如何按用户ID在数据库中显示记录

时间:2013-02-20 02:12:15

标签: php sql

我想按用户ID在数据库中显示记录。这意味着工作人员必须插入staffid和密码并请求新项目,请求将保存在数据库中。

请求正常,但在request.php页面之后,我想在receipt.php中显示该工作人员订购的项目。我怎么能这样做? 以下是定义表的SQL:

CREATE TABLE `orders` (                                                       
          `orderno` bigint(20) NOT NULL AUTO_INCREMENT,                               
          `orderqty` bigint(20) NOT NULL,                                             
          `orderdate` date DEFAULT NULL,                                              
          `itemno` bigint(20) DEFAULT NULL,                                           
          `staffid` varchar(50) DEFAULT NULL,                                         
          PRIMARY KEY (`orderno`),                                                    
          KEY `FK_itemno` (`itemno`),                                                 
          KEY `FK_staffid` (`staffid`),                                               
          CONSTRAINT `FK_itemno` FOREIGN KEY (`itemno`) REFERENCES `item` (`itemno`)  
        ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1                       

以下是receipt.php的PHP代码:

<?php require_once('Connections/sqlconnection.php'); ?>
<?php 
    if (!isset($_SESSION)) {
         session_start();
    }

    $colname_rsstaff = $_SESSION['staffid'];
    if (isset($_GET['staffid'])) {
        $colname_rsstaff = $_GET['staffid'];
    }

if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "",  $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ?          mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsorders = "SELECT * FROM orders";
$rsorders = mysql_query($query_rsorders, $sqlconnection) or die(mysql_error());
$row_rsorders = mysql_fetch_assoc($rsorders);
$totalRows_rsorders = mysql_num_rows($rsorders);

mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsitem = "SELECT * FROM item";
$rsitem = mysql_query($query_rsitem, $sqlconnection) or die(mysql_error());
$row_rsitem = mysql_fetch_assoc($rsitem);
$totalRows_rsitem = mysql_num_rows($rsitem);

mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsstaff = "SELECT * FROM staff";
$rsstaff = mysql_query($query_rsstaff, $sqlconnection) or die(mysql_error());
$row_rsstaff = mysql_fetch_assoc($rsstaff);
$totalRows_rsstaff = mysql_num_rows($rsstaff);

mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsitemlist = sprintf("SELECT * FROM itemlist WHERE itemlist.staffid = %s",        GetSQLValueString($colname_rsstaff, "text"),"ORDER BY orderdate DESC");
$rsitemlist = mysql_query($query_rsitemlist, $sqlconnection) or die(mysql_error());
$row_rsitemlist = mysql_fetch_assoc($rsitemlist);
$totalRows_rsitemlist = mysql_num_rows($rsitemlist);
?>

<title>Sistem Pengurusan Stok</title>
<center>
  <form name="form1" method="POST" action="request.php">
    <table width="633" height="262" border="1">
      <tr>
        <td height="124" colspan="6"><?php include 'header.php'?></td>
      </tr>
      <tr>
        <td width="119" height="51" 
        align="center">No Resit</td>
        <td width="130" align="center">Tarikh Tempah</td>
        <td width="181" align="center">Nama Barang</td>
        <td align="center">Kuantiti</td>
        <td align="center">&nbsp;</td>
      </tr>
      <?php do { ?>
        <tr>
          <td height="35" align="center"><?php echo $row_rsitemlist['orderno']; ?></td>
          <td align="center"><?php echo $row_rsitemlist['orderdate']; ?></td>
          <td align="center"><?php echo $row_rsitemlist['itemname']; ?></td>
          <td width="146" align="center"><?php echo $row_rsitemlist['orderqty']; ?></td>
          <td width="23" align="center"><img src="images/delete.jpg" width="68" height="32" align="center" /></td>
     </tr>
        <?php } while ($row_rsitemlist = mysql_fetch_assoc($rsitemlist) && $rsitemlist); ?>
     <tr>
         <td height="40" colspan="6" align="right"><input type="submit" name="button2" id="button2" value="Kembali"/>
          <input type="submit" name="button" id="button" value="Hantar" /></td>
     </tr>
    </table>
  </form>
</center>
<?php
mysql_free_result($rsorders);

mysql_free_result($rsitem);

mysql_free_result($rsstaff);

mysql_free_result($rsitemlist);
?>

我真的希望有人能真正检查我的代码。提前谢谢。

1 个答案:

答案 0 :(得分:0)

您可以通过设置会话来实现这一点......机制将是

    请求顶部的
  1. start_session()
  2. 在request.php上,为订单数据创建会话变量,请参阅 manual
  3. 在reciept.php(或您想要的任何页面)上使用该会话变量 显示您的订单数据..
  4. 希望,这有助于......