我想按用户 ID 显示数据库中的记录。这意味着工作人员必须输入员工编号和密码并提出新项目的请求,该请求将被保存在数据库中。
该请求工作正常,但在 request.php 页面之后,我想在receipt.php 中显示该员工订购的项目。我怎么能这样做?这是定义表的 SQL:
CREATE TABLE `orders` (
`orderno` bigint(20) NOT NULL AUTO_INCREMENT,
`orderqty` bigint(20) NOT NULL,
`orderdate` date DEFAULT NULL,
`itemno` bigint(20) DEFAULT NULL,
`staffid` varchar(50) DEFAULT NULL,
PRIMARY KEY (`orderno`),
KEY `FK_itemno` (`itemno`),
KEY `FK_staffid` (`staffid`),
CONSTRAINT `FK_itemno` FOREIGN KEY (`itemno`) REFERENCES `item` (`itemno`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1
这是receipt.php的PHP代码:
<?php require_once('Connections/sqlconnection.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$colname_rsstaff = $_SESSION['staffid'];
if (isset($_GET['staffid'])) {
$colname_rsstaff = $_GET['staffid'];
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsorders = "SELECT * FROM orders";
$rsorders = mysql_query($query_rsorders, $sqlconnection) or die(mysql_error());
$row_rsorders = mysql_fetch_assoc($rsorders);
$totalRows_rsorders = mysql_num_rows($rsorders);
mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsitem = "SELECT * FROM item";
$rsitem = mysql_query($query_rsitem, $sqlconnection) or die(mysql_error());
$row_rsitem = mysql_fetch_assoc($rsitem);
$totalRows_rsitem = mysql_num_rows($rsitem);
mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsstaff = "SELECT * FROM staff";
$rsstaff = mysql_query($query_rsstaff, $sqlconnection) or die(mysql_error());
$row_rsstaff = mysql_fetch_assoc($rsstaff);
$totalRows_rsstaff = mysql_num_rows($rsstaff);
mysql_select_db($database_sqlconnection, $sqlconnection);
$query_rsitemlist = sprintf("SELECT * FROM itemlist WHERE itemlist.staffid = %s", GetSQLValueString($colname_rsstaff, "text"),"ORDER BY orderdate DESC");
$rsitemlist = mysql_query($query_rsitemlist, $sqlconnection) or die(mysql_error());
$row_rsitemlist = mysql_fetch_assoc($rsitemlist);
$totalRows_rsitemlist = mysql_num_rows($rsitemlist);
?>
<title>Sistem Pengurusan Stok</title>
<center>
<form name="form1" method="POST" action="request.php">
<table width="633" height="262" border="1">
<tr>
<td height="124" colspan="6"><?php include 'header.php'?></td>
</tr>
<tr>
<td width="119" height="51"
align="center">No Resit</td>
<td width="130" align="center">Tarikh Tempah</td>
<td width="181" align="center">Nama Barang</td>
<td align="center">Kuantiti</td>
<td align="center"> </td>
</tr>
<?php do { ?>
<tr>
<td height="35" align="center"><?php echo $row_rsitemlist['orderno']; ?></td>
<td align="center"><?php echo $row_rsitemlist['orderdate']; ?></td>
<td align="center"><?php echo $row_rsitemlist['itemname']; ?></td>
<td width="146" align="center"><?php echo $row_rsitemlist['orderqty']; ?></td>
<td width="23" align="center"><img src="images/delete.jpg" width="68" height="32" align="center" /></td>
</tr>
<?php } while ($row_rsitemlist = mysql_fetch_assoc($rsitemlist) && $rsitemlist); ?>
<tr>
<td height="40" colspan="6" align="right"><input type="submit" name="button2" id="button2" value="Kembali"/>
<input type="submit" name="button" id="button" value="Hantar" /></td>
</tr>
</table>
</form>
</center>
<?php
mysql_free_result($rsorders);
mysql_free_result($rsitem);
mysql_free_result($rsstaff);
mysql_free_result($rsitemlist);
?>
我真的希望有人可以真正检查我的代码。提前致谢。