制作一个简单的PHP新闻列表框架
1、首先在Eclipse PHP上建立文件框架;
-----admin 后台文件夹
-----common 类配置文件夹
-----config配置文件(系统配置文件)
------templates (Smarty 配置的HTML文件夹)
------templates_c(Smarty缓存文件夹)
2、添加管理员数据库;
建立一个test数据库,建立一个p_admin表格,在表格上建立一个admin的管理员账号,密码采用md5()编译过后的密码,复制到password中。
3、配置smarty文件;
1.将smarty文件复制到common的文件夹中,实现前台与后台的页面分离;
2.在global.php文件中设置smarty的调用程序;
$smarty = new Smarty(); //调用smarty函数
$smarty ->template_dir =$smarty_template_dir;//配置smarty的模板路径
$smarty ->compile_dir =$smarty_complie_dir;//配置smarty的编译路径
$smarty ->config_dir =$smarty_config_dir;//配置smarty的配置路径
$smarty ->cache_dir =$smarty_cache_dir;//配置smarty的缓存路径
$smarty ->caching =$smarty_caching;//配置smarty的缓存
$smarty ->left_delimiter =$smarty_delimiter[0];//配置smarty的分隔符
$smarty ->right_delimiter=$smarty_delimiter[1];//配置smarty的分隔符
3.在config/config.php文件中配置smarty;
$smarty_template_dir ='./templates/';
$smarty_complie_dir ='./templates_c/';
$smarty_config_dir ='./configs/';
$smarty_cache_dir ='./cache/';
$smarty_caching = FALSE;
$smarty_delimiter =explode("|","{|}");
4.调试smarty是否配置完成;
在index文件上:
1.在template模板文件夹中放置index.html文件夹;
2.在index.php文件夹中配置代码:
$smarty->display("index1.html"); 测试smarty是否配置成功。
4、配置数据库;
1.配置数据库的类;(这里分享一个很经典的php mysql的类)
class mysql {
private $db_host; //数据库主机
private $db_user; //数据库用户名
private $db_pwd; //数据库用户名密码
private $db_database; //数据库名
private $conn; //数据库连接标识;
private $result; //执行query命令的结果资源标识
private $sql; //sql执行语句
private $row; //返回的条目数
private $coding; //数据库编码,GBK,UTF8,gb2312
private $bulletin = true; //是否开启错误记录
private $show_error = true; //测试阶段,显示所有错误,具有安全隐患,默认关闭
private $is_error = false; //发现错误是否立即终止,默认true,建议不启用,因为当有问题时用户什么也看不到是很苦恼的
/*构造函数*/
public function __construct($db_host, $db_user, $db_pwd, $db_database, $conn, $coding) {
$this->db_host = $db_host;
$this->db_user = $db_user;
$this->db_pwd = $db_pwd;
$this->db_database = $db_database;
$this->conn = $conn;
$this->coding = $coding;
$this->connect();
}
/*数据库连接*/
public function connect() {
if ($this->conn == "pconn") {
//永久链接
$this->conn = mysql_pconnect($this->db_host, $this->db_user, $this->db_pwd);
} else {
//即使链接
$this->conn = mysql_connect($this->db_host, $this->db_user, $this->db_pwd);
}
if (!mysql_select_db($this->db_database, $this->conn)) {
if ($this->show_error) {
$this->show_error("数据库不可用:", $this->db_database);
}
}
mysql_query("SET NAMES $this->coding");
}
/*数据库执行语句,可执行查询添加修改删除等任何sql语句*/
public function query($sql) {
if ($sql == "") {
$this->show_error("SQL语句错误:", "SQL查询语句为空");
}
$this->sql = $sql;
$result = mysql_query($this->sql, $this->conn);
if (!$result) {
//调试中使用,sql语句出错时会自动打印出来
if ($this->show_error) {
$this->show_error("错误SQL语句:", $this->sql);
}
} else {
$this->result = $result;
}
return $this->result;
}
/*创建添加新的数据库*/
public function create_database($database_name) {
$database = $database_name;
$sqlDatabase = 'create database ' . $database;
$this->query($sqlDatabase);
}
/*查询服务器所有数据库*/
//将系统数据库与用户数据库分开,更直观的显示?
public function show_databases() {
$this->query("show databases");
echo "现有数据库:" . $amount = $this->db_num_rows($rs);
echo "<br />";
$i = 1;
while ($row = $this->fetch_array($rs)) {
echo "$i $row[Database]";
echo "<br />";
$i++;
}
}
//以数组形式返回主机中所有数据库名
public function databases() {
$rsPtr = mysql_list_dbs($this->conn);
$i = 0;
$cnt = mysql_num_rows($rsPtr);
while ($i < $cnt) {
$rs[] = mysql_db_name($rsPtr, $i);
$i++;
}
return $rs;
}
/*查询数据库下所有的表*/
public function show_tables($database_name) {
$this->query("show tables");
echo "现有数据库:" . $amount = $this->db_num_rows($rs);
echo "<br />";
$i = 1;
while ($row = $this->fetch_array($rs)) {
$columnName = "Tables_in_" . $database_name;
echo "$i $row[$columnName]";
echo "<br />";
$i++;
}
}
/*
mysql_fetch_row() array $row[0],$row[1],$row[2]
mysql_fetch_array() array $row[0] 或 $row[id]
mysql_fetch_assoc() array 用$row->content 字段大小写敏感
mysql_fetch_object() object 用$row[id],$row[content] 字段大小写敏感
*/
/*取得结果数据*/
public function mysql_result_li() {
return mysql_result($str);
}
/*取得记录集,获取数组-索引和关联,使用$row['content'] */
public function fetch_array() {
return mysql_fetch_array($this->result);
}
//获取关联数组,使用$row['字段名']
public function fetch_assoc() {
return mysql_fetch_assoc($this->result);
}
//获取数字索引数组,使用$row[0],$row[1],$row[2]
public function fetch_row() {
return mysql_fetch_row($this->result);
}
//获取对象数组,使用$row->content
public function fetch_Object() {
return mysql_fetch_object($this->result);
}
//简化查询select
public function findall($table) {
$this->query("SELECT * FROM $table");
}
//简化查询select
public function select($table, $columnName = "*", $condition = '', $debug = '') {
$condition = $condition ? ' Where ' . $condition : NULL;
if ($debug) {
echo "SELECT $columnName FROM $table $condition";
} else {
$this->query("SELECT $columnName FROM $table $condition");
}
}
//简化删除del
public function delete($table, $condition, $url = '') {
if ($this->query("DELETE FROM $table WHERE $condition")) {
if (!empty ($url))
$this->Get_admin_msg($url, '删除成功!');
}
}
//简化插入insert
public function insert($table, $columnName, $value, $url = '') {
if ($this->query("INSERT INTO $table ($columnName) VALUES ($value)")) {
if (!empty ($url))
$this->Get_admin_msg($url, '添加成功!');
}
}
//简化修改update
public function update($table, $mod_content, $condition, $url = '') {
//echo "UPDATE $table SET $mod_content WHERE $condition"; exit();
if ($this->query("UPDATE $table SET $mod_content WHERE $condition")) {
if (!empty ($url))
$this->Get_admin_msg($url);
}
}
/*取得上一步 INSERT 操作产生的 ID*/
public function insert_id() {
return mysql_insert_id();
}
//指向确定的一条数据记录
public function db_data_seek($id) {
if ($id > 0) {
$id = $id -1;
}
if (!@ mysql_data_seek($this->result, $id)) {
$this->show_error("SQL语句有误:", "指定的数据为空");
}
return $this->result;
}
// 根据select查询结果计算结果集条数
public function db_num_rows() {
if ($this->result == null) {
if ($this->show_error) {
$this->show_error("SQL语句错误", "暂时为空,没有任何内容!");
}
} else {
return mysql_num_rows($this->result);
}
}
// 根据insert,update,delete执行结果取得影响行数
public function db_affected_rows() {
return mysql_affected_rows();
}
//输出显示sql语句
public function show_error($message = "", $sql = "") {
if (!$sql) {
echo "<font color='red'>" . $message . "</font>";
echo "<br />";
} else {
echo "<fieldset>";
echo "<legend>错误信息提示:</legend><br />";
echo "<div style='font-size:14px; clear:both; font-family:Verdana, Arial, Helvetica, sans-serif;'>";
echo "<div style='height:20px; background:#000000; border:1px #000000 solid'>";
echo "<font color='white'>错误号:12142</font>";
echo "</div><br />";
echo "错误原因:" . mysql_error() . "<br /><br />";
echo "<div style='height:20px; background:#FF0000; border:1px #FF0000 solid'>";
echo "<font color='white'>" . $message . "</font>";
echo "</div>";
echo "<font color='red'><pre>" . $sql . "</pre></font>";
$ip = $this->getip();
if ($this->bulletin) {
$time = date("Y-m-d H:i:s");
$message = $message . "\r\n$this->sql" . "\r\n客户IP:$ip" . "\r\n时间 :$time" . "\r\n\r\n";
$server_date = date("Y-m-d");
$filename = $server_date . ".txt";
$file_path = "error/" . $filename;
$error_content = $message;
//$error_content="错误的数据库,不可以链接";
$file = "error"; //设置文件保存目录
//建立文件夹
if (!file_exists($file)) {
if (!mkdir($file, 0777)) {
//默认的 mode 是 0777,意味着最大可能的访问权
die("upload files directory does not exist and creation failed");
}
}
//建立txt日期文件
if (!file_exists($file_path)) {
//echo "建立日期文件";
fopen($file_path, "w+");
//首先要确定文件存在并且可写
if (is_writable($file_path)) {
//使用添加模式打开$filename,文件指针将会在文件的开头
if (!$handle = fopen($file_path, 'a')) {
echo "不能打开文件 $filename";
exit;
}
//将$somecontent写入到我们打开的文件中。
if (!fwrite($handle, $error_content)) {
echo "不能写入到文件 $filename";
exit;
}
//echo "文件 $filename 写入成功";
echo "——错误记录被保存!";
//关闭文件
fclose($handle);
} else {
echo "文件 $filename 不可写";
}
} else {
//首先要确定文件存在并且可写
if (is_writable($file_path)) {
//使用添加模式打开$filename,文件指针将会在文件的开头
if (!$handle = fopen($file_path, 'a')) {
echo "不能打开文件 $filename";
exit;
}
//将$somecontent写入到我们打开的文件中。
if (!fwrite($handle, $error_content)) {
echo "不能写入到文件 $filename";
exit;
}
//echo "文件 $filename 写入成功";
echo "——错误记录被保存!";
//关闭文件
fclose($handle);
} else {
echo "文件 $filename 不可写";
}
}
}
echo "<br />";
if ($this->is_error) {
exit;
}
}
echo "</div>";
echo "</fieldset>";
echo "<br />";
}
//释放结果集
public function free() {
@ mysql_free_result($this->result);
}
//数据库选择
public function select_db($db_database) {
return mysql_select_db($db_database);
}
//查询字段数量
public function num_fields($table_name) {
//return mysql_num_fields($this->result);
$this->query("select * from $table_name");
echo "<br />";
echo "字段数:" . $total = mysql_num_fields($this->result);
echo "<pre>";
for ($i = 0; $i < $total; $i++) {
print_r(mysql_fetch_field($this->result, $i));
}
echo "</pre>";
echo "<br />";
}
//取得 MySQL 服务器信息
public function mysql_server($num = '') {
switch ($num) {
case 1 :
return mysql_get_server_info(); //MySQL 服务器信息
break;
case 2 :
return mysql_get_host_info(); //取得 MySQL 主机信息
break;
case 3 :
return mysql_get_client_info(); //取得 MySQL 客户端信息
break;
case 4 :
return mysql_get_proto_info(); //取得 MySQL 协议信息
break;
default :
return mysql_get_client_info(); //默认取得mysql版本信息
}
}
//析构函数,自动关闭数据库,垃圾回收机制
public function __destruct() {
if (!empty ($this->result)) {
$this->free();
}
//mysql_close($this->conn);
} //function __destruct();
/*获得客户端真实的IP地址*/
function getip() {
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) {
$ip = getenv("HTTP_CLIENT_IP");
} else
if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) {
$ip = getenv("HTTP_X_FORWARDED_FOR");
} else
if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) {
$ip = getenv("REMOTE_ADDR");
} else
if (isset ($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) {
$ip = $_SERVER['REMOTE_ADDR'];
} else {
$ip = "unknown";
}
return ($ip);
}
function inject_check($sql_str) { //防止注入
$check = eregi('select|insert|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile', $sql_str);
if ($check) {
echo "输入非法注入内容!";
exit ();
} else {
return $sql_str;
}
}
function checkurl() { //检查来路
if (preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) !== preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])) {
header("Location: http://www.kebeke.com");
exit();
}
}
}
$db=new mysql($db_host, $db_user, $db_pwd, $db_database,$conn,$coding);
?>
2.测试数据库是否连接成功:
1.$db = new action($db_host, $db_user, $db_pwd,$db_database,$conn,$coding); //实例化数据库类;
2.代码测试数据库是否连接成功:
$query=$db->queryquery(select*from p_admin);
$row=$db->fetch_array($query);
echo $row[username];
5、编写后台登录界面;
1.配置后台操作控制类action.class.php:
代码如下:(此代码的目的为了后台判断及跳转)
<?php
class action extends MySQL {
/**
* 用户权限判断($uid, $shell, $m_id)
*/
public function Get_user_shell($uid, $shell) {
$query = $this->select('p_admin', '*', '`uid` = \'' . $uid . '\'');
$us = is_array($row = $this->fetch_array($query));
$shell = $us ? $shell == md5($row[username] . $row[password] . "PHP100") : FALSE;
return $shell ? $row : NULL;
} //end shell
public function Get_user_shell_check($uid, $shell, $m_id = 9) {
if ($row=$this->Get_user_shell($uid, $shell)) {
if ($row[m_id] <= $m_id) {
return $row;
} else {
echo "你无权限操作!";
exit ();
} //end m_id
} else {
$this->Get_admin_msg('index.php','请先登陆');
}
} //end shell
//========================================
/**
* 用户登陆超时时间(秒)
*/
public function Get_user_ontime($long = '3600') {
$new_time = mktime();
$onlinetime = $_SESSION[ontime];
echo $new_time - $onlinetime;
if ($new_time - $onlinetime > $long) {
echo "登录超时";
session_destroy();
exit ();
} else {
$_SESSION[ontime] = mktime();
}
}
/**
* 用户登陆
*/
public function Get_user_login($username, $password) {
$username = str_replace(" ", "", $username);
$query = $this->select('p_admin', '*', '`username` = \'' . $username . '\'');
$us = is_array($row = $this->fetch_array($query));
;
$ps = $us ? md5($password) == $row[password] : FALSE;
if ($ps) {
$_SESSION[uid] = $row[uid];
$_SESSION[shell] = md5($row[username] . $row[password] . "PHP100");
$_SESSION[ontime] = mktime();
$this->Get_admin_msg('main.php','登陆成功!');
} else {
$this->Get_admin_msg('index.php','密码或用户错误!');
session_destroy();
}
}
/**
* 用户退出登陆
*/
public function Get_user_out() {
session_destroy();
$this->Get_admin_msg('index.php','退出成功!');
}
/**
* 后台通用信息提示
*/
public function Get_admin_msg($url, $show = '操作已成功!') {
$msg = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<link rel="stylesheet" href="css/common.css" mce_href="css/common.css" type="text/css" />
<meta http-equiv="refresh" content="2; URL=' . $url . '" />
<title>管理区域</title>
</head>
<body>
<div id="man_zone">
<table width="30%" border="1" align="center" cellpadding="3" cellspacing="0" class="table" style="margin-top:100px;" mce_style="margin-top:100px;">
<tr>
<th align="center" style="background:#cef" mce_style="background:#cef">信息提示</th>
</tr>
<tr>
<td>' . $show . '<br />
2秒后返回指定页面!<br />
如果浏览器无法跳转,<a href="' . $url . '" mce_href="' . $url . '">请点击此处</a>。</td>
</tr>
</table>
</div>
</body>
</html>';
echo $msg;
exit ();
}
//========================
} //end class
?>
2.配置后台配置公共文件:admin_global.php,代码如下:
<?php
session_start(); //通过session进行数据传值
include_once '../configs/config.php';
include_once '../common/db.class.php';
include_once 'common/action.class.php';
include_once 'common/page.class.php';
$db= new action($db_host, $db_user, $db_pwd, $db_database, $conn , $coding);//数据库操作类
$uid= $_SESSION[uid];
$shell= $_SESSION[shell];
?>
4.配置登录界面:
a.首先下载一个登录的模板(html的代码);
b.在html代码前面增加php代码进行登录判断:
代码如下: (此代码为判断登录的用户名及密码是否与数据库一致)
<?php
session_start();
include_once 'admin_global.php';
if((!empty($_POST[username]))&&(!empty($_POST[password]))&&$_POST[submit]){
$r=$db->Get_user_login($_POST["username"],$_POST["password"]);
}
?>
这样,一个完整的框架就已经搭建完成了。现在根据各自的功能的需要,进行2次开发了。