关于身份证的员工每日销售提交表

时间:2017-11-13 08:23:00

标签: php mysql

登录后,员工必须更新其日常产品销售额。为此,我制作了名为registration和dailysales的02表。表格注册会验证用户登录的用户ID和密码,并具有在“每日销售”中输入每日销售额的链接。表。如何从表'注册'中插入登录用户的用户ID?到表' dailysales'自动。注意:在表格' dailysales'员工还必须每天从html表单中销售产品。在下面的编码中,如何随着产品的输入自动添加登录用户的用户ID和用户名。

日常销售代码如下: -

<?php
require('config.php');

//Start the Session
session_start();

if((isset($_POST['diaper']) && !empty($_POST['diaper']))
&& (isset($_POST['babylotion']) && !empty($_POST['babylotion']))
&& (isset($_POST['nfacewash']) && !empty($_POST['nfacewash']))
&& (isset($_POST['facewash']) && !empty($_POST['facewash']))
&& (isset($_POST['hremover']) && !empty($_POST['hremover']))){
$Diaper = $_POST ['diaper'];
$BabyLotion = $_POST ['babylotion'];
$Neem_fw = $_POST ['nfacewash'];
$Facewash = $_POST ['facewash'];
$Hair_remover = $_POST ['hremover'];
}
$sql= "INSERT INTO dailyrecord (babydiaper,babylotion,hairremover,neemfw,neetfw) VALUES ('$Diaper','$BabyLotion','$Neem_fw','$Facewash','$Hair_remover')";

if (mysqli_query ($connection, $sql)){
    echo '<script>alert("Congratulations! You Have Successfully added your sale!");</script>';
    }
else{
        echo '<script>alert("Sorry! Please fill the fields marked with *!");</script>';


    }

?>

登录编码如下: -

<?php  

//Start the Session
session_start();
require('config.php');

// If the form is submitted or not.
// If the form is submitted
if (isset($_POST['id']) and isset($_POST['password'])){
// Assigning posted values to variables.
$E_id = $_POST['id'];
$P_word = $_POST['password'];

// Check if username is empty
    if(empty(trim($_POST["id"]))){
        $username_err = 'Please enter username.';
    } else{
        $U_name = trim($_POST["id"]);
    }

    // Check if password is empty
    if(empty(trim($_POST['password']))){
        $password_err = 'Please enter your password.';
    } else{
        $P_word = trim($_POST['password']);
    }

// Checking the values are existing in the database or not
$query = "SELECT * FROM registeration WHERE employee_id='$E_id' and password='$P_word'";

$result = mysqli_query($connection, $query);
$count = mysqli_num_rows($result);
// If the posted values are equal to the database values, then session will be created for the user.
if ($count == 1){
$_SESSION['id'] = $E_id;
}else{
//If the login credentials doesn't match, he will be shown with an error message.
$fmsg = "Invalid Login Credentials.";
}
}
//if the user is logged in Greets the user with message
if (isset($_SESSION['id'])){
$E_id = $_SESSION['id'];
echo "<center><table border='2' style='background-color:#FFFFFF;border-collapse:collapse;border:2px solid #6699FF;color:#000000;width:60%'>
<tr>
<th>Distributor</th>
<th>Designation</th>
<th>City</th>
<th>Visiting Area</th>
</tr>";

while($row = mysqli_fetch_array($result))
{
echo "<tr\t\t\t>";
echo "<td>" . $row['emp_name'] . "&nbsp". $row['f_name'] . "</td>";
echo "<td>" . $row['designation'] . "</td>";
echo "<td>" . $row['city'] . "</td>";
echo "<td>" . $row['varea'] . "</td>";
echo "</tr>";
}
echo "</center></table>";
echo "<br>";
echo "<a href='logout.php'>Logout</a>";
}
else{

echo '<center>Invalied Username or Password</center>';
}
?>

2 个答案:

答案 0 :(得分:0)

在您的每日销售代码中,您可以使用$_SESSION['id']获取ID

$id=$_SESSION['id'];

因此,您可以在$sql中使用它。您需要在id表格中使用[{1}}表格的外键创建列dailyrecord(因此ID都相等)

registeration

无论如何,你应该使用预准备语句来避免为你的$ sql注入sql

答案 1 :(得分:0)

由于用户只有在成功登录后才有机会添加记录,因此会话变量的ID可用于插入销售记录。假设dailyrecorddailysales表(?which?)有一个名为employee_id的用户ID列,那么您可以尝试这样的事情。

<?php

    require('config.php');
    session_start();

    $babydiaper = !empty( $_POST['diaper'] ) ? $_POST['diaper'] : false;
    $babylotion = !empty( $_POST['babylotion'] ) ? $_POST['babylotion'] : false;
    $neemfw = !empty( $_POST['nfacewash'] ) ? $_POST['nfacewash'] : false;
    $neetfw = !empty( $_POST['facewash'] ) ? $_POST['facewash'] : false;
    $hairremover = !empty( $_POST['hremover'] ) ? $_POST['hremover'] : false;

    if( $babydiaper && $babylotion && $neemfw && $neetfw && $hairremover && isset( $_SESSION['id'] ) ){

        $sql='insert into `dailyrecord` ( `employee_id`, `babydiaper`, `babylotion`, `hairremover`, `neemfw`, `neetfw` ) values (?,?,?,?,?,?)';
        $stmt=$connection->prepare( $sql );

        if( $stmt ){

            $id=$_SESSION['id'];
            $stmt->bind_param('isssss', $id, $babydiaper, $babylotion, $hairremover, $neemfw, $neetfw );

            $message = $stmt->execute() ? 'Congratulations - the sale was added' : 'Bogus - the sale could not be added';
            $stmt->close();
            $connection->close();


        } else {
            $message='Sorry - there was a database problem. Please contact the administrator';
        }
    } else {
        $message='One of more fields was empty...';
    }

    echo "<script>alert('$message');</script>";
?>