php与MySQL

1. 数据库连接：

使用mysql数据库，用xampp建立一个user表。包含id,name,age;

用php连接数库：

</pre><pre class="php" name="code"><!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php
//连接数据库,连接成功返回true
$conn = mysql_connect('localhost','root','');
if($conn){
echo 'Succeed';
//选择操作的数据库
$db_selected = @mysql_select_db('myapp', $conn);
if(!$db_selected){
die ('Can\'t use myapp : ' . mysql_error());
}
//执行sql语句
$result = mysql_query("SELECT * FROM users");
//获取结果
$result_arr = mysql_fetch_array($result);
print_r($result_arr);
}else{
echo 'Failed';
}
?>
</body>
</html>

数据库简单应用：

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php
//连接数据库,连接成功返回true
$conn = mysql_connect('localhost','root','');
if($conn){
//echo 'Succeed';
//选择操作的数据库
$db_selected = mysql_select_db('myapp', $conn);
if(!$db_selected){
die ('Can\'t use myapp : ' . mysql_error());
}
//执行sql语句
$result = mysql_query("SELECT * FROM users WHERE id= 1");
//获取结果
//    $result_arr = mysql_fetch_array($result);
//    print_r($result_arr);
//输出所有数据
echo 'items'.mysql_num_rows($result);
$rows = mysql_num_rows($result);
for($i=0; $i<$rows; $i++){
print_r(mysql_fetch_assoc($result));
}
//返回数据的条数
$r = mysql_query("SELECT COUNT(*) FROM users");
$ra = mysql_fetch_array($r);
echo $ra[0];
}else{
echo 'Failed';
}
?>
</body>
</html>

2. 用户数据查询

定义一个默认变量的php文件：config.php

<?php

//定义常量
define('MYSQL_HOST', 'localhost');
define('MYSQL_USER','root');
define('MYSQL_PW', '');
定义数据库连接文件：functions.php

<?php
require_once 'config.php';
function connectionDB(){
return mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PW);
}

定义数据库查询文件：allusers.php

<?php
require_once 'functions.php';
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<table width='text-align:left;' border='1'>
<tr><th>id</th><th>name</th><th>age</th></tr>
<?php
$conn = connectionDB();
mysql_select_db('myapp',$conn);
$result = mysql_query("SELECT * FROM users ORDER BY id DESC");
$dataCount = mysql_num_rows($result);
echo $dataCount;

for($i=0; $i<$dataCount; $i++){
$result_arr = mysql_fetch_assoc($result);
$id = $result_arr['id'];
$name = $result_arr['name'];
$age = $result_arr['age'];
//echo "<tr><td>$id</td><td>$name</td><td>$age</td></tr>";
?>
<tr><td><?php echo $id ?></td><td><?php echo $name ?></td><td><?php echo $age ?></td></tr>
<?php
}
?>
</table>
</body>
</html>

3. 用户数据库的添加与防止注入攻击：

修改alluser.app;

<?php
require_once 'functions.php';
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<a href="adduser.html">add user</a>

<table width='text-align:left;' border='1'>
<tr><th>id</th><th>name</th><th>age</th></tr>
<?php
$conn = connectionDB();
$result = mysql_query("SELECT * FROM users ORDER BY id DESC");
$dataCount = mysql_num_rows($result);
echo $dataCount;

for($i=0; $i<$dataCount; $i++){
$result_arr = mysql_fetch_assoc($result);
$id = $result_arr['id'];
$name = $result_arr['name'];
$age = $result_arr['age'];
//echo "<tr><td>$id</td><td>$name</td><td>$age</td></tr>";
?>
<tr><td><?php echo $id ?></td><td><?php echo $name ?></td><td><?php echo $age ?></td></tr>
<?php
}
?>
</table>
</body>
</html>

adduser.html;

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<form action="adduser.php" method="post">
<div>user name:
<input type="text" name = "name">
</div>
<div>user age
<input type="text" name = "age">
</div>
<input type="submit">
</form>
</body>
</html>

adduser.php

<?php
if(!isset($_POST['name'])){
die('user name not define');
}

if(!isset($_POST['age'])){
die('user age not define');
}

$name = $_POST['name'];
if(empty($name)){
die('user name is empty');
}

$age = $_POST['age'];
if(empty($age)){
die('user age is empty');
}

require_once 'functions.php';
$conn = connectionDB();
//插入数据
//出于安全方面的考虑，必须将字符串引起来，对于其他类型（int）的数据必须转换(防止sql注入攻击)
$age = intval($age);
mysql_query("INSERT INTO users(name, age) VALUES ('$name', $age)");
if(mysql_error()){
echo 'code error:'.mysql_error();
}else{
header("location:allusers.php");
}

修改后的functions.php

<?php
require_once 'config.php';
function connectionDB(){
$conn = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PW);
if(!$conn){
die('Can not connect db');
}
mysql_select_db('myapp', $conn);
return $conn;
}

4. 修改用户数据：

在allusers.php中添加edit功能：

<?php
require_once 'functions.php';
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<a href="adduser.html">add user</a>

<table width='text-align:left;' border='1'>
<tr><th>id</th><th>name</th><th>age</th><th>edit</th></tr>
<?php
$conn = connectionDB();
$result = mysql_query("SELECT * FROM users ORDER BY id ASC");
$dataCount = mysql_num_rows($result);
echo $dataCount;

for($i=0; $i<$dataCount; $i++){
$result_arr = mysql_fetch_assoc($result);
$id = $result_arr['id'];
$name = $result_arr['name'];
$age = $result_arr['age'];
//在列表中添加数据修改的功能
echo "<tr><td>$id</td><td>$name</td><td>$age</td><td><a href='edituser.php?id=$id'>edit</a></td></tr>";
?>
<!-- <tr><td>--><?php //echo $id ?><!--</td><td>--><?php //echo $name ?><!--</td><td>--><?php //echo $age ?><!--</td></tr>-->
<?php
}
?>
</table>
</body>
</html>
edituser.php

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php

require_once 'functions.php';
if(!empty($_GET['id'])){
connectionDB();
$id = intval($_GET['id']);
$result = mysql_query("SELECT * FROM users WHERE id = $id");
if(mysql_error()){
die('can not connect db');
}
$arr = mysql_fetch_assoc($result);
//print_r($arr);
}else{
die('id not define');
}
?>
<form action="edit_server.php" method="post">
<div>ID:
<input type="text" name="id" value="<?php echo $arr['id'] ?>">
</div>
<div>User Name
<input type="text" name="name" value="<?php echo $arr['name'] ?>">
</div>
<div>User Age
<input type="text" name = "age" value="<?php echo $arr['age'] ?>">
</div>
<input type="submit">
</form>
</body>
</html>


edit_server.php

<?php
require_once 'functions.php';

if(empty($_POST['id'])){
die('id is empty');
}
if(empty($_POST['name'])){
die('name is empty');
}
if(empty($_POST['age'])){
die('age is empty');
}

$id = intval($_POST['id']);
$name = $_POST['name'];
$age = intval($_POST['age']);
connectionDB();
//修改数据
mysql_query("UPDATE users SET name='$name', age=$age WHERE id=$id");

if(mysql_error()){
echo mysql_error();
}else{
header("location:allusers.php");
}


5. 用户数据删除：

在allusers.php中添加删除功能：

//在列表中添加删除功能
echo "<tr><td>$id</td><td>$name</td><td>$age</td><td><a href='edituser.php?id=$id'>edit</a></td>
<td><a href='deluser.php?id=$id'>delete</a></td></tr>";
?>

在deluser.php中添加：

<?php
if(empty($_GET['id'])){
die('id is empty');
}
require_once 'functions.php';
connectionDB();
$id = intval($_GET['id']);
mysql_query("DELETE FROM users WHERE id=$id");
if(mysql_error()){
die('fail to delete user');
}else{
header("location:allusers.php;