PHP之购物车的代码

该文章记录了购物车的实现代码,仅供参考

book_sc_fns.php

<?php
  include_once('output_fns.php');
include_once('book_fns.php');
include_once('db_fns.php');
include_once("user_auth_fns.php");
include_once("admin_fns.php");
include_once("data_valid_fns.php");
include_once("order_fns.php");
?>

output_fns.php

<?php

function do_html_header($title = '') {
  // print an HTML header

  // declare the session variables we want access to inside the function
  if (!$_SESSION['items']) {
    $_SESSION['items'] = '0';
  }
  if (!$_SESSION['total_price']) {
    $_SESSION['total_price'] = '0.00';
  }
?>
  <html>
  <head>
    <title><?php echo $title; ?></title>
    <style>
      h2 { font-family: Arial, Helvetica, sans-serif; font-size: 22px; color: red; margin: 6px }
      body { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
      li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px }
      hr { color: #FF0000; width=70%; text-align=center}
      a { color: #000000 }
    </style>
  </head>
  <body>
  <table width="100%" border="0" cellspacing="0" bgcolor="#cccccc">
  <tr>
  <td rowspan="2">
  <a href="index.php"><img src="images/Book-O-Rama.gif" alt="Bookorama" border="0"
       align="left" valign="bottom" height="55" width="325"/></a>
  </td>
  <td align="right" valign="bottom">
  <?php
     if(isset($_SESSION['admin_user'])) {
       echo "&nbsp;";
     } else {
       echo "Total Items = ".$_SESSION['items'];
     }
  ?>
  </td>
  <td align="right" rowspan="2" width="135">
  <?php
     if(isset($_SESSION['admin_user'])) {
       display_button('logout.php', 'log-out', 'Log Out');
     } else {
       display_button('show_cart.php', 'view-cart', 'View Your Shopping Cart');
     }
  ?>
  </tr>
  <tr>
  <td align="right" valign="top">
  <?php
     if(isset($_SESSION['admin_user'])) {
       echo "&nbsp;";
     } else {
       echo "Total Price = $".number_format($_SESSION['total_price'],2);
     }
  ?>
  </td>
  </tr>
  </table>
<?php
  if($title) {
    do_html_heading($title);
  }
}

function do_html_footer() {
  // print an HTML footer
?>
  </body>
  </html>
<?php
}

function do_html_heading($heading) {
  // print heading
?>
  <h2><?php echo $heading; ?></h2>
<?php
}

function do_html_URL($url, $name) {
  // output URL as link and br
?>
  <a href="<?php echo $url; ?>"><?php echo $name; ?></a><br />
<?php
}

function display_categories($cat_array) {
  if (!is_array($cat_array)) {
     echo "<p>No categories currently available</p>";
     return;
  }
  echo "<ul>";
  foreach ($cat_array as $row)  {
    $url = "show_cat.php?catid=".$row['catid'];
    $title = $row['catname'];
    echo "<li>";
    do_html_url($url, $title);
    echo "</li>";
  }
  echo "</ul>";
  echo "<hr />";
}

function display_books($book_array) {
  //display all books in the array passed in
  if (!is_array($book_array)) {
    echo "<p>No books currently available in this category</p>";
  } else {
    //create table
    echo "<table width=\"100%\" border=\"0\">";

    //create a table row for each book
    foreach ($book_array as $row) {
      $url = "show_book.php?isbn=".$row['isbn'];
      echo "<tr><td>";
      if (@file_exists("images/".$row['isbn'].".jpg")) {
        $title = "<img src=\"images/".$row['isbn'].".jpg\"
                  style=\"border: 1px solid black\"/>";
        do_html_url($url, $title);
      } else {
        echo "&nbsp;";
      }
      echo "</td><td>";
      $title = $row['title']." by ".$row['author'];
      do_html_url($url, $title);
      echo "</td></tr>";
    }

    echo "</table>";
  }

  echo "<hr />";
}

function display_book_details($book) {
  // display all details about this book
  if (is_array($book)) {
    echo "<table><tr>";
    //display the picture if there is one
    if (@file_exists("images/".$book['isbn'].".jpg"))  {
      $size = GetImageSize("images/".$book['isbn'].".jpg");
      if(($size[0] > 0) && ($size[1] > 0)) {
        echo "<td><img src=\"images/".$book['isbn'].".jpg\"
              style=\"border: 1px solid black\"/></td>";
      }
    }
    echo "<td><ul>";
    echo "<li><strong>Author:</strong> ";
    echo $book['author'];
    echo "</li><li><strong>ISBN:</strong> ";
    echo $book['isbn'];
    echo "</li><li><strong>Our Price:</strong> ";
    echo number_format($book['price'], 2);
    echo "</li><li><strong>Description:</strong> ";
    echo $book['description'];
    echo "</li></ul></td></tr></table>";
  } else {
    echo "<p>The details of this book cannot be displayed at this time.</p>";
  }
  echo "<hr />";
}

function display_checkout_form() {
  //display the form that asks for name and address
?>
  <br />
  <table border="0" width="100%" cellspacing="0">
  <form action="purchase.php" method="post">
  <tr><th colspan="2" bgcolor="#cccccc">Your Details</th></tr>
  <tr>
    <td>Name</td>
    <td><input type="text" name="name" value="" maxlength="40" size="40"/></td>
  </tr>
  <tr>
    <td>Address</td>
    <td><input type="text" name="address" value="" maxlength="40" size="40"/></td>
  </tr>
  <tr>
    <td>City/Suburb</td>
    <td><input type="text" name="city" value="" maxlength="20" size="40"/></td>
  </tr>
  <tr>
    <td>State/Province</td>
    <td><input type="text" name="state" value="" maxlength="20" size="40"/></td>
  </tr>
  <tr>
    <td>Postal Code or Zip Code</td>
    <td><input type="text" name="zip" value="" maxlength="10" size="40"/></td>
  </tr>
  <tr>
    <td>Country</td>
    <td><input type="text" name="country" value="" maxlength="20" size="40"/></td>
  </tr>
  <tr><th colspan="2" bgcolor="#cccccc">Shipping Address (leave blank if as above)</th></tr>
  <tr>
    <td>Name</td>
    <td><input type="text" name="ship_name" value="" maxlength="40" size="40"/></td>
  </tr>
  <tr>
    <td>Address</td>
    <td><input type="text" name="ship_address" value="" maxlength="40" size="40"/></td>
  </tr>
  <tr>
    <td>City/Suburb</td>
    <td><input type="text" name="ship_city" value="" maxlength="20" size="40"/></td>
  </tr>
  <tr>
    <td>State/Province</td>
    <td><input type="text" name="ship_state" value="" maxlength="20" size="40"/></td>
  </tr>
  <tr>
    <td>Postal Code or Zip Code</td>
    <td><input type="text" name="ship_zip" value="" maxlength="10" size="40"/></td>
  </tr>
  <tr>
    <td>Country</td>
    <td><input type="text" name="ship_country" value="" maxlength="20" size="40"/></td>
  </tr>
  <tr>
    <td colspan="2" align="center"><p><strong>Please press Purchase to confirm
         your purchase, or Continue Shopping to add or remove items.</strong></p>
     <?php display_form_button("purchase", "Purchase These Items"); ?>
    </td>
  </tr>
  </form>
  </table><hr />
<?php
}

function display_shipping($shipping) {
  // display table row with shipping cost and total price including shipping
?>
  <table border="0" width="100%" cellspacing="0">
  <tr><td align="left">Shipping</td>
      <td align="right"> <?php echo number_format($shipping, 2); ?></td></tr>
  <tr><th bgcolor="#cccccc" align="left">TOTAL INCLUDING SHIPPING</th>
      <th bgcolor="#cccccc" align="right">$ <?php echo number_format($shipping+$_SESSION['total_price'], 2); ?></th>
  </tr>
  </table><br />
<?php
}

function display_card_form($name) {
  //display form asking for credit card details
?>
  <table border="0" width="100%" cellspacing="0">
  <form action="process.php" method="post">
  <tr><th colspan="2" bgcolor="#cccccc">Credit Card Details</th></tr>
  <tr>
    <td>Type</td>
    <td><select name="card_type">
        <option value="VISA">VISA</option>
        <option value="MasterCard">MasterCard</option>
        <option value="American Express">American Express</option>
        </select>
    </td>
  </tr>
  <tr>
    <td>Number</td>
    <td><input type="text" name="card_number" value="" maxlength="16" size="40"></td>
  </tr>
  <tr>
    <td>AMEX code (if required)</td>
    <td><input type="text" name="amex_code" value="" maxlength="4" size="4"></td>
  </tr>
  <tr>
    <td>Expiry Date</td>
    <td>Month
       <select name="card_month">
       <option value="01">01</option>
       <option value="02">02</option>
       <option value="03">03</option>
       <option value="04">04</option>
       <option value="05">05</option>
       <option value="06">06</option>
       <option value="07">07</option>
       <option value="08">08</option>
       <option value="09">09</option>
       <option value="10">10</option>
       <option value="11">11</option>
       <option value="12">12</option>
       </select>
       Year
       <select name="card_year">
       <?
       for ($y = date("Y"); $y < date("Y") + 10; $y++) {
         echo "<option value=\"".$y."\">".$y."</option>";
       }
       ?>
       </select>
  </tr>
  <tr>
    <td>Name on Card</td>
    <td><input type="text" name="card_name" value = "<?php echo $name; ?>" maxlength="40" size="40"></td>
  </tr>
  <tr>
    <td colspan="2" align="center">
      <p><strong>Please press Purchase to confirm your purchase, or Continue Shopping to
      add or remove items</strong></p>
     <?php display_form_button('purchase', 'Purchase These Items'); ?>
    </td>
  </tr>
  </table>
<?php
}

function display_cart($cart, $change = true, $images = 1) {
  // display items in shopping cart
  // optionally allow changes (true or false)
  // optionally include images (1 - yes, 0 - no)

   echo "<table border=\"0\" width=\"100%\" cellspacing=\"0\">
         <form action=\"show_cart.php\" method=\"post\">
         <tr><th colspan=\"".(1 + $images)."\" bgcolor=\"#cccccc\">Item</th>
         <th bgcolor=\"#cccccc\">Price</th>
         <th bgcolor=\"#cccccc\">Quantity</th>
         <th bgcolor=\"#cccccc\">Total</th>
         </tr>";

  //display each item as a table row
  foreach ($cart as $isbn => $qty)  {
    $book = get_book_details($isbn);
    echo "<tr>";
    if($images == true) {
      echo "<td align=\"left\">";
      if (file_exists("images/".$isbn.".jpg")) {
         $size = GetImageSize("images/".$isbn.".jpg");
         if(($size[0] > 0) && ($size[1] > 0)) {
           echo "<img src=\"images/".$isbn.".jpg\"
                  style=\"border: 1px solid black\"
                  width=\"".($size[0]/3)."\"
                  height=\"".($size[1]/3)."\"/>";
         }
      } else {
         echo "&nbsp;";
      }
      echo "</td>";
    }
    echo "<td align=\"left\">
          <a href=\"show_book.php?isbn=".$isbn."\">".$book['title']."</a>
          by ".$book['author']."</td>
          <td align=\"center\">\$".number_format($book['price'], 2)."</td>
          <td align=\"center\">";

    // if we allow changes, quantities are in text boxes
    if ($change == true) {
      echo "<input type=\"text\" name=\"".$isbn."\" value=\"".$qty."\" size=\"3\">";
    } else {
      echo $qty;
    }
    echo "</td><td align=\"center\">\$".number_format($book['price']*$qty,2)."</td></tr>\n";
  }
  // display total row
  echo "<tr>
        <th colspan=\"".(2+$images)."\" bgcolor=\"#cccccc\">&nbsp;</td>
        <th align=\"center\" bgcolor=\"#cccccc\">".$_SESSION['items']."</th>
        <th align=\"center\" bgcolor=\"#cccccc\">
            \$".number_format($_SESSION['total_price'], 2)."
        </th>
        </tr>";

  // display save change button
  if($change == true) {
    echo "<tr>
          <td colspan=\"".(2+$images)."\">&nbsp;</td>
          <td align=\"center\">
             <input type=\"hidden\" name=\"save\" value=\"true\"/>
             <input type=\"image\" src=\"images/save-changes.gif\"
                    border=\"0\" alt=\"Save Changes\"/>
          </td>
          <td>&nbsp;</td>
          </tr>";
  }
  echo "</form></table>";
}

function display_login_form() {
  // dispaly form asking for name and password
?>
 <form method="post" action="admin.php">
 <table bgcolor="#cccccc">
   <tr>
     <td>Username:</td>
     <td><input type="text" name="username"/></td></tr>
   <tr>
     <td>Password:</td>
     <td><input type="password" name="passwd"/></td></tr>
   <tr>
     <td colspan="2" align="center">
     <input type="submit" value="Log in"/></td></tr>
   <tr>
 </table></form>
<?php
}

function display_admin_menu() {
?>
<br />
<a href="index.php">Go to main site</a><br />
<a href="insert_category_form.php">Add a new category</a><br />
<a href="insert_book_form.php">Add a new book</a><br />
<a href="change_password_form.php">Change admin password</a><br />
<?php
}

function display_button($target, $image, $alt) {
  echo "<div align=\"center\"><a href=\"".$target."\">
          <img src=\"images/".$image.".gif\"
           alt=\"".$alt."\" border=\"0\" height=\"50\"
           width=\"135\"/></a></div>";
}

function display_form_button($image, $alt) {
  echo "<div align=\"center\"><input type=\"image\"
           src=\"images/".$image.".gif\"
           alt=\"".$alt."\" border=\"0\" height=\"50\"
           width=\"135\"/></div>";
}

?>

book_fns.php

<?php
function get_categories() {
  $conn = db_connect();
  $query = "select catid, catname from categories";
  $result = @$conn -> query($query);
  if (!$result) {
    return false;
  }

  $num_cats = @$result -> num_rows;
  if ($num_cats == 0) {
    return false;
  }

  $result = db_result_to_array($result);
  return $result;
}

function get_category_name($catid) {
  $conn = db_connect();
  $query = "select catname from categories where catid = ".$catid."";
  $result = @$conn -> query($query);
  if (!$result) {
    return false;
  }

  $num_cats = @$result -> num_rows;
  if ($num_cats == 0) {
    return false;
  }

  $row = $result -> fetch_object();
  return $row -> catname;
}

function get_books($catid) {
  $conn = db_connect();
  $query = "select * from books where catid = ".$catid."";
  $result = @$conn -> query($query);
  if (!$result) {
    return false;
  }

  $num_cats = @$result -> num_rows;
  if ($num_cats == 0) {
    return false;
  }

  $result = db_result_to_array($result);
  return $result;
}

function get_book_details($isbn) {
  if ((!$isbn) || $isbn == '') {
    return false;
  }
  $conn = db_connect();
  $query = "select * from books where isbn = ".$isbn."";
  $result = @$conn -> query($query);
  if (!$result) {
    return false;
  }

  $row = @$result -> fetch_assoc();
  return $row;
}

function calculate_price($cart) {
  $price = 0;
  if (is_array($cart)) {
    $conn = db_connect();
    foreach ($cart as $isbn => $qty) {
      $query = "select price from books where isbn='".$isbn."'";
      $result = $conn -> query($query);
      if ($result) {
        $items = $result -> fetch_object();
        $item_price = $items -> price;
        $price += $item_price * $qty;
      }
    }
  }

  return $price;
}

function calculate_items($cart) {
  $items = 0;
  if (is_array($cart)) {
    $conn = db_connect();
    foreach ($cart as $isbn => $qty) {
      $items += $qty;
      }
  }

  return $items;
}

function calculate_shipping_cost() {
  return 20.00;
}
?>

db_fns.php

<?php

function db_connect() {
   $result = new mysqli('127.0.0.1', 'book_sc', 'password', 'book_sc');
   if (!$result) {
      return false;
   }
   $result->autocommit(TRUE);
   return $result;
}

function db_result_to_array($result) {
   $res_array = array();

   for ($count=0; $row = $result->fetch_assoc(); $count++) {
     $res_array[$count] = $row;
   }

   return $res_array;
}

?>

user_auth_fns.php

<?php

require_once('db_fns.php');

function login($username, $password) {
// check username and password with db
// if yes, return true
// else return false

  // connect to db
  $conn = db_connect();
  if (!$conn) {
    return 0;
  }

  // check if username is unique
  $result = $conn->query("select * from admin
                         where username='".$username."'
                         and password = sha1('".$password."')");
  

  if (!$result) {
     return 0;
  }

  if ($result->num_rows>0) {
     return 1;
  } else {
     return 0;
  }
}

function check_admin_user() {
// see if somebody is logged in and notify them if not

  if (isset($_SESSION['admin_user'])) {
    return true;
  } else {
    return false;
  }
}

function change_password($username, $old_password, $new_password) {
// change password for username/old_password to new_password
// return true or false

  // if the old password is right
  // change their password to new_password and return true
  // else return false
  if (login($username, $old_password)) {

    if (!($conn = db_connect())) {
      return false;
    }

    $result = $conn->query("update admin
                            set password = sha1('".$new_password."')
                            where username = '".$username."'");
    if (!$result) {
      return false;  // not changed
    } else {
      return true;  // changed successfully
    }
  } else {
    return false; // old password was wrong
  }
}


?>

admin_fns.php

<?php
// This file contains functions used by the admin interface
// for the Book-O-Rama shopping cart.

function display_category_form($category = '') {
// This displays the category form.
// This form can be used for inserting or editing categories.
// To insert, don't pass any parameters.  This will set $edit
// to false, and the form will go to insert_category.php.
// To update, pass an array containing a category.  The
// form will contain the old data and point to update_category.php.
// It will also add a "Delete category" button.

  // if passed an existing category, proceed in "edit mode"
  $edit = is_array($category);

  // most of the form is in plain HTML with some
  // optional PHP bits throughout
?>
  <form method="post"
      action="<?php echo $edit ? 'edit_category.php' : 'insert_category.php'; ?>">
  <table border="0">
  <tr>
    <td>Category Name:</td>
    <td><input type="text" name="catname" size="40" maxlength="40"
          value="<?php echo $edit ? $category['catname'] : ''; ?>" /></td>
   </tr>
  <tr>
    <td <?php if (!$edit) { echo "colspan=2";} ?> align="center">
      <?php
         if ($edit) {
            echo "<input type=\"hidden\" name=\"catid\" value=\"".$category['catid']."\" />";
         }
      ?>
      <input type="submit"
       value="<?php echo $edit ? 'Update' : 'Add'; ?> Category" /></form>
     </td>
     <?php
        if ($edit) {
          //allow deletion of existing categories
          echo "<td>
                <form method=\"post\" action=\"delete_category.php\">
                <input type=\"hidden\" name=\"catid\" value=\"".$category['catid']."\" />
                <input type=\"submit\" value=\"Delete category\" />
                </form></td>";
       }
     ?>
  </tr>
  </table>
<?php
}

function display_book_form($book = '') {
// This displays the book form.
// It is very similar to the category form.
// This form can be used for inserting or editing books.
// To insert, don't pass any parameters.  This will set $edit
// to false, and the form will go to insert_book.php.
// To update, pass an array containing a book.  The
// form will be displayed with the old data and point to update_book.php.
// It will also add a "Delete book" button.


  // if passed an existing book, proceed in "edit mode"
  $edit = is_array($book);

  // most of the form is in plain HTML with some
  // optional PHP bits throughout
?>
  <form method="post"
        action="<?php echo $edit ? 'edit_book.php' : 'insert_book.php';?>">
  <table border="0">
  <tr>
    <td>ISBN:</td>
    <td><input type="text" name="isbn"
         value="<?php echo $edit ? $book['isbn'] : ''; ?>" /></td>
  </tr>
  <tr>
    <td>Book Title:</td>
    <td><input type="text" name="title"
         value="<?php echo $edit ? $book['title'] : ''; ?>" /></td>
  </tr>
  <tr>
    <td>Book Author:</td>
    <td><input type="text" name="author"
         value="<?php echo $edit ? $book['author'] : ''; ?>" /></td>
   </tr>
   <tr>
      <td>Category:</td>
      <td><select name="catid">
      <?php
          // list of possible categories comes from database
          $cat_array=get_categories();
          foreach ($cat_array as $thiscat) {
               echo "<option value=\"".$thiscat['catid']."\"";
               // if existing book, put in current catgory
               if (($edit) && ($thiscat['catid'] == $book['catid'])) {
                   echo " selected";
               }
               echo ">".$thiscat['catname']."</option>";
          }
          ?>
          </select>
        </td>
   </tr>
   <tr>
    <td>Price:</td>
    <td><input type="text" name="price"
               value="<?php echo $edit ? $book['price'] : ''; ?>" /></td>
   </tr>
   <tr>
     <td>Description:</td>
     <td><textarea rows="3" cols="50"
          name="description"><?php echo $edit ? $book['description'] : ''; ?></textarea></td>
    </tr>
    <tr>
      <td <?php if (!$edit) { echo "colspan=2"; }?> align="center">
         <?php
            if ($edit)
             // we need the old isbn to find book in database
             // if the isbn is being updated
             echo "<input type=\"hidden\" name=\"oldisbn\"
                    value=\"".$book['isbn']."\" />";
         ?>
        <input type="submit"
               value="<?php echo $edit ? 'Update' : 'Add'; ?> Book" />
        </form></td>
        <?php
           if ($edit) {
             echo "<td>
                   <form method=\"post\" action=\"delete_book.php\">
                   <input type=\"hidden\" name=\"isbn\"
                    value=\"".$book['isbn']."\" />
                   <input type=\"submit\" value=\"Delete book\"/>
                   </form></td>";
            }
          ?>
         </td>
      </tr>
  </table>
  </form>
<?php
}

function display_password_form() {
// displays html change password form
?>
   <br />
   <form action="change_password.php" method="post">
   <table width="250" cellpadding="2" cellspacing="0" bgcolor="#cccccc">
   <tr><td>Old password:</td>
       <td><input type="password" name="old_passwd" size="16" maxlength="16" /></td>
   </tr>
   <tr><td>New password:</td>
       <td><input type="password" name="new_passwd" size="16" maxlength="16" /></td>
   </tr>
   <tr><td>Repeat new password:</td>
       <td><input type="password" name="new_passwd2" size="16" maxlength="16" /></td>
   </tr>
   <tr><td colspan=2 align="center"><input type="submit" value="Change password">
   </td></tr>
   </table>
   <br />
<?php
}

function insert_category($catname) {
// inserts a new category into the database

   $conn = db_connect();

   // check category does not already exist
   $query = "select *
             from categories
             where catname='".$catname."'";
   $result = $conn->query($query);
   if ((!$result) || ($result->num_rows!=0)) {
     return false;
   }

   // insert new category
   $query = "insert into categories values
            (0, '".$catname."')";
     
   $result = $conn->query($query);
   if (!$result) {
     return false;
   } else {
     return true;
   }
}

function insert_book($isbn, $title, $author, $catid, $price, $description) {
// insert a new book into the database

   $conn = db_connect();

   // check book does not already exist
   $query = "select *
             from books
             where isbn='".$isbn."'";

   $result = $conn->query($query);
   if ((!$result) || ($result->num_rows!=0)) {
     return false;
   }

   // insert new book
   $query = "insert into books values
            ('".$isbn."', '".$author."', '".$title."',
             '".$catid."', '".$price."', '".$description."')";

   $result = $conn->query($query);
   if (!$result) {
     return false;
   } else {
     return true;
   }
}

function update_category($catid, $catname) {
// change the name of category with catid in the database

   $conn = db_connect();

   $query = "update categories
             set catname='".$catname."'
             where catid='".$catid."'";
   $result = @$conn->query($query);
   if (!$result) {
     return false;
   } else {
     return true;
   }
}

function update_book($oldisbn, $isbn, $title, $author, $catid,
                     $price, $description) {
// change details of book stored under $oldisbn in
// the database to new details in arguments

   $conn = db_connect();

   $query = "update books
             set isbn= '".$isbn."',
             title = '".$title."',
             author = '".$author."',
             catid = '".$catid."',
             price = '".$price."',
             description = '".$description."'
             where isbn = '".$oldisbn."'";

   $result = @$conn->query($query);
   if (!$result) {
     return false;
   } else {
     return true;
   }
}

function delete_category($catid) {
// Remove the category identified by catid from the db
// If there are books in the category, it will not
// be removed and the function will return false.

   $conn = db_connect();

   // check if there are any books in category
   // to avoid deletion anomalies
   $query = "select *
             from books
             where catid=".$catid."";

   $result = @$conn->query($query);
   if ((!$result) || (@$result->num_rows > 0)) {
     return false;
   }

   $query = "delete from categories
             where catid='".$catid."'";
   $result = @$conn->query($query);
   if (!$result) {
     return false;
   } else {
     return true;
   }
}


function delete_book($isbn) {
// Deletes the book identified by $isbn from the database.

   $conn = db_connect();

   $query = "delete from books
             where isbn='".$isbn."'";
   $result = @$conn->query($query);
   if (!$result) {
     return false;
   } else {
     return true;
   }
}

?>

data_valid_fns.php

<?php

function filled_out($form_vars) {
  // test that each variable has a value
  foreach ($form_vars as $key => $value) {
     if ((!isset($key)) || ($value == '')) {
        return false;
     }
  }
  return true;
}

function valid_email($address) {
  // check an email address is possibly valid
  if (ereg("^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$", $address)) {
    return true;
  } else {
    return false;
  }
}

?>

order_fns.php

<?php
function process_card($card_details) {
  // connect to payment gateway or
  // use gpg to encrypt and mail or
  // store in DB if you really want to

  return true;
}

function insert_order($order_details) {
  // extract order_details out as variables
  extract($order_details);

  // set shipping address same as address
  if((!$ship_name) && (!$ship_address) && (!$ship_city) && (!$ship_state) && (!$ship_zip) && (!$ship_country)) {
    $ship_name = $name;
    $ship_address = $address;
    $ship_city = $city;
    $ship_state = $state;
    $ship_zip = $zip;
    $ship_country = $country;
  }

  $conn = db_connect();

  // we want to insert the order as a transaction
  // start one by turning off autocommit
  $conn->autocommit(FALSE);

  // insert customer address
  $query = "select customerid from customers where
            name = '".$name."' and address = '".$address."'
            and city = '".$city."' and state = '".$state."'
            and zip = '".$zip."' and country = '".$country."'";

  $result = $conn->query($query);

  if($result->num_rows>0) {
    $customer = $result->fetch_object();
    $customerid = $customer->customerid;
  } else {
    $query = "insert into customers values
            (0, '".$name."','".$address."','".$city."','".$state."','".$zip."','".$country."')";
    $result = $conn->query($query);

    if (!$result) {
       return false;
    }
  }

  $customerid = $conn->insert_id;

  $date = date("Y-m-d");

  $query = "insert into orders values
            (0, '".$customerid."', '".$_SESSION['total_price']."', '".$date."', '".'PARTIAL'."',
             '".$ship_name."', '".$ship_address."', '".$ship_city."', '".$ship_state."',
             '".$ship_zip."', '".$ship_country."')";

  $result = $conn->query($query);
  if (!$result) {
    return false;
  }

  $query = "select orderid from orders where
               customerid = '".$customerid."' and
               amount > (".$_SESSION['total_price']."-.001) and
               amount < (".$_SESSION['total_price']."+.001) and
               date = '".$date."' and
               order_status = 'PARTIAL' and
               ship_name = '".$ship_name."' and
               ship_address = '".$ship_address."' and
               ship_city = '".$ship_city."' and
               ship_state = '".$ship_state."' and
               ship_zip = '".$ship_zip."' and
               ship_country = '".$ship_country."'";

  $result = $conn->query($query);

  if($result->num_rows>0) {
    $order = $result->fetch_object();
    $orderid = $order->orderid;
  } else {
    return false;
  }

  // insert each book
  foreach($_SESSION['cart'] as $isbn => $quantity) {
    $detail = get_book_details($isbn);
    $query = "delete from order_items where
              orderid = '".$orderid."' and isbn = '".$isbn."'";
    $result = $conn->query($query);
    $query = "insert into order_items values
              ('".$orderid."', '".$isbn."', ".$detail['price'].", $quantity)";
    $result = $conn->query($query);
    if(!$result) {
      return false;
    }
  }

  // end transaction
  $conn->commit();
  $conn->autocommit(TRUE);

  return $orderid;
}

?>

index.php

<?php
require_once("book_sc_fns.php");

// The shopping cart needs sessions, so start one 
session_start();
// Display header 
do_html_header("Book-store");
// Show cat title
echo "<p>Please chose a category: </p>";

$cat_array = get_categories();
display_categories($cat_array);

// If login as admin, show add, delete, edit cat link
if (isset($_SESSION['admin_user'])) {
    display_button("admin.php", "admin-menu", "Admin Menu");
}
do_html_footer(); 
?>

login.php

<?php
require_once("book_sc_fns.php");
do_html_header("Administration");
display_login_form();
do_html_footer();
?>

logout.php

<?php

// include function files for this application
require_once('book_sc_fns.php');
session_start();
$old_user = $_SESSION['admin_user'];  // store  to test if they *were* logged in
unset($_SESSION['admin_user']);
session_destroy();

// start output html
do_html_header("Logging Out");

if (!empty($old_user)) {
  echo "<p>Logged out.</p>";
  do_html_url("login.php", "Login");
} else {
  // if they weren't logged in but came to this page somehow
  echo "<p>You were not logged in, and so have not been logged out.</p>";
  do_html_url("login.php", "Login");
}

do_html_footer();

?>

admin.php

<?php
require_once("book_sc_fns.php");
session_start();
if ($_POST["username"] && $_POST["passwd"]) {
    $username = $_POST["username"];
    $passwd = $_POST["passwd"];

    if (login($username, $passwd)) {
        $_SESSION["admin_user"] = $username;
    }else {
        do_html_header("Problem:");
        echo "<p>You could not be logged in.<br />
                You must be logged in to view this page.</p>";
        do_html_url("login.php", "Login");
        do_html_footer();
        exit;
    }
}

do_html_header("Administrtion");
if (check_admin_user()) {
    display_admin_menu();
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}
do_html_footer();
?>

insert_book_form.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Add a category");

if (check_admin_user()) {
    display_book_form();
    do_html_url("admin.php", "Back to administration menu");
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

insert_book.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Adding a book");

if (check_admin_user()) {
    if (filled_out($_POST)) {
        $isbn = $_POST['isbn'];
        $title = $_POST['title'];
        $author = $_POST['author'];
        $catid = $_POST['catid'];
        $price = $_POST['price'];
        $description = $_POST['description'];
        if (insert_book($isbn, $title, $author, $catid, $price, $description)) {
            echo "<p>Book <em>".stripslashes($title)."</em> was added to the database.</p>";
        }else {
            echo "<p>Book <em>".stripslashes($title)."</em> could not be added to the database.</p>";
        }
    }else {
        echo "<p>You have not filled out the form. Please try again</p>";
    }
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

insert_category_form.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Add a category");

if (check_admin_user()) {
    display_category_form();
    do_html_url("admin.php", "Back to administration menu");
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

insert_category.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Adding a category");

if (check_admin_user()) {
    if (filled_out($_POST)) {
        $catname = $_POST['catname'];
        if (insert_category($catname)) {
            echo "<p>Category \"".$catname."\" was added to the database.</p>";
        }else {
            echo "<p>Category \"".$catname."\" could not be added to the database.</p>";
        }
    }else {
        echo "<p>You have not filled out the form. Please try again</p>";
    }
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

delete_book.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Deleting book");

if (check_admin_user()) {
    if (isset($_POST['isbn'])) {
        if (delete_book($_POST['isbn'])) {
            echo "<p>Book was deleted.</p>";
        }else {
            echo "<p>Book could not be deleted.</p>";
        }
    }else {
        echo "<p>No Book specified. Please try again</p>";
    }
    do_html_url("admin.php", "Back to administation menu");
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}



do_html_footer();
?>

delete_category.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Deleting category");

if (check_admin_user()) {
    if (isset($_POST['catid'])) {
        if (delete_category($_POST['catid'])) {
            echo "<p>Category was deleted.</p>";
        }else {
            echo "<p>Category could not be deleted.</p>";
        }
    }else {
        echo "<p>No category specified. Please try again</p>";
    }
    do_html_url("admin.php", "Back to administation menu");
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

edit_book_form.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Edit book details");

if (check_admin_user()) {
    if ($book = get_book_details($_GET['isbn'])) {
        display_book_form($book);
    }else {
        echo "<p>Could not retrieve book details.</p>";
    }
    do_html_url("admin.php", "Back to administration menu");
}else { 
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

edit_book.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Updating book");

if (check_admin_user()) {
    if (filled_out($_POST)) {
        $old_isbn = $_POST['oldisbn'];
        $isbn = $_POST['isbn'];
        $title = $_POST['title'];
        $author = $_POST['author'];
        $catid = $_POST['catid'];
        $price = $_POST['price'];
        $description = $_POST['description'];
        if (update_book($old_isbn, $isbn, $title, $author, $catid, $price, $description)) {
            echo "<p>Book was updated.</p>";
        }else {
            echo "<p>Book could not be updated.</p>";
        }
    }else {
        echo "<p>You have not filled out the form. Please try again</p>";
    }
    do_html_url("admin.php", "Back to administation menu");
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

edit_category_form.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Edit category");

if (check_admin_user()) {
    if ($catname = get_category_name($_GET['catid'])) {
        $catid = $_GET['catid'];
        $cat = compact('catname', 'catid');
        display_category_form($cat);
    }else {
        echo "<p>Could not retrieve catogory details.</p>";
    }
    do_html_url("admin.php", "Back to administration menu");
}else { 
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

edit_category.php

<?php
require_once("book_sc_fns.php");
session_start();
do_html_header("Updating category");

if (check_admin_user()) {
    if (filled_out($_POST)) {
        if (update_category($_POST['catid'], $_POST['catname'])) {
            echo "<p>Category was updated.</p>";
        }else {
            echo "<p>Category could not be updated.</p>";
        }
    }else {
        echo "<p>You have not filled out the form. Please try again</p>";
    }
    do_html_url("admin.php", "Back to administation menu");
}else {
    echo "<p>You are not authorized to enter the administration area.</p>";
}

do_html_footer();
?>

change_password_form.php

<?php
require_once('book_sc_fns.php');
 session_start();
 do_html_header("Change administrator password");
 check_admin_user();

 display_password_form();

 do_html_url("admin.php", "Back to administration menu");
 do_html_footer();
?>

change_password.php

<?php
 require_once('book_sc_fns.php');
 session_start();
 do_html_header('Changing password');
 check_admin_user();
 if (!filled_out($_POST)) {
   echo "<p>You have not filled out the form completely.<br/>
         Please try again.</p>";
   do_html_url("admin.php", "Back to administration menu");
   do_html_footer();
   exit;
 } else {
   $new_passwd = $_POST['new_passwd'];
   $new_passwd2 = $_POST['new_passwd2'];
   $old_passwd = $_POST['old_passwd'];
   if ($new_passwd != $new_passwd2) {
      echo "<p>Passwords entered were not the same.  Not changed.</p>";
   } else if ((strlen($new_passwd)>16) || (strlen($new_passwd)<6)) {
      echo "<p>New password must be between 6 and 16 characters.  Try again.</p>";
   } else {
      // attempt update
      if (change_password($_SESSION['admin_user'], $old_passwd, $new_passwd)) {
         echo "<p>Password changed.</p>";
      } else {
         echo "<p>Password could not be changed.</p>";
      }
   }
 }
 do_html_url("admin.php", "Back to administration menu");
 do_html_footer();
?>

checkout.php

<?php
include("book_sc_fns.php");
session_start();
do_html_header("Checkout");

if (($_SESSION['cart']) && (array_count_values($_SESSION['cart']))) {
    display_cart($_SESSION['cart'], false, 0);
    display_checkout_form();
}else {
    echo "<p>There are no items in your cart</p>";
}

display_button("show_cart.php", "continue-shopping", "Continue Shopping");

do_html_footer();
?>

process.php

<?php
include("book_sc_fns.php");
session_start();

do_html_header("Checkout");

$card_type = $_POST['card_type'];
$card_number = $_POST['card_number'];
$card_month = $_POST['card_month'];
$card_year = $_POST['card_year'];
$card_name = $_POST['card_name'];

if ($_SESSION["cart"] && ($card_type) && ($card_number) 
                    && ($card_month) && ($card_year) && ($card_name)) {
   display_cart($_SESSION['cart'], false, 0);
   display_shipping(calculate_shipping_cost());

   if (process_card($_POST)) {
       session_destroy();
       echo "<p>Thank you for shopping with us.Your order has been placed.</p>";
       display_button("index.php", "continue-shopping", "Continue Shopping");
   }else {
       echo "<p>Could not process your card.Please contact the card issuer or try again.</p>";
       display_button("purchase.php", "back", "Back");
   }
}else {
    echo "<p>You did not fill in all the fields, please try again.</p><hr />";
    display_button("purchase.php", "back", "Back");
}

do_html_footer();

?>

purchase.php

<?php
include("book_sc_fns.php");
session_start();
do_html_header("Checkout");

// Info
$name = $_POST['name'];
$address = $_POST['address'];
$city = $_POST['city'];
$zip = $_POST['zip'];
$country = $_POST['country'];

// Check if filled out 
if (($_SESSION['cart']) && ($name) && ($address) && ($city) && ($zip) && ($country)) {
    if ((insert_order($_POST)) != false) {
        display_cart($_SESSION['cart'], false, 0); 
        display_shipping(calculate_shipping_cost());
         
        display_card_form($name);
        display_button('show_cart.php', 'continue-shopping', 'Continu Shopping'); 
    }else {
      echo "<p>Could not store data, please try again.</p><hr />";
      display_button('checkout.php', 'back', 'back');  
    }
}else {
    echo "<p>You did not fill in all the fields, please try again.</p><hr />";
    display_button('checkout.php', 'back', 'back');
}

do_html_footer();
?>

show_book.php

<?php

// include function files for this application
require_once('book_sc_fns.php');
session_start();

$isbn = $_GET['isbn'];
$book = get_book_details($isbn);
do_html_header($book['title']);

display_book_details($book);

$target = "index.php";
if ($book['catid']) {
    $target = "show_cat.php?catid=".$book['catid']."";
}
if (check_admin_user()) {
  display_button("edit_book_form.php?isbn=".$isbn."", "edit-item", "Edit Book");
  display_button("admin.php", "admin-menu", "Admin Menu");
  display_button($target, "continue", "Continue");
}else {
  display_button("show_cart.php?new=".$isbn."", "add-to-cart", "Add ".$book['title']." To My Shopping Cart");
  display_button($target, "continue-shopping", "Continue Shopping");
}
do_html_footer();

?>

show_cart.php

<?php
include("book_sc_fns.php");
session_start();

@$new = $_GET['new'];
if ($new) {
    // If cart is null create a new cat
    if (!isset($_SESSION['cart'])) {
        $_SESSION['cart'] = array();
        $_SESSION['item'] = 0;
        $_SESSION['total_price'] = '0.00';
    }

    // book count
    if (isset($_SESSION['cart'][$new])) {
        $_SESSION['cart'][$new] ++;
    }else {
        $_SESSION['cart'][$new] = 1;
    }

    $_SESSION['total_price'] = calculate_price($_SESSION['cart']);
    $_SESSION['items'] = calculate_items($_SESSION['cart']);
}

// Save
if (isset($_POST['save'])) {
    foreach ($_SESSION['cart'] as $isbn => $qty) {
        if ($_POST[$isbn] == '0') {
            unset($_SESSION['cart'][$isbn]);
        }else {
            $_SESSION['cart'][$isbn] = $_POST[$isbn];
        }
    }

    $_SESSION['total_price'] = calculate_price($_SESSION['cart']);
    $_SESSION['items'] = calculate_items($_SESSION['cart']);
}

do_html_header("Your shopping cart");

// Display the cart
if ($_SESSION['cart'] && (array_count_values($_SESSION['cart']))) {
    display_cart($_SESSION['cart']);
}else {
    echo "<p>There are no items in your cart</p><hr />";
}

$target = "index.php";
if ($new) {
    $detail = get_book_details($new);
    if ($detail['catid']) {
        $target = "show_cat.php?catid=".$detail['catid'];
    }
}

display_button($target, "continue-shopping", "Continue Shopping");
display_button("checkout.php", "go-to-checkout", "Go To Checkout");

do_html_footer();
?>

show_cat.php

<?php

// include function files for this application
require_once('book_sc_fns.php');
session_start();

$catid = $_GET['catid'];
$name = get_category_name($catid);

do_html_header($name);

// Get books
$book_array = get_books($catid);
display_books($book_array);

if (isset($_SESSION['admin_user'])) {
  display_button("index.php", "continue", "Continue Shopping");
  display_button("admin.php", "admin-menu", "Admin Menu");
  display_button("edit_category_form.php?catid=".$catid."", "edit-category", "Edit category");
}else {
  display_button("index.php", "continue-shopping", "Continue Shopping");
}
do_html_footer();

?>

说明

全部文件下载地址:https://pan.baidu.com/s/1pL50Ql9

posted @ 2016-11-14 14:21  马在路上  阅读(1427)  评论(0编辑  收藏  举报