登录后,员工必须更新其日常产品销售额。为此,我制作了名为registration和dailysales的02表。表格注册会验证用户登录的用户ID和密码,并具有在“每日销售”中输入每日销售额的链接。表。如何从表'注册'中插入登录用户的用户ID?到表' dailysales'自动。注意:在表格' dailysales'员工还必须每天从html表单中销售产品。在下面的编码中,如何随着产品的输入自动添加登录用户的用户ID和用户名。
日常销售代码如下: -
<?php
require('config.php');
//Start the Session
session_start();
if((isset($_POST['diaper']) && !empty($_POST['diaper']))
&& (isset($_POST['babylotion']) && !empty($_POST['babylotion']))
&& (isset($_POST['nfacewash']) && !empty($_POST['nfacewash']))
&& (isset($_POST['facewash']) && !empty($_POST['facewash']))
&& (isset($_POST['hremover']) && !empty($_POST['hremover']))){
$Diaper = $_POST ['diaper'];
$BabyLotion = $_POST ['babylotion'];
$Neem_fw = $_POST ['nfacewash'];
$Facewash = $_POST ['facewash'];
$Hair_remover = $_POST ['hremover'];
}
$sql= "INSERT INTO dailyrecord (babydiaper,babylotion,hairremover,neemfw,neetfw) VALUES ('$Diaper','$BabyLotion','$Neem_fw','$Facewash','$Hair_remover')";
if (mysqli_query ($connection, $sql)){
echo '<script>alert("Congratulations! You Have Successfully added your sale!");</script>';
}
else{
echo '<script>alert("Sorry! Please fill the fields marked with *!");</script>';
}
?>
登录编码如下: -
<?php
//Start the Session
session_start();
require('config.php');
// If the form is submitted or not.
// If the form is submitted
if (isset($_POST['id']) and isset($_POST['password'])){
// Assigning posted values to variables.
$E_id = $_POST['id'];
$P_word = $_POST['password'];
// Check if username is empty
if(empty(trim($_POST["id"]))){
$username_err = 'Please enter username.';
} else{
$U_name = trim($_POST["id"]);
}
// Check if password is empty
if(empty(trim($_POST['password']))){
$password_err = 'Please enter your password.';
} else{
$P_word = trim($_POST['password']);
}
// Checking the values are existing in the database or not
$query = "SELECT * FROM registeration WHERE employee_id='$E_id' and password='$P_word'";
$result = mysqli_query($connection, $query);
$count = mysqli_num_rows($result);
// If the posted values are equal to the database values, then session will be created for the user.
if ($count == 1){
$_SESSION['id'] = $E_id;
}else{
//If the login credentials doesn't match, he will be shown with an error message.
$fmsg = "Invalid Login Credentials.";
}
}
//if the user is logged in Greets the user with message
if (isset($_SESSION['id'])){
$E_id = $_SESSION['id'];
echo "<center><table border='2' style='background-color:#FFFFFF;border-collapse:collapse;border:2px solid #6699FF;color:#000000;width:60%'>
<tr>
<th>Distributor</th>
<th>Designation</th>
<th>City</th>
<th>Visiting Area</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr\t\t\t>";
echo "<td>" . $row['emp_name'] . " ". $row['f_name'] . "</td>";
echo "<td>" . $row['designation'] . "</td>";
echo "<td>" . $row['city'] . "</td>";
echo "<td>" . $row['varea'] . "</td>";
echo "</tr>";
}
echo "</center></table>";
echo "<br>";
echo "<a href='logout.php'>Logout</a>";
}
else{
echo '<center>Invalied Username or Password</center>';
}
?>
答案 0 :(得分:0)
在您的每日销售代码中,您可以使用$_SESSION['id']获取ID
$id=$_SESSION['id'];
因此,您可以在$sql中使用它。您需要在id表格中使用[{1}}表格的外键创建列dailyrecord(因此ID都相等)
registeration无论如何,你应该使用预准备语句来避免为你的$ sql注入sql
答案 1 :(得分:0)
由于用户只有在成功登录后才有机会添加记录,因此会话变量的ID可用于插入销售记录。假设dailyrecord或dailysales表(?which?)有一个名为employee_id的用户ID列,那么您可以尝试这样的事情。
<?php
require('config.php');
session_start();
$babydiaper = !empty( $_POST['diaper'] ) ? $_POST['diaper'] : false;
$babylotion = !empty( $_POST['babylotion'] ) ? $_POST['babylotion'] : false;
$neemfw = !empty( $_POST['nfacewash'] ) ? $_POST['nfacewash'] : false;
$neetfw = !empty( $_POST['facewash'] ) ? $_POST['facewash'] : false;
$hairremover = !empty( $_POST['hremover'] ) ? $_POST['hremover'] : false;
if( $babydiaper && $babylotion && $neemfw && $neetfw && $hairremover && isset( $_SESSION['id'] ) ){
$sql='insert into `dailyrecord` ( `employee_id`, `babydiaper`, `babylotion`, `hairremover`, `neemfw`, `neetfw` ) values (?,?,?,?,?,?)';
$stmt=$connection->prepare( $sql );
if( $stmt ){
$id=$_SESSION['id'];
$stmt->bind_param('isssss', $id, $babydiaper, $babylotion, $hairremover, $neemfw, $neetfw );
$message = $stmt->execute() ? 'Congratulations - the sale was added' : 'Bogus - the sale could not be added';
$stmt->close();
$connection->close();
} else {
$message='Sorry - there was a database problem. Please contact the administrator';
}
} else {
$message='One of more fields was empty...';
}
echo "<script>alert('$message');</script>";
?>