echo "<th>Name</th>";
echo "<th>Subcatid</th>";
echo "<th>Date</th>";
echo "<th>Pic</th>";
echo "<th>Price</th>";
echo "<th>Description</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["number"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["subcatid"] . "</td>";
echo "<td>" . date('d.m.Y', strtotime($row["modified"])) . "</td>";
echo "<td><img style='float: left; margin-right: 25px; margin-bottom: 10px; width:50px; height:50px;' src='" . $row['pic'] ."'></td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . $row["description"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.10.10 Benutzer-Daten in die Datenbank hinzufügen (labinsertcustomers.php)
Wenn der Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tblcustomers) hinzugefügt werden. Die Abb.4.10.10-1 und Abb.4.10.10-2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblcustomers) hinzuzufügen.
Abb. 4.10.10-1 Benutzer-Formular für einen neuen Datensatz (labinsertcustomers.php)
Abb. 4.10.10-2 Hinzugefügter Datensatz (labinsertcustomers.php)
Der Inhalt der Datei (labinsertcustomers.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["registered"])) {
$registered=1;
}else {
$registered=0;
}
$sqlstr = "insert lab_tblcustomers"
. "(name, prename, address, postcode, city, region, country, phone, email, password, registered) values "
. "('" . $_POST["name"] . "', "
. "'" . $_POST["prename"] . "', "
. "'" . $_POST["address"] . "', "
. "'" . $_POST["postcode"] . "', "
. "'" . $_POST["city"] . "', "
. "'" . $_POST["region"] . "', "
. "'" . $_POST["country"] . "', "
. "'" . $_POST["phone"] . "', "
. "'" . $_POST["email"] . "', "
. "'" . MD5($_POST["password"]) . "', "
. "'" . $_POST["registered"] . "')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
display_list_customers();
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Insert Customer - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=InsertCustomers'>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputName'>Name:</label>";
echo "<input type='text' name='name' class='form-control' id='inputName' placeholder='Enter Name'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPrename'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' id='inputPrename' placeholder='Enter Prename'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputAddress'>Address:</label>";
echo "<input type='text' name='address' class='form-control' id='inputAddress' placeholder='Enter Address'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPostcode'>Postcode:</label>";
echo "<input type='text' name='postcode' class='form-control' id='inputPostcode' placeholder='Enter Postcode'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputCity'>City:</label>";
echo "<input type='text' name='city' class='form-control' id='inputCity' placeholder='Enter City'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputRegion'>Region:</label>";
echo "<input type='text' name='region' class='form-control' id='inputRegion' placeholder='Enter Region'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputCountry'>Country:</label>";
echo "<input type='text' name='country' class='form-control' id='inputCountry' placeholder='Enter Country'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPhonenumber'>Phonenumber:</label>";
echo "<input type='text' name='phone' class='form-control' id='inputPhonenumber' placeholder='Enter Phonenumber'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputEmail'>Email-Address:</label>";
echo "<input type='text' name='email' class='form-control' id='inputEmail' placeholder='Enter Email-Address'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPassword'>Password:</label>";
echo "<input type='password' name='password' class='form-control' id='inputPassword' placeholder='Enter Password'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='registered'>";
echo "<small class='text-muted'>If the customer should be registered, the checkbox must be clicked!</small>";
echo "</div>";
echo "<div class='form-group'>";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-send'></span> Insert the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
}
function display_list_customers(){
$sqlstr = "select * from lab_tblcustomers ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tblcustomers</small></h2>
</div>
<div class='panel-body'>";
echo "<h2>Insert the database: <small>lab_tblcustomers</small><h2><br />";
echo "<div class='table-responsive'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Address</th>";
echo "<th>Postcode</th>";
echo "<th>City</th>";
echo "<th>Region</th>";
echo "<th>Country</th>";
echo "<th>Phone</th>";
echo "<th>Email</th>";
echo "<th>password</th>";
echo "<th>Registered</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["address"] . "</td>";
echo "<td>" . $row["postcode"] . "</td>";
echo "<td>" . $row["city"] . "</td>";
echo "<td>" . $row["region"] . "</td>";
echo "<td>" . $row["country"] . "</td>";
echo "<td>" . $row["phone"] . "</td>";
echo "<td>" . MD5($row["email"]) . "</td>";
echo "<td>" . $row["password"] . "</td>";
echo "<td>" . $row["registered"] . "</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.10.11 Benutzer-Daten in die Datenbank ändern (labeditcustomers.php)
Wenn der Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tblcustomers) geändert werden. Die Abb.4.10.11-1 und Abb.4.10.11-2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblcustomers) zu ändern.
Abb. 4.10.11-1 Benutzer-Tabellenformular für die Änderung eines Datensatzes (labeditcustomers.php)
Abb. 4.10.11-2 Benutzer-Formular für die Änderung eines Datensatzes (labeditcustomers.php)
Der Inhalt der Datei (labeditcustomers.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["registered"])) {
$registered=1;
}else {
$registered=0;
}
$sqlstr = "update lab_tblcustomers set "
. " name = '" . $_POST["name"] . "',"
. " prename = '" . $_POST["prename"] . "',"
. " address = '" . $_POST["address"] . "',"
. " postcode = '" . $_POST["postcode"] . "',"
. " city = '" . $_POST["city"] . "',"
. " region = '" . $_POST["region"] . "',"
. " country = '" . $_POST["country"] . "',"
. " phone = '" . $_POST["phone"] . "',"
. " email = '" . $_POST["email"] . "',"
. " password = '" . MD5($_POST["password"]) . "',"
. " registered = '" . $_POST["registered"] . "'"
. " where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "The record has not been changed!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblcustomers where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit customer - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditCustomers'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' value='".$row['prename']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Address:</label>";
echo "<input type='text' name='address' class='form-control' value='".$row['address']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Postcode:</label>";
echo "<input type='text' name='postcode' class='form-control' value='".$row['postcode']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>City:</label>";
echo "<input type='text' name='city' class='form-control' value='".$row['city']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Region:</label>";
echo "<input type='text' name='region' class='form-control' value='".$row['region']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Country:</label>";
echo "<input type='text' name='country' class='form-control' value='".$row['country']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Phonenumber:</label>";
echo "<input type='text' name='phone' class='form-control' value='".$row['phone']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Email-address:</label>";
echo "<input type='email' name='email' class='form-control' value='".$row['email']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Password:</label>";
echo "<input type='password' name='password' class='form-control' value='".$row['password']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='registered' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='registered'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Edit the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_edit_customers();
}
function display_edit_customers(){
$sqlstr = "select * from lab_tblcustomers ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tblcustomers</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditCustomers'>";
echo "<div class='table-responsive'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Idd</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Address</th>";
echo "<th>Postcode</th>";
echo "<th>City</th>";
echo "<th>Region</th>";
echo "<th>Country</th>";
echo "<th>Phone</th>";
echo "<th>Email</th>";
echo "<th>password</th>";
echo "<th>Registered</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["address"] . "</td>";
echo "<td>" . $row["postcode"] . "</td>";
echo "<td>" . $row["city"] . "</td>";
echo "<td>" . $row["region"] . "</td>";
echo "<td>" . $row["country"] . "</td>";
echo "<td>" . $row["phone"] . "</td>";
echo "<td>" . $row["email"] . "</td>";
echo "<td>" . MD5($row["password"]) . "</td>";
echo "<td>" . $row["registered"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.10.12 Benutzer-Daten aus der Datenbank löschen (labdeletecustomers.php)
Wenn Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tblcustomerss) gelöscht werden. Die Abb.4.10.12-1 und Abb.4.10.12-2 zeigen den Ablauf, um einen Datensatz aus der Tabelle (lab_tblcustomers) zu löschen.
Abb. 4.10.12-1 Benutzer-Tabellenformular für das Löschen eines Datensatzes (labdeletecustomers.php)
Abb. 4.10.12-2 Benutzer-Formular für das Löschen eines Datensatzes (labdeletecustomers.php)
Der Inhalt der Datei (labdeletecustomers.php)
<?php
session_start();
if(isset($_POST['send'])){
$sqlstr = "delete from lab_tblcustomers where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "The record has not been changed!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tblcustomers where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete customer - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteCustomers'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' value='".$row['prename']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Address:</label>";
echo "<input type='text' name='address' class='form-control' value='".$row['address']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Postcode:</label>";
echo "<input type='text' name='postcode' class='form-control' value='".$row['postcode']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>City:</label>";
echo "<input type='text' name='city' class='form-control' value='".$row['city']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Region:</label>";
echo "<input type='text' name='region' class='form-control' value='".$row['region']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Country:</label>";
echo "<input type='text' name='country' class='form-control' value='".$row['country']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Phonenumber:</label>";
echo "<input type='text' name='phone' class='form-control' value='".$row['phone']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Email:</label>";
echo "<input type='email' name='email' class='form-control' value='".$row['email']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Password:</label>";
echo "<input type='password' name='password' class='form-control' value='".$row['password']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='activ' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='activ'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Delete the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_delete_categories();
}
function display_delete_categories(){
$sqlstr = "select * from lab_tblcustomers ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete the database: <small>lab_tblcustomers</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteCustomers'>";
echo "<div class='table-responsive'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Idd</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Address</th>";
echo "<th>Postcode</th>";
echo "<th>City</th>";
echo "<th>Region</th>";
echo "<th>Country</th>";
echo "<th>Phone</th>";
echo "<th>Email</th>";
echo "<th>password</th>";
echo "<th>Registered</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["address"] . "</td>";
echo "<td>" . $row["postcode"] . "</td>";
echo "<td>" . $row["city"] . "</td>";
echo "<td>" . $row["region"] . "</td>";
echo "<td>" . $row["country"] . "</td>";
echo "<td>" . $row["phone"] . "</td>";
echo "<td>" . $row["email"] . "</td>";
echo "<td>" . MD5($row["password"]) . "</td>";
echo "<td>" . $row["registered"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.10.13 Benutzer-Daten in die Datenbank hinzufügen (labinsertdeliveries.php)
Wenn der Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tbldeliveries) hinzugefügt werden. Die Abb.4.10.13-1 und Abb.4.10.13-2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tbldeliveries) hinzuzufügen.
Abb. 4.10.13-2 Benutzer-Formular für einen neuen Datensatz (labinsertdeliveries.php)
Abb. 4.10.13-2 Hinzugefügter Datensatz (labinsertdeliveries.php)
Der Inhalt der Datei (labinsertdeliveries.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["registered"])) {
$registered=1;
}else {
$registered=0;
}
$sqlstr = "insert lab_tbldeliveries"
. "(name, prename, address, postcode, city, region, country, phone, email, password, registered) values "
. "('" . $_POST["name"] . "', "
. "'" . $_POST["prename"] . "', "
. "'" . $_POST["address"] . "', "
. "'" . $_POST["postcode"] . "', "
. "'" . $_POST["city"] . "', "
. "'" . $_POST["region"] . "', "
. "'" . $_POST["country"] . "', "
. "'" . $_POST["phone"] . "', "
. "'" . $_POST["email"] . "', "
. "'" . MD5($_POST["password"]) . "', "
. "'" . $_POST["registered"] . "')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
display_list_deliveries();
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Insert Customer - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=InsertDeliveries'>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputName'>Name:</label>";
echo "<input type='text' name='name' class='form-control' id='inputName' placeholder='Enter Name'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPrename'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' id='inputPrename' placeholder='Enter Prename'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputAddress'>Address:</label>";
echo "<input type='text' name='address' class='form-control' id='inputAddress' placeholder='Enter Address'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPostcode'>Postcode:</label>";
echo "<input type='text' name='postcode' class='form-control' id='inputPostcode' placeholder='Enter Postcode'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputCity'>City:</label>";
echo "<input type='text' name='city' class='form-control' id='inputCity' placeholder='Enter City'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputRegion'>Region:</label>";
echo "<input type='text' name='region' class='form-control' id='inputRegion' placeholder='Enter Region'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputCountry'>Country:</label>";
echo "<input type='text' name='country' class='form-control' id='inputCountry' placeholder='Enter Country'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPhonenumber'>Phonenumber:</label>";
echo "<input type='text' name='phone' class='form-control' id='inputPhonenumber' placeholder='Enter Phonenumber'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputEmail'>Email-Address:</label>";
echo "<input type='text' name='email' class='form-control' id='inputEmail' placeholder='Enter Email-Address'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPassword'>Password:</label>";
echo "<input type='password' name='password' class='form-control' id='inputPassword' placeholder='Enter Password'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='registered'>";
echo "<small class='text-muted'>If the customer should be registered, the checkbox must be clicked!</small>";
echo "</div>";
echo "<div class='form-group'>";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-send'></span> Insert the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
}
function display_list_deliveries(){
$sqlstr = "select * from lab_tbldeliveries ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tbldeliveries</small></h2>
</div>
<div class='panel-body'>";
echo "<h2>Insert the database: <small>lab_tbldeliveries</small><h2><br />";
echo "<div class='table-responsive'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Address</th>";
echo "<th>Postcode</th>";
echo "<th>City</th>";
echo "<th>Region</th>";
echo "<th>Country</th>";
echo "<th>Phone</th>";
echo "<th>Email</th>";
echo "<th>password</th>";
echo "<th>Registered</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["address"] . "</td>";
echo "<td>" . $row["postcode"] . "</td>";
echo "<td>" . $row["city"] . "</td>";
echo "<td>" . $row["region"] . "</td>";
echo "<td>" . $row["country"] . "</td>";
echo "<td>" . $row["phone"] . "</td>";
echo "<td>" . MD5($row["email"]) . "</td>";
echo "<td>" . $row["password"] . "</td>";
echo "<td>" . $row["registered"] . "</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.10.14 Benutzer-Daten in die Datenbank ändern (labeditdeliveries.php)
Wenn der Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tbldeliveries) geändert werden. Die Abb.4.10.14-1 und Abb.4.10.14-2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tbldeliveries) zu ändern.
Abb. 4.10.14-1 Benutzer-Tabellenformular für die Änderung eines Datensatzes (labeditdeliveries.php)
Abb. 4.10.14-2 Benutzer-Formular für die Änderung eines Datensatzes (labeditdeliveries.php)
Der Inhalt der Datei (labeditdeliveries.php)
<?php
session_start();
if(isset($_POST['send'])){
if(isset($_POST["activ"])) {
$registered=1;
}else {
$registered=0;
}
$sqlstr = "update lab_tbldeliveries set "
. " name = '" . $_POST["name"] . "',"
. " prename = '" . $_POST["prename"] . "',"
. " address = '" . $_POST["address"] . "',"
. " postcode = '" . $_POST["postcode"] . "',"
. " city = '" . $_POST["city"] . "',"
. " region = '" . $_POST["region"] . "',"
. " country = '" . $_POST["country"] . "',"
. " phone = '" . $_POST["phone"] . "',"
. " email = '" . $_POST["email"] . "',"
. " registered = '" . $registered . "'"
. " where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "The record has not been changed!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tbldeliveries where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit delivery - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditDeliveries'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' value='".$row['prename']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Address:</label>";
echo "<input type='text' name='address' class='form-control' value='".$row['address']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Postcode:</label>";
echo "<input type='text' name='postcode' class='form-control' value='".$row['postcode']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Delivery city:</label>";
echo "<input type='text' name='city' class='form-control' value='".$row['city']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Region:</label>";
echo "<input type='text' name='region' class='form-control' value='".$row['region']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Country:</label>";
echo "<input type='text' name='country' class='form-control' value='".$row['country']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Phonenumber:</label>";
echo "<input type='text' name='phone' class='form-control' value='".$row['phone']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Email-address:</label>";
echo "<input type='email' name='email' class='form-control' value='".$row['email']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Password:</label>";
echo "<input type='password' name='password' class='form-control' value='".$row['password']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='registered' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='registered'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Edit the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_edit_deliveries();
}
function display_edit_deliveries(){
$sqlstr = "select * from lab_tbldeliveries ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Edit the database: <small>lab_tbldeliveries</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditDeliveries'>";
echo "<div class='table-responsive'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Idd</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Address</th>";
echo "<th>Postcode</th>";
echo "<th>City</th>";
echo "<th>Region</th>";
echo "<th>Country</th>";
echo "<th>Phone</th>";
echo "<th>Email</th>";
echo "<th>password</th>";
echo "<th>Registered</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["address"] . "</td>";
echo "<td>" . $row["postcode"] . "</td>";
echo "<td>" . $row["city"] . "</td>";
echo "<td>" . $row["region"] . "</td>";
echo "<td>" . $row["country"] . "</td>";
echo "<td>" . $row["phone"] . "</td>";
echo "<td>" . $row["email"] . "</td>";
echo "<td>" . MD5($row["password"]) . "</td>";
echo "<td>" . $row["registered"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.10.15 Benutzer-Daten aus der Datenbank löschen (labdeletedeliveries.php)
Wenn Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tbldeliveriess) gelöscht werden. Die Abb.4.10.15-1 und Abb.4.10.15-2 zeigen den Ablauf, um einen Datensatz aus der Tabelle (lab_tbldeliveries) zu löschen.
Abb. 4.10.15-1 Benutzer-Tabellenformular für das Löschen eines Datensatzes (labdeletedeliveries.php)
Abb. 4.10.15-2 Benutzer-Formular für das Löschen eines Datensatzes (labdeletedeliveries.php)
Der Inhalt der Datei (labdeletedeliveries.php)
<?php
session_start();
if(isset($_POST['send'])){
$sqlstr = "delete from lab_tbldeliveries where id = " . $_POST["oripn"];
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num<=0) {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "The record has not been changed!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}
if (isset($_POST["selectID"])) {
$sqlstr = "select * from lab_tbldeliveries where id = " . $_POST["selectID"];
$res = mysql_query($sqlstr);
$row = mysql_fetch_assoc($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete delivery - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteDeliveries'>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Id:</label>";
echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Name:</label>";
echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' value='".$row['prename']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Address:</label>";
echo "<input type='text' name='address' class='form-control' value='".$row['address']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Postcode:</label>";
echo "<input type='text' name='postcode' class='form-control' value='".$row['postcode']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>City:</label>";
echo "<input type='text' name='city' class='form-control' value='".$row['city']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Region:</label>";
echo "<input type='text' name='region' class='form-control' value='".$row['region']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Country:</label>";
echo "<input type='text' name='country' class='form-control' value='".$row['country']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Delivery phonenumber:</label>";
echo "<input type='text' name='phone' class='form-control' value='".$row['phone']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Email:</label>";
echo "<input type='email' name='email' class='form-control' value='".$row['email']."'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label'>Password:</label>";
echo "<input type='password' name='password' class='form-control' value='".$row['password']."'>";
echo "</div>";
if ($row['activ'] ==1){
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='activ' checked>";
echo "</div>";
} else {
echo "<div class='form-group'>";
echo "<label>Registered : </label>";
echo "<input type='checkbox' name='activ'>";
echo "</div>";
}
echo "<div class='form-group'>";
echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-edit'></span> Delete the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
} else {
display_delete_categories();
}
function display_delete_categories(){
$sqlstr = "select * from lab_tbldeliveries ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Delete the database: <small>lab_tbldeliveries</small></h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteDeliveries'>";
echo "<div class='table-responsive'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Idd</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Address</th>";
echo "<th>Postcode</th>";
echo "<th>City</th>";
echo "<th>Region</th>";
echo "<th>Country</th>";
echo "<th>Phone</th>";
echo "<th>Email</th>";
echo "<th>password</th>";
echo "<th>Registered</th>";
echo "<th>Select</th>";
echo "</tr>";
echo "</thead><tbody>";
$n=1;
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["address"] . "</td>";
echo "<td>" . $row["postcode"] . "</td>";
echo "<td>" . $row["city"] . "</td>";
echo "<td>" . $row["region"] . "</td>";
echo "<td>" . $row["country"] . "</td>";
echo "<td>" . $row["phone"] . "</td>";
echo "<td>" . $row["email"] . "</td>";
echo "<td>" . MD5($row["password"]) . "</td>";
echo "<td>" . $row["registered"] . "</td>";
echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "<button type='submit' class='btn btn-primary'>
<span class='fa fa-edit'></span> View the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>4.8.1 Benutzer-Daten in die Datenbank hinzufügen (labinsertusers.php)
Wenn der Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tblusers) hinzugefügt werden. Die Abb.4.8.1 und Abb.4.8.2 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblusers) hinzuzufügen.
Abb. 4.8.1 Benutzer-Formular für einen neuen Datensatz (labinsertusers.php)
Abb. 4.8.2 Hinzugefügter Datensatz (labinsertusers.php)
Der Inhalt der Datei (labinsertusers.php)
<?php
session_start();
if(isset($_POST['send'])){
$sqlstr = "insert lab_tblusers"
. "(name, prename, modified, email, password) values "
. "('" . $_POST["name"] . "', "
. "'" . $_POST["prename"] . "', "
. "'" . $_POST["modified"] . "', "
. "'" . $_POST["email"] . "', "
. "'" . md5($row['password']) . "')";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_affected_rows();
if ($num>0) {
display_list_users();
} else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='bg-darkred fg-white'>";
echo "No record has been added to the database!";
echo "</div>";
echo "</div></div>";
}
mysql_free_result($res);
}else {
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-6'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>Insert user - Form</h2>
</div>
<div class='panel-body'>";
echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=InsertUsers'>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputName'>Name:</label>";
echo "<input type='text' name='name' class='form-control' id='inputName' placeholder='Enter name'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPrename'>Prename:</label>";
echo "<input type='text' name='prename' class='form-control' id='inputPrename' placeholder='Enter prename'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputModified'>Modified:</label>";
echo "<input type='text' name='modified' class='form-control' id='inputModified' placeholder='Enter modified'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputEmail'>Email:</label>";
echo "<input type='email' name='email' class='form-control' id='inputEmail' placeholder='Enter email'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<label class='control-label' for='inputPassword'>Password:</label>";
echo "<input type='password' name='password' class='form-control' id='inputPassword' placeholder='Enter password'>";
echo "</div>";
echo "<div class='form-group'>";
echo "<button type='submit' name='send' class='btn btn-primary'>
<span class='fa fa-send'></span> Insert the record</button>";
echo "</div>";
echo "</form>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
}
function display_list_users(){
$sqlstr = "select * from lab_tblusers ORDER BY id ";
$res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error());
$num = mysql_num_rows($res);
echo "<div id='page-wrapper'><div class='container-fluid'>";
echo "<div class='row'>
<div class='col-md-12'>
<div class='panel panel-primary'>
<div class='panel-heading'>
<h2 class='panel-title'>List the database: <small>lab_tblusers</small></h2>
</div>
<div class='panel-body'>";
echo "<table class='table'>";
echo "<thead>";
echo "<tr><th>Id</th>";
echo "<th>Name</th>";
echo "<th>Prename</th>";
echo "<th>Modified</th>";
echo "<th>Email</th>";
echo "<th>Password</th>";
echo "</tr>";
echo "</thead><tbody>";
while ($row = mysql_fetch_assoc($res)) {
echo "<tr>";
echo "<td>" . $row["id"] . "</td>";
echo "<td>" . $row["name"] . "</td>";
echo "<td>" . $row["prename"] . "</td>";
echo "<td>" . $row["modified"] . "</td>";
echo "<td>" . $row["email"] . "</td>";
echo "<td>" . $row["password"] . "</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
echo "</div>";
echo "</div></div>";
echo "</div></div>";
mysql_free_result($res);
}
?>
4.8.2 Benutzer-Daten in die Datenbank ändern (labeditusers.php)
Wenn der Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tblusers) geändert werden. Die Abb.4.8.3 und Abb.4.8.4 zeigen den Ablauf, um einen Datensatz in die Tabelle (lab_tblusers) zu ändern.
Abb. 4.8.3 Benutzer-Tabellenformular für die Änderung eines Datensatzes (labeditusers.php)
Abb. 4.8.4 Benutzer-Formular für die Änderung eines Datensatzes (labeditusers.php)
Der Inhalt der Datei (labeditusers.php)
<?php session_start(); if(isset($_POST['send']) && check_admin_user()){ $sqlstr = "update lab_tblusers set " . " name = '" . $_POST["name"] . "'," . " prename = '" . $_POST["prename"] . "'," . " modified = '" . $_POST["modified"] . "'," . " email = '" . $_POST["email"] . "'," . " password = '" . md5($_POST["password"]) . "'" . " where id = " . $_POST["oripn"]; $res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error()); $num = mysql_affected_rows(); if ($num<=0) { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='bg-darkred fg-white'>"; echo "No record has been changed!"; echo "</div>"; echo "</div></div>"; } } if (isset($_POST["selectID"])) { $sqlstr = "select * from lab_tblusers where id = " . $_POST["selectID"]; $res = mysql_query($sqlstr); $row = mysql_fetch_assoc($res); echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='row'> <div class='col-md-6'> <div class='panel panel-primary'> <div class='panel-heading'> <h2 class='panel-title'>Edit user - Form</h2> </div> <div class='panel-body'>"; echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditUsers'>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Id:</label>"; echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Name:</label>"; echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Prename:</label>"; echo "<input type='text' name='prename' class='form-control' value='".$row['prename']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Modified:</label>"; echo "<input type='text' name='modified' class='form-control' value='".$row['modified']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Email:</label>"; echo "<input type='email' name='email' class='form-control' value='".$row['email']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Password:</label>"; echo "<input type='password' name='password' class='form-control' value='".$row['password']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />"; echo "<button type='submit' name='send' class='btn btn-primary'> <span class='fa fa-edit'></span> Delete the record</button>"; echo "</div>"; echo "</form>"; echo "</div>"; echo "</div>"; echo "</div></div>"; echo "</div></div>"; mysql_free_result($res); } else { display_edit_users(); } function display_edit_users(){ $sqlstr = "select * from lab_tblusers ORDER BY id "; $res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error()); $num = mysql_num_rows($res); echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='row'> <div class='col-md-12'> <div class='panel panel-primary'> <div class='panel-heading'> <h2 class='panel-title'>Edit the database: <small>lab_tblusers</small></h2> </div> <div class='panel-body'>"; echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=EditUsers'>"; echo "<table class='table'>"; echo "<thead>"; echo "<tr><th>Id</th>"; echo "<th>Name</th>"; echo "<th>Prename</th>"; echo "<th>Modified</th>"; echo "<th>Email</th>"; echo "<th>Password</th>"; echo "<th>Select</th>"; echo "</tr>"; echo "</thead><tbody>"; $n=1; while ($row = mysql_fetch_assoc($res)) { echo "<tr>"; echo "<td>" . $row["id"] . "</td>"; echo "<td>" . $row["name"] . "</td>"; echo "<td>" . $row["prename"] . "</td>"; echo "<td>" . $row["modified"] . "</td>"; echo "<td>" . $row["email"] . "</td>"; echo "<td>" . md5($row["password"]) . "</td>"; echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>"; echo "</tr>"; } echo "</tbody></table>"; echo "<button type='submit' class='btn btn-primary'> <span class='fa fa-edit'></span> View the record</button>"; echo "</form>"; echo "</div>"; echo "</div>"; echo "</div></div>"; echo "</div></div>"; mysql_free_result($res); } ?>
4.8.3 Benutzer-Daten aus der Datenbank löschen (labdeleteusers.php)
Wenn Hauptbenutzer angemeldet ist, können alle Datensätze in alle Tabellen u.a (lab_tblusers) gelöscht werden. Die Abb.4.8.5 und Abb.4.8.6 zeigen den Ablauf, um einen Datensatz aus der Tabelle (lab_tblusers) zu löschen.
Abb. 4.8.5 Benutzer-Tabellenformular für das Löschen eines Datensatzes (labdeleteusers.php)
Abb. 4.8.6 Benutzer-Formular für das Löschen eines Datensatzes (labdeleteusers.php)
Der Inhalt der Datei (labdeleteusers.php)
<?php session_start(); if(isset($_POST['send']) && check_admin_user()){ $sqlstr = $sqlstr = "delete from lab_tblusers where id = " . $_POST["oripn"]; $res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error()); $num = mysql_affected_rows(); if ($num<=0) { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='bg-darkred fg-white'>"; echo "No record has been changed!"; echo "</div>"; echo "</div></div>"; } } if (isset($_POST["selectID"])) { $sqlstr = "select * from lab_tblusers where id = " . $_POST["selectID"]; $res = mysql_query($sqlstr); $row = mysql_fetch_assoc($res); echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='row'> <div class='col-md-6'> <div class='panel panel-primary'> <div class='panel-heading'> <h2 class='panel-title'>Delete user - Form</h2> </div> <div class='panel-body'>"; echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteUsers'>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Id:</label>"; echo "<input type='text' name='id' class='form-control' value='" . $_POST["selectID"] . "' disabled />"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Name:</label>"; echo "<input type='text' name='name' class='form-control' value='".$row['name']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Prename:</label>"; echo "<input type='text' name='prename' class='form-control' value='".$row['prename']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Modified:</label>"; echo "<input type='text' name='modified' class='form-control' value='".$row['modified']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Email:</label>"; echo "<input type='email' name='email' class='form-control' value='".$row['email']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<label class='control-label'>Password:</label>"; echo "<input type='password' name='password' class='form-control' value='".$row['password']."'>"; echo "</div>"; echo "<div class='form-group'>"; echo "<input type='hidden' name='oripn' value='" . $_POST["selectID"] . "' />"; echo "<button type='submit' name='send' class='btn btn-primary'> <span class='fa fa-edit'></span> Delete the record</button>"; echo "</div>"; echo "</form>"; echo "</div>"; echo "</div>"; echo "</div></div>"; echo "</div></div>"; mysql_free_result($res); } else { display_edit_users(); } function display_edit_users(){ $sqlstr = "select * from lab_tblusers ORDER BY id "; $res = mysql_query($sqlstr) or die ("no connection to the database ".mysql_error()); $num = mysql_num_rows($res); echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='row'> <div class='col-md-12'> <div class='panel panel-primary'> <div class='panel-heading'> <h2 class='panel-title'>Delete the database: <small>lab_tblusers</small></h2> </div> <div class='panel-body'>"; echo "<form method='post' enctype='multipart/form-data' action='".$url."?section=DeleteUsers'>"; echo "<table class='table'>"; echo "<thead>"; echo "<tr><th>Id</th>"; echo "<th>Name</th>"; echo "<th>Prename</th>"; echo "<th>Modified</th>"; echo "<th>Email</th>"; echo "<th>Password</th>"; echo "<th>Select</th>"; echo "</tr>"; echo "</thead><tbody>"; $n=1; while ($row = mysql_fetch_assoc($res)) { echo "<tr>"; echo "<td>" . $row["id"] . "</td>"; echo "<td>" . $row["name"] . "</td>"; echo "<td>" . $row["prename"] . "</td>"; echo "<td>" . $row["modified"] . "</td>"; echo "<td>" . $row["email"] . "</td>"; echo "<td>" . md5($row["password"]) . "</td>"; echo "<td><input type='checkbox' name='selectID' value='" . $row["id"] . "' data-role='checkbox'></td>"; echo "</tr>"; } echo "</tbody></table>"; echo "<button type='submit' class='btn btn-primary'> <span class='fa fa-edit'></span> View the record</button>"; echo "</form>"; echo "</div>"; echo "</div>"; echo "</div></div>"; echo "</div></div>"; mysql_free_result($res); }?>
4.10 Erweiterungen für den Warenkorb
Um den Warenkorb im Shopsystem zu vervollständigen, werden folgende Änderungen und Dateien vorgenommen:4.10.1 Kundentabelle
Um die Kundendaten zu verwalten, legen wir eine Tabelle mit folgenden Feldern fest:
Abb. 4.10.1 Datenbanktabelle (lab_tblcustomers)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblcustomers).
Die Kategorien und Unterkategorien werden auf dem linken Bereich angezeigt. Um einen Artikel zu anzuzeigen, müssen
die entsprechenden Kategorie und Unterkategorie gewählt werden.
CREATE TABLE IF NOT EXISTS `lab_tblcustomers` ( `id` int(11) NOT NULL, `name` varchar(50) CHARACTER SET latin1 NOT NULL, `prename` varchar(50) CHARACTER SET latin1 NOT NULL, `address` varchar(50) CHARACTER SET latin1 NOT NULL, `postcode` varchar(10) CHARACTER SET latin1 NOT NULL, `city` varchar(50) CHARACTER SET latin1 NOT NULL, `region` varchar(50) NOT NULL, `country` varchar(50) CHARACTER SET latin1 NOT NULL, `phone` varchar(20) CHARACTER SET latin1 NOT NULL, `email` varchar(150) CHARACTER SET latin1 NOT NULL, `password` varchar(100) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, `registered` tinyint(1) NOT NULL ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
ALTER TABLE `lab_tblcustomers` ADD PRIMARY KEY (`id`);Die Inhalte der Tabelle (lab_tblcustomers) kann wie folgt aussehen. Dabei hat das Feld (registered) die Aufgabe, einen Kunden anzuzeigen(registered=1) oder auszublenden(registered=0)
4.10.2 Versandtabelle
Um die Versanddaten (Lieferservice) zu verwalten, legen wir eine Tabelle mit folgenden Feldern fest:Abb. 4.10.2 Datenbanktabelle (lab_tbldeliveries)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tbldeliveries).
CREATE TABLE IF NOT EXISTS `lab_tbldeliveries` ( `id` int(11) NOT NULL, `name` varchar(50) CHARACTER SET latin1 NOT NULL, `prename` varchar(50) CHARACTER SET latin1 NOT NULL, `address` varchar(50) CHARACTER SET latin1 NOT NULL, `postcode` varchar(10) CHARACTER SET latin1 NOT NULL, `city` varchar(50) CHARACTER SET latin1 NOT NULL, `region` varchar(50) COLLATE latin1_general_ci NOT NULL, `country` varchar(50) CHARACTER SET latin1 NOT NULL, `phone` varchar(20) CHARACTER SET latin1 NOT NULL, `email` varchar(150) CHARACTER SET latin1 NOT NULL, `registered` tinyint(1) NOT NULL ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
ALTER TABLE `lab_tbldeliveries` ADD PRIMARY KEY (`id`);Die Inhalte der Tabelle (lab_tbldeliveries) kann wie folgt aussehen. Dabei hat das Feld (registered) die Aufgabe, eine Lieferfirma anzuzeigen(registered=1) oder auszublenden(registered=0)
4.10.3 Auftragstabelle
Um die Auftragsdaten zu verwalten, legen wir eine Tabelle mit folgenden Feldern fest:Abb. 4.10.3 Datenbanktabelle (lab_tblorders)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblorders).
CREATE TABLE IF NOT EXISTS `lab_tblorders` ( `id` int(11) NOT NULL, `customerid` int(11) NOT NULL, `deliveryid` int(11) NOT NULL, `registernumber` int(11) NOT NULL, `date` datetime NOT NULL, `status` tinyint(1) NOT NULL, `session` varchar(100) CHARACTER SET utf8 NOT NULL, `total` float NOT NULL ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
ALTER TABLE `lab_tblorders` ADD PRIMARY KEY (`id`);Die Inhalte der Tabelle (lab_tblorders) kann wie folgt aussehen. Dabei hat das Feld (status) die Aufgabe, den Auftragsstatus anzuzeigen(status=1) oder auszublenden(status=0)
4.10.4 Bestellartikel-Tabelle
Um die Bestellartikeldaten zu verwalten, legen wir eine Tabelle mit folgenden Feldern fest:Abb. 4.10.4 Datenbanktabelle (lab_tblorderitems)
Hier der SQL-Code zur Erzeugung der Datenbanktabelle (lab_tblorderitems).
CREATE TABLE IF NOT EXISTS `lab_tblorderitems` ( `id` int(11) NOT NULL, `orderid` int(11) NOT NULL, `number` int(11) NOT NULL, `quantity` int(11) NOT NULL, `price` float(5,2) NOT NULL ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
ALTER TABLE `lab_tblorderitems` ADD PRIMARY KEY (`id`);Die Inhalte der Tabelle (lab_tblorderitems) kann wie folgt aussehen.
4.10.5 Shop-Start
Wenn der Besucher den Menüpunkt (CART) wählt, wird die Datei (labshop.php) gestartet.Die Kategorien und Unterkategorien werden auf dem linken Bereich angezeigt. Um einen Artikel zu anzuzeigen, müssen
die entsprechenden Kategorie und Unterkategorie gewählt werden.
Abb. 4.10.5 Das Layout vom Shopsystem
Der Inhalt der Datei (labshop.php)
<?php session_start(); include("labconfig.php"); // Set session variables that we want to access within the function if(!$_SESSION['items']) $_SESSION['items'] = '0'; if(!$_SESSION['totalprice']) $_SESSION['totalprice'] = '0.00'; $subcatid = $_GET['subcatid']; do_shop_header('Shopsystem by Mehdi Bandegani'); display_shop_nav("labshop.php"); $url="labshowarticles.php"; if ($subcatid<=0 ) { $subcatid=1; } $article_array = get_articles($subcatid); display_shop_articles($article_array, $url); do_shop_footer(); ?>
4.10.6 labshowarticles.php
Vor dem Eintrag im Warenkorb den Artikel auszuwählen und die genaue Informationen über den Artikel anzuzeigen, dient die Datei labshowarticles.php. Die Funktiondisplay_articlesdetails() hat dafür die Aufgabe.
Diese Funktion befindet sich in der geänderten Datei (laboutput_fns.php).Der neue Inhalt der Datei (labshowarticles.php)
<?php
session_start();
include("labconfig.php");
$id = $_GET['id'];
$url = 'labshop.php';
do_shop_header('Shopsystem by Mehdi Bandegani');
display_shop_nav($url);
$article = get_articlesdetails($id);
display_articlesdetails($article, $id);
if ($url['subcatid']) {
$url = 'labshop.php?subcatid=' . $url['subcatid'];
}
do_shop_footer();
?>
4.10.7 labshowcart.php
Um die im Warenkorb vorhandene Artikel anzuzeigen, wurde die Datei (labshowcart.php) erstellt.Der neue Inhalt der Datei (labshowcart.php)
<?php session_start(); include("labconfig.php"); @ $new = $_GET['new']; if ($new) { // new article has been selected if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = array(); $_SESSION['items'] = 0; $_SESSION['totalprice'] = '0.00'; } if (isset($_SESSION['cart'][$new])) $_SESSION['cart'][$new]++; else $_SESSION['cart'][$new] = 1; $_SESSION['totalprice'] = calculate_price($_SESSION['cart']); $_SESSION['items'] = calculate_items($_SESSION['cart']); } if (isset($_POST['save'])) { foreach ($_SESSION['cart'] as $nummer => $qty) { if ($_POST[$nummer] == '0') unset($_SESSION['cart'][$nummer]); else $_SESSION['cart'][$nummer] = $_POST[$nummer]; } $_SESSION['totalprice'] = calculate_price($_SESSION['cart']); $_SESSION['items'] = calculate_items($_SESSION['cart']); } $url = 'labshop.php'; do_shop_header('Shopsystem by Mehdi Bandegani'); display_shop_nav($url); if ($_SESSION['cart'] && array_count_values($_SESSION['cart'])) display_cart($_SESSION['cart'], $url); else { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo "<div class='bg-darkred fg-white'>"; echo "You have no items in your shopping cart"; echo "</div>"; echo "</div></div>"; } if ($url['subcatid']) { $url = 'labshop.php?subcatid=' . $url['subcatid']; } if ($new) { $details = get_articlesdetails($new); if ($details['subcatid']) $url = 'labshop.php?subcatid=' . $details['subcatid']; } do_shop_footer(); ?>
4.10.8 labcheckout.php
Um die im Warenkorb vorhandene Artikel zum Versand bzw. für den Kunde vorzubereiten, wurde die Datei (labcheckout.php) erstellt.Der neue Inhalt der Datei (labcheckout.php)
<?php session_start(); include("labconfig.php"); $url = 'labshop.php'; do_shop_header('Shopsystem by Mehdi Bandegani'); display_shop_nav($url); if ($_SESSION['cart'] && array_count_values($_SESSION['cart'])) { display_cart($_SESSION['cart'], FALSE, 1); display_checkout_form(); } else { ?> <div class='row'> <div class="col-md-4 col-sm-4 col-xs-12"></div> <div class='col-md-4'> <span class='label label-success'>You have no items in your shopping cart.</span> </div></div> <?php } do_shop_footer(); ?>
4.10.9 labpurchase.php
Um die im Warenkorb vorhandene Artikel mit Kundendaten zum Ankauf zu veranlassen bzw. anzufertigen, wurde die Datei (labpurchase.php) erstellt.Der neue Inhalt der Datei (labpurchase.php)
<?php include("labconfig.php"); $url = 'labshop.php'; do_shop_header('Shopsystem by Mehdi Bandegani'); display_shop_nav($url); $name = $_POST['name']; $prename = $_POST['prename']; $address = $_POST['address']; $postcode = $_POST['postcode']; $city = $_POST['city']; $region = $_POST['region']; $country = $_POST['country']; $phone = $_POST['phone']; $email = $_POST['email']; $password = md5($_POST['password']); $registered = $_POST['registered']; if ($_SESSION['cart'] && $name && $prename && $address && $postcode && $city && $region && $country && $phone && $email && $password && $registered) { // Data record in database if (insert_order($_POST) != FALSE) { // Schopping cart display_cart($_SESSION['cart'], FALSE, 1); display_shipping(calculate_shipping_cost()); // Data for credit card display_card_form($name); echo "<a href='labshowcart.php' class='button'><span class='mif-add-shopping-cart'></span> add shopping</a> "; } else { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo 'Could not save your data, please try again.'; echo "<a href='labcheckout.php' class='button'><span class='mif-paypal'></span> Continue to pay</a>"; echo "</div>"; echo "</div>"; } } else { echo "<div id='page-wrapper'><div class='container-fluid'>"; echo 'You have not filled out all fields, please try again.<hr />'; echo "<a href='labcheckout.php' class='button'><span class='mif-paypal'></span> Continue to pay</a>"; echo "</div>"; echo "</div>"; } do_shop_footer(); ?>