Вы находитесь на странице: 1из 16

MySQL :

eshop,
,
- create_db.php :
<?php
//
define("DB_HOST", "localhost");
define("DB_LOGIN", "root"); // -
define("DB_PASSWORD", "password"); //
define("DB_NAME", "eshop"); //
mysql_connect(DB_HOST, DB_LOGIN, DB_PASSWORD) or
die(mysql_error());
$sql = 'CREATE DATABASE ' . DB_NAME;
mysql_query($sql) or die(mysql_error());
mysql_select_db(DB_NAME) or die(mysql_error());
$sql = "
CREATE TABLE catalog (
id int(11) NOT NULL auto_increment,
author varchar(50) NOT NULL default '',
title varchar(50) NOT NULL default '',
pubyear int(4) NOT NULL default 0,
price int(11) NOT NULL default 0,
PRIMARY KEY (id)
)";
mysql_query($sql) or die(mysql_error());
$sql = "
CREATE TABLE basket (
id int(11) NOT NULL auto_increment,
customer varchar(32) NOT NULL default '',
goodsid int(11) NOT NULL default 0,
quantity int(4) NOT NULL default 0,
datetime int(11) NOT NULL default 0,
PRIMARY KEY (id)
)";
mysql_query($sql) or die(mysql_error());
$sql = "
CREATE TABLE orders (
id int(11) NOT NULL auto_increment,
author varchar(50) NOT NULL default '',
title varchar(50) NOT NULL default '',
pubyear int(4) NOT NULL default 0,
price int(11) NOT NULL default 0,
customer varchar(32) NOT NULL default '',
quantity int(4) NOT NULL default 0,
datetime int(11) NOT NULL default 0,
PRIMARY KEY (id)
)";
mysql_query($sql) or die(mysql_error());
mysql_close();
print '<p> !</p>';
?>
3 .
, .
-eshop_db.inc.php :
<?php

define("DB_HOST", "localhost");
define("DB_LOGIN", "root"); //
define("DB_PASSWORD", "password"); //
define("DB_NAME", "eshop");
define("ORDERS_LOG", "orders.log");
$count = 0;
$conn = mysql_connect(DB_HOST, DB_LOGIN, DB_PASSWORD) or
die(" ");
mysql_select_db(DB_NAME) or die(mysql_error());
//
$sql = "SELECT count(*) FROM basket WHERE customer='".session_id()."'";
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_row($result);
$count = $row[0];
?>
- eshop_lib.inc.php :
<?php
// save ( )
function save($author, $title, $pubyear, $price) {
$sql = "INSERT INTO catalog(
author,
title,
pubyear,
price
) VALUES(
'$author',
'$title',
$pubyear,
$price
)";
mysql_query($sql) or die(mysql_error());
}
//
function selectAll() {
$sql = "SELECT * FROM catalog";
$result = mysql_query($sql) or die(mysql_error());
return $result;
}
//
function add2basket($customer, $goodsid, $quantity, $datetime) {
$sql = "INSERT INTO basket(
customer,
goodsid,
quantity,
datetime
) VALUES(
'$customer',
$goodsid,
$quantity,
$datetime
)";
$result = mysql_query($sql) or die(mysql_error());

}
//
function myBasket() {
$sql = "SELECT * FROM catalog, basket
WHERE customer='".session_id()."'
and catalog.id=basket.goodsid";
$result = mysql_query($sql) or die(mysql_error());
return $result;
}
//
function basketDel($id){
$sql = "DELETE FROM basket WHERE id = $id";
$result = mysql_query($sql) or die(mysql_error());
}
//
function resave($datetime) {
$goods = myBasket();
while ($good = mysql_fetch_assoc($goods)) {
$sql = "INSERT INTO orders(
author,
title,
pubyear,
price,
customer,
quantity,
datetime
) VALUES(
'" . $good["author"] . "',
'" . $good["title"] . "',
" . $good["pubyear"] . ",
" . $good["price"] . ",
'" . $good["customer"] . "',
" . $good["quantity"] . ", $datetime)";
mysql_query($sql) or die(mysql_error());
}
// basket
$sql = "DELETE FROM basket WHERE customer='" . session_id() . "'";
mysql_query($sql) or die(mysql_error());
}
//
function getOrders() {
// log-
$orders = file(ORDERS_LOG);
$allorders = array();
foreach ($orders as $order) {
list($name, $email, $phone, $address, $customer, $date) = explode("|",
$order);
$orderinfo = array();

$orderinfo["name"] = $name;
$orderinfo["email"] = $email;
$orderinfo["phone"] = $phone;
$orderinfo["address"] = $address;
$orderinfo["customer"] = $customer;
$orderinfo["date"] = $date;
// :
$sql = "SELECT * FROM orders
WHERE customer='".$orderinfo["customer"]."' AND datetime=".
$orderinfo["date"];
$result = mysql_query($sql) or die(mysql_error());
$orderinfo["goods"] = $result;
$allorders[] = $orderinfo;
}
return $allorders;
}
?>
, - save2cat.php :
<?php
//
require "eshop_db.inc.php";
require "eshop_lib.inc.php";
//
$author = addslashes(trim($_POST["author"]));
$title = addslashes(trim($_POST["title"]));
$pubyear = addslashes(trim($_POST["pubyear"]));
$price = addslashes(trim($_POST["price"]));
//
save($author, $title, $pubyear, $price);
//
header("Location: add2cat.php");
?>
5) - add2cat.php :
<html>
<head>
<title> </title>
</head>
<body>
<form action="save2cat.php" method="post">
<p>: <input type="text" name="author" size="50">
<p>: <input type="text" name="title" size="100">
<p> : <input type="text" name="pubyear" size="4">
<p>: <input type="text" name="price" size="6"> .
<p><input type="submit" value="">
</form>
</body>
</html>
, - catalog,
.
catalog.
() - catalog.php :
<?php
//
session_start();
//

require "eshop_db.inc.php";
require "eshop_lib.inc.php";
?>
<html>
<head>
<title> </title>
</head>
<body>
<p> <a href="basket.php"></a>:
<?php
echo $count;
?>
</p>
<table border="0" cellpadding="5" cellspacing="0" width="100%">
<tr>
<th></th>
<th></th>
<th> </th>
<th>, .</th>
<th> </th>
</tr>
<?php
$result = selectAll();
while ($row = mysql_fetch_assoc($result)) {
?>
<tr>
<td><?php echo $row["author"] ?></td>
<td><?php echo $row["title"] ?></td>
<td align="center"><?php echo $row["pubyear"] ?></td>
<td align="center"><?php echo $row["price"] ?></td>
<td align="center">
<a href="add2basket.php?id=<?php echo $row["id"] ?>">
</a></td>
</tr>
<?php
}
?>
</table>
</body>
</html>
()
- basket.php :
<?php
//
session_start();
//
require "eshop_db.inc.php";
require "eshop_lib.inc.php";
?>
<html>
<head>
<title> </title>
</head>
<body>
<?php
if ($count == 0) {

echo "<p> ! <a


href=\"catalog.php\"></a> .</p>";
} else {
?>
<table border="0" cellpadding="5" cellspacing="0" width="100%">
<tr>
<th>N n/n</th>
<th></th>
<th></th>
<th> </th>
<th>, .</th>
<th></th>
<th></th>
</tr>
<?php
$result = myBasket();
$i = 0;
$sum = 0;
while ($row = mysql_fetch_assoc($result)) {
$sum += $row["price"] * $row["quantity"];
?>
<tr>
<td align="center"><?php echo ++$i ?></td>
<td><?php echo $row["author"] ?></td>
<td><?php echo $row["title"] ?></td>
<td align="center"><?php echo $row["pubyear"] ?></td>
<td align="center"><?php echo $row["price"] ?></td>
<td align="center"><?php echo $row["quantity"] ?></td>
<td align="center">
<a href="delete_from_basket.php?id=<?php echo $row["id"] ?>">
</a></td>
</tr>
<?php
}
?>
</table>
<p> :
<?php echo $sum ?>
.
<div align="center">
<input type="button" value=" !"
onClick="location.href='orderform.php'">
</div>
<?php
}
?>
</body>
</html>
- add2basket.php :
<?php
//
session_start();
//
require "eshop_db.inc.php";
require "eshop_lib.inc.php";
//

$customer = session_id();
// id ,
$goodsid = $_GET["id"];
//
$quantity = 1;
//
$datetime = time();
add2basket($customer, $goodsid, $quantity, $datetime);
header("Location: catalog.php");
?>
-
- delete_from_basket.php :
<?php
//
session_start();
//
require "eshop_db.inc.php";
require "eshop_lib.inc.php";
// ID
$id = $_GET['id'];
//
basketDel($id);
header('Location: basket.php');
?>
.

- orderform.php :
<html>
<head>
<title> </title>
</head>
<body>
<form action="saveorder.php" method="post">
<p> () :&nbsp; <input type="text" name="name"
size="50">
<br> email : &nbsp;<input type="text" name="email"
size="50">
<br> :&nbsp;&nbsp; <input type="text"
name="phone"
size="50">
<br> :<br><textarea name="address"
cols="50" rows="5"></textarea>
<br><input type="submit" value=""></p>
</form>
</body>
</html>

()saveorder.php :
<?php
//
session_start();
//

require "eshop_db.inc.php";
require "eshop_lib.inc.php";
//
$name = strip_tags(addslashes(trim($_POST["name"])));
$email = strip_tags(addslashes(trim($_POST["email"])));
$phone = strip_tags(addslashes(trim($_POST["phone"])));
$address = strip_tags(addslashes(trim($_POST["address"])));
$customer = session_id();
$datetime = time();
//
$data = "$name|$email|$phone|$address|$customer|$datetime\r\n";
//
file_put_contents(ORDERS_LOG, $data, FILE_APPEND);
// orders
resave($datetime);
?>
<html>
<head>
<title> </title>
</head>
<body>
<p> .</p>
<p><a href="catalog.php"> </a></p>
</body>
</html>
orders.log,

orders.php :
<?php
//
session_start();
//
require "eshop_db.inc.php";
require "eshop_lib.inc.php";
?>
<html>
<head>
<title> </title>
</head>
<body>
<h2> :</h2>
<?php
$result = getOrders();
foreach ($result as $order) {
?>
<hr>
<p><b></b>: <?php echo $order["name"] ?></p>
<p><b>Email</b>: <?php echo $order["email"] ?></p>
<p><b></b>: <?php echo $order["phone"] ?></p>
<p><b> </b>: <?php echo $order["address"] ?></p>
<p><b> </b>: <?php echo date("d.m.y H:i",
$order["date"]) ?></p>
<h3> :</h3>
<table border="1" cellpadding="5" cellspacing="0" width="90%">
<tr>
<th>N n/n</th>

<th></th>
<th></th>
<th> </th>
<th>, .</th>
<th></th>
</tr>
<?php
$i = 0;
$sum = 0;
while($row = mysql_fetch_assoc($order["goods"])){
$sum += $row["price"] * $row["quantity"];
?>
<tr>
<td align="center"><?php echo ++$i ?></td>
<td><?php echo $row["author"] ?></td>
<td><?php echo $row["title"] ?></td>
<td align="center"><?php echo $row["pubyear"] ?></td>
<td align="center"><?php echo $row["price"] ?></td>
<td align="center"><?php echo $row["quantity"] ?></td>
</tr>
<?php
}
?>
</table>
<p> : <?php echo $sum ?> .
<?php
}
?>
</body>
</html>

, , .
: 127

,
.
nabugas.php :
<li><a href="./pegustpas" title="
"></a>
</li>
pegustpas, .
bas.php :
<?php
session_start();
mysql_connect ("localhost","polsobatel","mouparoluk");
mysql_select_db ("cait_basa");
$login = $_SESSION['login'];
$password = $_SESSION['password'];
$id_user = $_SESSION['id'];
?>
index.php :
<?php include_once("bas.php"); //
?>
<!-- (DOCTYPE HTML PUBLIC )
<body> -->

<?php //
if(empty($login) and empty($password)){
print <<<HERE
<!-- HERE
<table width="995" , ,
-->
<!-- -->
<td valign="top">
<p> ,
, </p>
<table><p><b><a href="reguctpas.php"></a></b></p>
<form action="logun.php" method="POST">
<tr>
<td>&nbsp;&nbsp; :</td>
<td><input type="text" name="login" ></td>
</tr>
<tr>
<td>&nbsp;&nbsp; :</td>
<td><input type="password" name="password" ></td>
</tr>
<tr>
<td colspan="2">&nbsp;&nbsp;<input type="submit" value="OK" name="submit"
></td>
</tr>
</form>
</table>
</td>
<!-- -->
</tr>
</table>
</td>
</tr>
<tr>
<td> , - </td><tr>
</table>
</body>
</html>
HERE;
}
else{
echo '<!--
DOCTYPE HTML PUBLIC, , <table width="995" ,
, -->
<body>
<!-- -->
<td valign="top">
<p>, <strong>'.$login.'</strong> | <a
href="exit.php"></a><br>
. ,
,
- 2147483647 opsuu prcode
. </p>
</td>
<!-- -->
</tr>
</table>

10

</td>
</tr>
<!-- -->
<tr>
<td> , - </td><tr>
</table>
</body>
</html>';
}
?>

users 7
. ,
- ,
, ,
, .
reguctpas.php :
<!-- DOCTYPE HTML
PUBLIC, , -->
<!-- -->
<td valign="top">
<table>
<p> ,
.
</p>
<form action="verification.php" method="POST">
<tr>
<td>&nbsp;&nbsp; <font color="#F500B8"> *</font>:</td>
<td><input type="text" size="22" name="login" ></td>
</tr>
<tr>
<td>&nbsp;&nbsp; <font color="#F500B8"> *</font>:</td>
<td><input type="password" size="22" maxlength="22" name="password" ></td>
</tr>
<tr>
<td>&nbsp;&nbsp; <font color="#F500B8"> *</font>:</td>
<td><input type="password" size="22" maxlength="22"
name="password2"></td>
</tr>
<tr>
<td>&nbsp;&nbsp; e - mail<font color="#F500B8"> *</font>:</td>
<td><input type="text" size="22" name="email"></td>
</tr>
<tr>
<td>&nbsp;&nbsp; :</td>
<td><input type="text" size="22" name="name"></td>
</tr>
<tr>
<td>&nbsp;&nbsp; :</td>
<td><input type="text" size="22" name="lastname"></td>
</tr>
<tr>
<td></td>
<td colspan="2"><input type="submit" value="" name="submit"
></td>
</tr>

11

<br>
</form>
</table>
<p> <font color="#F500B8"> *</font>
!
<br>
<a href='index.php'> </a>
</p>
</td>
<!-- -->
,
. verification.php,
:
<!--
,
-->
<!-- -->
<td valign="top">
<font color="#66FF33"><img border="0" src="ok.gif">
!</font><br>
<p> E-mail ,
, ,
,
. <a href="index.php"> </a></p>
</td>
<!-- -->
.
: 107

,
- activation.php :
<?php
include_once("bas.php");
if(isset($_GET['akt']) AND isset($_GET['login'])) {
$akt = $_GET['akt'];
$akt = stripslashes($akt);
$akt = htmlspecialchars($akt);
$login = $_GET['login'];
$login = stripslashes($login);
$login = htmlspecialchars($login);
}
else{
exit(" !");
}
$activ = mysql_query("SELECT id FROM users WHERE login='$login'");
//
$id_activ = mysql_fetch_array($activ);
$activation = md5($id_activ['id']);
if ($activation == $akt)
{ // url
mysql_query("UPDATE users SET activation='1' WHERE login='$login'");
echo " <strong>".$login."</strong> !

!<br><a href='index.php'> - </a>";
}

12

else {
echo " ! .
.<br><a href='index.php'> - </a>";
}
?>
logun.php :
<?php include_once("bas.php");?>
<?php
if (isset($_POST['login'])) {
$login = $_POST['login'];
if ($login == '') {
unset($login);
exit (" !");
}
}
if (isset($_POST['password'])) {
$password=$_POST['password'];
if ($password =='') {
unset($password);
exit (" ");
}
}
$login = stripslashes($login);
$login = htmlspecialchars($login);
$password = stripslashes($password);
$password = htmlspecialchars($password);
$login = trim($login);
$password = trim($password);
$password = md5($password); //
$user = mysql_query("SELECT id FROM users WHERE login='$login' AND
password='$password' AND activation='1'");
$id_user = mysql_fetch_array($user);
if (empty($id_user['id'])){
exit (" , .");
}
else {
$_SESSION['password']=$password;
$_SESSION['login']=$login;
$_SESSION['id']=$id_user['id'];
}
echo "<meta http-equiv='Refresh' content='0; URL=index.php'>";
?>
exit.php
:
<?php
if (empty($_SESSION['login']) or empty($_SESSION['password'])) {
exit (" ,
. ,
, <br><a href='index.php'> </a>");
}
unset($_SESSION['password']);
unset($_SESSION['login']);
unset($_SESSION['id']);//

13

exit("<meta http-equiv='Refresh' content='0; URL=index.php'>");


?>
, ,
, .
: 97


(): 2012-09-23

, ,
,

. -
RSS - <li><a href="./sakputo.php" title="
"></a> </li> , ,
.
- sakputo.php
:
<? include ("./bloku/b_d.php");
// - navug,

$sak = mysql_query("SELECT title,meta_d,meta_k,text FROM navug WHERE


pages='sakpubaem'",$db);
if (!$sak)
{
echo " .
admin@yandex.ru.";
exit(mysql_error());
}
if (mysql_num_rows($sak) > 0)
{
$myrr = mysql_fetch_array($sak);
}
else
{
echo " , .";
exit();
}
if (isset($_POST['code']))
{
$code = $_POST['code'];
}
?>
,
:
<td valign="top">
<? echo $myrr["text"];
$res0 = mysql_query ("SELECT prcode FROM opsuu",$db);
if ($res0)
{
$myr = mysql_fetch_array($res0);
$prcode = $myr["prcode"];
}
else

14

{
exit ("<p> .
.");
}
if (!isset($code) or $code != $prcode)
{
echo "<form name='sec' action='sakputo.php' method='post'>
<p align='center'><strong> </strong></p>
<p align='center'><input class='sin' type='text' name='code'></p>
<p align='center'><input class='sbut' type='submit' name='submit'
value=' '></p>
</form>";
$sak = mysql_query("SELECT id,title,descript,date,abtop,min_img,views FROM ctp
WHERE sapret=1",$db);
if (!$sak)
{
echo " .
admin@yandex.ru";
exit(mysql_error());
}
if (mysql_num_rows($sak) > 0)
{
$myrr = mysql_fetch_array($sak);
do
{
printf ("<table align='center'>
<tr>
<td>
<p><img src='%s'><a href='#'>%s ( )</a></p>
<p> : %s</p>
<p> : %s</p></td>
</tr>
<tr>
<td>%s <p>: %s</p></td>
</tr>
</table><br>",$myrr["min_img"],$myrr["title"], $myrr["date"],$myrr["abtop"],
$myrr["descript"], $myrr["views"]);
}
while ($myrr = mysql_fetch_array($sak));
}
}
else
{
$sak = mysql_query("SELECT id,title,descript,date,abtop,min_img,views FROM ctp
WHERE sapret=1",$db);
if (!$sak)
{
echo " .
admin@yandex.ru";
exit(mysql_error());
}
if (mysql_num_rows($sak) > 0)
{
$myrr = mysql_fetch_array($sak);

15

do
{
printf ("<table align='center'>
<tr>
<td>
<p'><img src='%s'><a href='page.php?id=%s'>%s</a></p>
<p> : %s</p>
<p> : %s</p></td>
</tr>
<tr>
<td>%s <p>: %s</p></td>
</tr>
</table><br>",$myrr["min_img"],$myrr["id"],$myrr["title"], $myrr["date"],
$myrr["abtop"],$myrr["descript"],$myrr["views"]);
}
while ($myrr = mysql_fetch_array($sak));
}
}
?>
</td>
,
(leb.php) -
:
$res3 = mysql_query("SELECT id,title FROM ctp WHERE sapret=0 ORDER BY id
DESC LIMIT 7",$db);
(kateg.php) :
$res = mysql_query("SELECT id,title,descript,date,abtop,min_img,views FROM ctp
WHEREsapret=0 AND cat='$cat'",$db);
,
, .
(kateg.php)
,
(style.css):
.sin {
width:190px;
height:25px;
background-color:#f6f6f6;
border:1px solid gray; }
.sbut {
width:190px;
height:25px;
background-color:#cc0000;
color:#FFFFFF;
border:1px solid gray; }
2147483647,
- opsuu,
, .
.
: 149

16