有人可以看看我的代码我终于在 2 天后开始工作,并从这里得到了很多帮助 - 谢谢!
我想做一些调整 -
对于交易 ID,如果我在交易 ID 中搜索任何字母,则会显示记录 - 如果已输入完整交易 ID 并与数据库中的记录匹配,我只希望它向我显示记录。交易 ID 示例:87K07228GD157974M
如果您想检索您的代码,您必须输入您的姓名、电子邮件和交易日期,这很完美但时间也包含在日期中,但我不希望任何人也必须输入时间只有日期即....您当前必须输入:2013-03-07 01:39:23 - 但我想以 DD/MM/YY 的格式输入 - 这可能吗?
我也不知道代码是否也安全,任何建议都将不胜感激。谢谢,
这是代码:
findme.html
<html>
<head>
<title>Search</title>
</head>
<body bgcolor=#ffffff>
<h2>Search Transaction ID</h2>
<form name="search" method="post" action="findme.php">
Seach for: <input type="text" name="find" />
<input type="submit" name="search" value="Search" />
</form>
OR
<h2>Search Name, E-Mail & Transaction Date</h2>
<form name="search" method="post" action="findme1.php">
Full Name (on paypal account) <input type="text" name="name" /> <br><br>
Paypal E-Mail Address <input type="text" name="email" /> <br><br>
Transaction Date - DD/MM/YY <input type="text" name="date" />
<input type="submit" name="search" value="Search" /><br><br>
If searching via Name, E-Mail & Transaction date, all fields must be completed to obtain your code.
</form>
</body>
</html>
findme.php
<html>
<head><title>Searching for a student...</title>
</head>
<body bgcolor=#ffffff>
<?php
echo "<h2>Search Results:</h2><p>";
//If they did not enter a search term we give them an error
if ($find == "")
{
echo "<p>You forgot to enter a search term!!!";
exit;
}
// Otherwise we connect to our Database
mysql_connect("location.com", "ipn", "password!") or die(mysql_error());
mysql_select_db("ipn") or die(mysql_error());
// We perform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);
//Now we search for our search term, in the field the user specified
$iname = mysql_query("SELECT * FROM ibn_table WHERE itransaction_id LIKE '%$find%'");
//And we display the results
while($result = mysql_fetch_array( $iname ))
{
echo "<b>Name: </b>";
echo $result['iname'];
echo " ";
echo "<br>";
echo "<b>E-mail: </b>";
echo $result['iemail'];
echo "<br>";
echo "<b>Transaction Date: </b>";
echo $result['itransaction_date'];
echo "<br>";
//And we remind them what they searched for
echo "<b>Search Term </b>(Transaction ID): </b> " .$find;
//}
echo "<br>";
echo "<br>";
echo "<b>Login Code: </b>";
echo $result['ipaymentstatus'];
echo "<br>";
}
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($iname);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your search, please make sure the correct details have been entered...<br><br>";
}
?>
</body>
</html>
findme1.php
<html>
<head><title>Searching for a student...</title>
</head>
<body bgcolor=#ffffff>
<?php
echo "<h2>Search Results:</h2><p>";
//If they did not enter a search term we give them an error
if ($name == "")
if ($email == "")
{
echo "<p>Please enter Full Name, E-Mail Address & Transaction Date EXACTLY how they appear on your PayPal Account...";
exit;
}
// Otherwise we connect to our Database
mysql_connect("location.com", "ipn", "password") or die(mysql_error());
mysql_select_db("ipn") or die(mysql_error());
// We perform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);
//Now we search for our search term, in the field the user specified
$name = mysql_query("SELECT * FROM ibn_table WHERE iemail = '$email' AND iname = '$name' AND itransaction_date = '$date'");
//And we display the results
while($result = mysql_fetch_array( $name ))
{
echo "<b>Name: </b>";
echo $result['iname'];
echo " ";
echo "<br>";
echo "<b>E-mail: </b>";
echo $result['iemail'];
echo "<br>";
echo "<b>Transaction Date: </b>";
echo $result['itransaction_date'];
echo "<br>";
//And we remind them what they searched for
echo "<b>Search Term </b>(Transaction ID): " .$name;
//}
echo "<br>";
echo "<br>";
echo "<b>Login Code: </b>";
echo $result['ipaymentstatus'];
echo "<br>";
}
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($name);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your search, please make sure the correct details have been entered...<br><br>";
}
?>
</body>
</html>
我的数据库中的字段是:
iname
iemail
itransaction_id
ipaymentstatus
itransaction_date
谢谢!