t204.php
<?php
//case 15-2 修改信息
/*
*建立数据表的sql语句
*
* create table emp_info(
emp_id int unsigned auto_increment primary key,
emp_name varchar(20) not null,
emp_dept varchar(20) not null,
date_birth timestamp not null,
date_entry timestamp not null
)charset = utf8;
insert into emp_info values(1,'张三','推广部','1980-05-01','2020-01-10');
insert into emp_info values(2,'李四','人资部','1980-05-01','2020-01-10');
insert into emp_info values(3,'王五','公关部','1980-05-01','2020-01-10');
insert into emp_info values(4,'麻六','销售部','1980-05-01','2020-01-10');
*
*/
//全局变量
$connect = '';
/**
*
*/
//数据库初始化连接
function dbinit()
{
//内部调用全局变量,需声明
global $connect;
$connect = mysqli_connect('localhost','root','mysql123','test');
if(!$connect)
{
die('数据库连接失败!'.mysqli_error());
}
//mysql中字符集是utf8,不是uft-8
mysqli_query($connect,"set names utf8");
}
/**
* @param string $sql
* @return mixed
*/
//查询函数
function query($sql)
{
global $connect;
if($result = mysqli_query($connect,$sql))
{
return $result;
}
else
{
echo 'SQL执行失败:<br>';
echo "错误的SQL为:$sql <br>";
echo "错误的代码为:".mysqli_errno($connect)."<br>";
echo "错误的信息为:".mysqli_error($connect)."<br>";
die();
}
}
/**
* @param $sql
* @return array|bool
*/
//取全部数据
function fetchAll($sql)
{
if($result = query($sql))
{
$rows = array();
while($row = mysqli_fetch_array($result,MYSQLI_ASSOC))
{
$rows[] = $row;
}
mysqli_free_result($result);
return $rows;
}
else
{
return false;
}
}
/**
* @param $sql
* @return array|bool|null
*/
//取单行数据
function fetchRow($sql)
{
if($result = query($sql))
{
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
return $row;
}
else
{
return false;
}
}
//防止sql注入
function safeHandle($data)
{
global $connect;
$data = htmlspecialchars($data);
$data = mysqli_real_escape_string($connect,$data);
return $data;
}t205.php
<?php
//case 15-2 修改信息
header('Content-type:text/html;charset=utf8');
//引入数据操作文件
require_once ('./t204.php');
//初始化数据库连接
dbinit();
//查询语句
$sql = "select * from emp_info";
//取数据
$emp_info = fetchAll($sql);
?>
<html>
<head>
<meta charset="UTF-8">
<title>员工信息列表</title>
</head>
<body>
<div>员工信息列表</div>
<form method="get" action="">
<table border="1" cellspacing="0" cellpadding="0" width="50%" style="text-align: center;">
<tr>
<th>ID</th>
<th>姓名</th>
<th>部门</th>
<th>出生日期</th>
<th>入职时间</th>
<th>相关操作</th>
</tr>
<?php
if(!empty($emp_info))
{
foreach ($emp_info as $row1)
{
echo "<tr>";
echo "<td>{$row1['emp_id']}</td>";
echo "<td>{$row1['emp_name']}</td>";
echo "<td>{$row1['emp_dept']}</td>";
echo "<td>{$row1['date_birth']}</td>";
echo "<td>{$row1['date_entry']}</td>";
echo "<td><span><a href='t205.php?emp=edit&emp_id={$row1['emp_id']}'>编辑</a> <a href='#'>删除</a></span></td>";
echo "</tr>";
}
}
else
{
echo "<tr><td colspan='6'>暂无员工数据!</td></tr>";
}
mysqli_close($connect);
?>
</table>
<hr>
<div><a href="./t205.php?emp=add">添加员工</a></div>
</form>
</body>
</html>
<?php
//判断是新增,还是修改
if(isset($_GET['emp']))
{
switch ($_GET['emp'])
{
case 'add':
showAdd();
break;
case 'edit':
showEdit($_GET['emp_id']);
break;
default:
break;
}
}
//显示新增表单
function showAdd()
{
echo "<hr>";
echo <<< tt
<div>
<h2>添加员工</h2>
<form method="post" action="./t205.php">
<table>
<tr>
<td>姓名:</td>
<td><input type="text" name="emp_name" id="emp_name"></td>
</tr>
<tr>
<td>部门:</td>
<td><input type="text" name="emp_dept" id="emp_dept"></td>
</tr>
<tr>
<td>出生日期:</td>
<td><input type="date" name="date_birth" id="date_birth"></td>
</tr>
<tr>
<td>入职日期:</td>
<td><input type="date" name="date_entry" id="date_entry"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="emp_save" id="emp_save" value="保存资料" style="width:180px"></td>
</tr>
<tr>
<td> </td>
<td><input type="reset" value="重新填写" style="width: 180px;"></td>
</tr>
</table>
</form>
</div>
tt;
}
//显示修改表单
function showEdit($emp_id)
{
echo "<hr>";
//初始化数据库连接
dbinit();
//查询语句
$sql = "select * from emp_info where emp_id='$emp_id'";
//取单行数据
$res = fetchRow($sql);
//时间控件,赋值先转换格式
$date_birth = date('Y-m-d',strtotime($res['date_birth']));
$date_entry = date('Y-m-d',strtotime($res['date_entry']));
//文本控件可以直接绑定值,时间控件需要先转换格式,emp_id需要绑定至隐藏控件
echo <<< tt
<div>
<h2>修改员工</h2>
<form method="post" action="./t205.php">
<table>
<tr>
<td>姓名:</td>
<td><input type="text" name="emp_name" id="emp_name" value="$res[emp_name]"></td>
</tr>
<tr>
<td>部门:</td>
<td><input type="text" name="emp_dept" id="emp_dept" value="$res[emp_dept]"></td>
</tr>
<tr>
<td>出生日期:</td>
<td><input type="date" name="date_birth" id="date_birth" value="$date_birth"></td>
</tr>
<tr>
<td>入职日期:</td>
<td><input type="date" name="date_entry" id="date_entry" value="$date_entry"></td>
</tr>
<tr>
<td><input type="hidden" name="emp_id" id="emp_id" value="$res[emp_id]"></td>
<td><input type="submit" name="emp_edit" id="emp_edit" value="修改资料" style="width:180px"></td>
</tr>
</table>
</form>
</div>
tt;
}
?>
<?php
//新增,保存函数
if(isset($_POST['emp_save']))
{
dbinit();
$fields = array('emp_name','emp_dept','date_birth','date_entry');
$values = array();
foreach ($fields as $key=>$val)
{
$data = isset($_POST[$val])?$_POST[$val]:'';
if($data == '') die($val."字段不能为空");
$data = safeHandle($data);
$fields[$key] = "$val";
$values[] = "'$data'";
}
$fields = implode(',',$fields);
$values = implode(',',$values);
$sql_insert = "insert into emp_info($fields) values($values)";
//echo $sql_insert;
$res = query($sql_insert);
if($res > 0)
{
echo "<script>alert('保存成功!')</script>";
echo "<script>location.href='./t205.php';</script>";
}
}
//修改,保存函数
elseif(isset($_POST['emp_edit']))
{
//初始化连接
dbinit();
$emp_id = $_POST['emp_id'];
//字段数组
$fields = array('emp_name','emp_dept','date_birth','date_entry');
//数值数组,空
$updates = array();
foreach ($fields as $key=>$val)
{
//控件中填入了值
$data = isset($_POST[$val])?$_POST[$val]:'';
//无值,空,结束程序
if($data == '') die($val.'字段不能为空');
//sql防注入
$data = safeHandle($data);
$updates[] = "$val='$data'";
}
//数组内容组合字符串
$update_str = implode(',',$updates);
//修改语句
$sql_update = "update emp_info set $update_str where emp_id='$emp_id'";
//echo $sql_update;
//执行查询
$res = query($sql_update);
if($res > 0)
{
echo "<script>alert('修改成功!')</script>";
echo "<script>location.href='./t205.php';</script>";
}
}
?>
