:::
4. 第三天範例
4-1 index.php
<?php
/*引入檔案(初始設定)*/
require_once 'header.php';
$page_title = '活動報名系統';
/*執行流程*/
try
{
$action_id = isset($_REQUEST['action_id']) ? intval($_REQUEST['action_id']) : '';
switch ($op) {
//登入
case 'login':
login();
header("location: index.php");
exit;
case 'logout':
logout();
header("location: index.php");
exit;
case "regist":
break;
case "insert_user":
insert_user();
header("location: index.php");
exit;
case "signup":
signup($action_id);
header("location: index.php?action_id=$action_id");
exit;
//預設動作
default:
if ($action_id) {
$op = 'show_action';
show_action($action_id);
list_signups($action_id);
} else {
$op = 'list_actions';
list_actions();
}
break;
}
} catch (exception $e) {
$error = $e->getMessage();
}
/*輸出結果*/
require_once "footer.php";
/*自訂函數區*/
//登出
function logout()
{
unset($_SESSION['group']);
unset($_SESSION['name']);
unset($_SESSION['uid']);
unset($_SESSION['email']);
// session_destroy();
// unset($_SESSION);
}
//登入
function login()
{
global $db;
$email = clean_var('email', 'email', FILTER_VALIDATE_EMAIL);
// 連線資料庫
$sql = "select * from `users` where email='{$email}'";
if (!$result = $db->query($sql)) {
throw new Exception($db->error);
}
$data = $result->fetch_assoc();
if (password_verify($_POST['pass'], $data['pass'])) {
$_SESSION['group'] = $data['group'];
$_SESSION['name'] = filter_var($data['name'], FILTER_SANITIZE_SPECIAL_CHARS);
$_SESSION['uid'] = $data['uid'];
$_SESSION['email'] = filter_var($data['email'], FILTER_SANITIZE_SPECIAL_CHARS);
} else {
throw new Exception("登入失敗!");
}
}
//新增使用者
function insert_user()
{
global $db, $admin_id;
// 過濾變數
$name = clean_var('name', '姓名');
$pass = clean_var('pass', '密碼');
$pass = password_hash($pass, PASSWORD_DEFAULT);
$email = clean_var('email', 'email', FILTER_VALIDATE_EMAIL);
$group = ($email == $admin_id) ? 'admin' : 'user';
// 連線資料庫
$sql = "insert into `users` (`name`, `pass`, `email`, `group`) values('$name', '$pass','$email','$group')";
if (!$db->query($sql)) {
throw new Exception($db->error);
}
// $uid = $db->insert_id;
// return $uid;
}
//列出所有活動
function list_actions()
{
global $db, $smarty;
$sql = "select * from `actions` where enable='1' order by action_date desc";
if (!$result = $db->query($sql)) {
throw new Exception($db->error);
}
$actions = [];
while ($data = $result->fetch_assoc()) {
$actions[] = $data;
}
$smarty->assign('actions', $actions);
// die(var_export($actions));
}
function show_action($action_id)
{
global $db, $smarty;
$sql = "select * from `actions` where action_id='{$action_id}'";
if (!$result = $db->query($sql)) {
throw new Exception($db->error);
}
$data = $result->fetch_assoc();
$smarty->assign('action', $data);
}
//新增報名
function signup($action_id)
{
global $db;
$uid = $_SESSION['uid'];
$sql = "INSERT INTO `signups` ( `uid`, `action_id`, `signup_date`)
VALUES ('{$uid}', '{$action_id}', now())";
if (!$db->query($sql)) {
throw new Exception($db->error);
}
}
//列出所有活動報名者
function list_signups($action_id)
{
global $db, $smarty;
$sql = "select a.*, b.* from `signups` as a
join `users` as b on a.`uid`=b.`uid`
where a.action_id='{$action_id}'";
if (!$result = $db->query($sql)) {
throw new Exception($db->error);
}
$signups = [];
while ($data = $result->fetch_assoc()) {
$signups[] = $data;
}
$smarty->assign('signups', $signups);
}
