显示删除数据的用户

时间:2017-02-22 05:57:18

标签: php html

我有一个表单,允许用户根据他们输入的分机号码从数据库中删除用户。在他们删除任何人之前,他们会通过登录页面。一旦他们从数据中删除用户,我们会收到一封电子邮件,说明删除了哪些分机号码。有没有办法可以添加哪个用户从表中删除了数据?

(请注意,我知道SQL注入问题并且使用mysql已经过折旧。一旦我将此问题排序,我会将它们更改为PDO或mysqli)

目前电子邮件的内容如下:

Extension Number 4324 was removed from the extension list.

我可以做到:

Extension Number 4324 was removed from the extension list by James.
  • CODE

登录表单:

<html> 
<head> 
<title>Login</title> <link rel="stylesheet" type="text/css" href="style.css"> 
</head> 
<body id="body-color"> 
<div id="Sign-In"> 
<center><fieldset style="width:30%"><legend>Welcome Please Login Below</legend>
<form method="POST" action="connectivity.php"> 
Username: <br><input type="text" name="user" size="40"><br> 
Password: <br><input type="password" name="pass" size="40">
<br>
<br> 
<input id="button" type="submit" name="submit" value="Log-In"> 
</form> 
</center>
</fieldset> 
</div> 
</body> 
</html>

Connectivity.php 

<?php
session_start();
define('DB_HOST', 'localhost'); 
define('DB_NAME', 'list'); 
define('DB_USER','root'); 
define('DB_PASSWORD','****'); 
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error()); 
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error()); 
/* 
$ID = $_POST['user']; $Password = $_POST['pass']; 
*/ 
function SignIn() 
{ 
session_start();  
if(!empty($_POST['user'])) 
{ 
$query = mysql_query("SELECT * FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error()); 
$row = mysql_fetch_array($query); 
if(!empty($row['userName']) AND !empty($row['pass'])) 
{ 
$_SESSION['userName'] = $row['pass'];
header("Location: index.php"); 
$_SESSION['CheckLogin'] = true;
} 
else 
{ 
header("Location: login.php");

} 
} 
} 
if(isset($_POST['submit'])) 
{ 
SignIn(); 
} 
?>

Delete.php表格

<?php

require ("database.php");  

session_start();
if (!isset($_SESSION['CheckLogin'])) { header("Location: login.php"); }




    if($_POST['action'])
{

$this_user_ext =$_GET['extension'];


    // sending query
    mysql_query("DELETE FROM users WHERE extension = '$this_user_ext'")
    or die(mysql_error());          


include('maildelete.php');

$extension=$_POST['extension'];

header("Location: index.php");
}
?>
<center><form action="" method="post">
Enter 4 Digit Extension Number :<br><input type="text" name="extension">
<br><h2><input type="submit" name="action" value="Delete Extension">
<br></h2>
<h3>
<a href="index.php"> Main Menu </a> 
</h3>
</form>
</center>

和maildelete.php 

<?php

$extension = $_POST['extension'];
$department = $_POST['department'];

if ($_POST['department']=="IT DEPARTMENT") {
    $address2="alpineit@alpinemotors.co.za";
}

require 'PHPMailer-master/PHPMailerAutoload.php';

$mail = new PHPMailer;

$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host       = "****"; // SMTP server             // enables SMTP debug information 
$mail->SMTPAutoTLS = false;
$mail->SMTPSecure = false;
$mail->SMTPAuth   = true;                  // enable SMTP authentication
$mail->Host       = "****"; // sets the SMTP server
$mail->Port       = 587;                    // set the SMTP port for the GMAIL server
$mail->Username   = "****"; // SMTP account username
$mail->Password   = "****";        // SMTP account password
$mail->From = "no-reply@sdsads.co.za";
$mail->FromName = "Extension List";

$mail->AddAddress('jurgen@asdas.co.za', $address2, "");

$mail->isHTML(true);

$mail->Subject  = 'Extension Deleted';
$mail->Body     = "Extension Number " . $extension . " from the " . $department . " was removed from the Extension List";

if(!$mail->Send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
exit;
}
echo 'Email Sent Successfully!';
?>

3 个答案:

答案 0 :(得分:0)

始终在表格中添加一些额外的列created_bycreated_atupdated_byupdated_atdeleted_bydeleted_at。值是执行以下操作的登录用户的ID。

通过使用此功能,您可以轻松跟踪由{id>}操作完成的add, update, delete操作。

答案 1 :(得分:0)

您似乎在变量中有用户名

$_SESSION['userName']

所以只需将其添加到 maildelete.php

中的电子邮件中 
$mail->Body     = "Extension Number " . $extension . " from the " . $department . " was removed from the Extension List";

有了这个:

$mail->Body     = "Extension Number " . $extension . " from the " . $department . " was removed from the Extension List by ".$_SESSION['userName'];

答案 2 :(得分:0)

我找到了解决办法。

我添加了$ _SESSION [&#39; userName&#39;];

所以我的maildelete.php中的代码行:

$mail->Body     = "Extension Number " . $extension . " from the " . $department . " was removed from the Extension List" . $_SESSION['userName'];
相关问题
最新问题