我目前正忙于员工系统,需要帮助。在过去的几天里,我研究了有关表单的网络,现在正试图从两种表单类型中构建一个解决方案。php新手,如果我的条款不正确,请原谅。
我使用的第一种形式是简单地显示并允许使用数据库表编辑数据。我需要用户能够将文件上传给他们的员工,所以我得到了另一个表格来完成这部分。在将两者结合之前,两者都工作了 100%。
我已将所有 php 编码放置在用于表单的相同文件中。通读代码,您应该了解我的表中有哪些字段。增加的部分是警告表格的上传。我需要三个上传框将文件上传到服务器并在行字段中放置参考。
请协助并记住,这是我在回复时第一个真正的 php 项目。
<?php
include 'core/init.php';
protect_page();
include 'includes/overall/header.php';
error_reporting(1);
?>
<?php
/*
EDIT.PHP
Allows user to edit specific entry in database
*/
// creates the edit record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, $warning1, $warning2, $warning3, $error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Record</title>
</head>
<body>
<div class="article">
<h1>Employee Details</h1>
<div class="article">
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>
<div class="article">
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="idnumber" value="<?php echo $idnumber; ?>"/>
<div>
<p>* Required</p>
<p><strong>ID:</strong> <?php echo $idnumber; ?></p>
<table cellpadding="5" cellspacing="5">
<tr>
<td><strong>First Name: *</strong></td>
<td><input type="text" name="firstname" value="<?php echo $firstname; ?>"/></td>
</tr>
<tr>
<td><strong>Last Name: *</strong></td>
<td> <input type="text" name="lastname" value="<?php echo $lastname; ?>"/></td>
</tr>
<tr>
<td><strong>Department: *</strong> </td>
<td> <input type="text" name="department" value="<?php echo $department; ?>"/></td>
</tr>
<tr>
<td><strong>Manager/Superviser: *</strong></td>
<td><input type="text" name="manager" value="<?php echo $manager; ?>"/></td>
</tr>
<tr>
<td><strong>Start Date: *</strong></td>
<td><input type="text" name="startdate" value="<?php echo $startdate; ?>"/></td>
</tr>
<tr>
<td>
<table cellpadding="5" cellspacing="0">
<tr>
<td><label for="file">Select a file:</label> <input type="file" name="warning1" id="file"> <br />
</td>
</tr>
<tr>
<td><label for="file">Select a file:</label> <input type="file" name="warning2" id="file"> <br />
</td>
</tr>
<tr>
<td><label for="file">Select a file:</label> <input type="file" name="warning3" id="file"> <br />
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><input type="submit" name="submit" value="Submit" class="btn"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
}
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['idnumber']))
{
// get form data, making sure it is valid
$idnumber = $_POST['idnumber'];
$firstname = mysql_real_escape_string(htmlspecialchars($_POST['firstname']));
$lastname = mysql_real_escape_string(htmlspecialchars($_POST['lastname']));
$department = mysql_real_escape_string(htmlspecialchars($_POST['department']));
$manager = mysql_real_escape_string(htmlspecialchars($_POST['manager']));
$startdate = mysql_real_escape_string(htmlspecialchars($_POST['startdate']));
$warning1 = $_FILES['warning1']['name'];
$warning2 = $_FILES['warning2']['name'];
$warning3 = $_FILES['warning3']['name'];
// check that firstname/lastname fields are both filled in
if ($firstname == '' || $lastname == '')
{
// generate error message
$error = 'ERROR: Please fill in all fields!';
//error, display form
renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE ref_employees SET firstname='$firstname', lastname='$lastname', department='$department', manager='$manager', startdate='$startdate', warning1='$warning1', warning2='$warning2', warning3='$warning3' WHERE idnumber='$idnumber'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: employeelist.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{
// get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['idnumber']) && is_numeric($_GET['idnumber']) && $_GET['idnumber'] > 0)
{
// query db
$idnumber = $_GET['idnumber'];
$result = mysql_query("SELECT * FROM ref_employees WHERE idnumber=$idnumber")
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$department = $row['department'];
$manager = $row['manager'];
$startdate = $row['startdate'];
// show form
renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'Error!';
}
}
?>
<?php
// Configuration - Your Options
$allowed_filetypes = array('.pdf'); // These will be the types of file that will pass the validation.
$max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB).
$upload_path = 'files/empdocs'; // The place the files will be uploaded to (currently a 'files' directory).
$warning1 = $_FILES['warning1']['name'];
$warning2 = $_FILES['warning2']['name'];
$warning3 = $_FILES['warning3']['name']; // Get the name of the file (including file extension).
$ext1 = substr($warning1, strpos($warning1,'.'), strlen($warning1)-1);
$ext2 = substr($warning2, strpos($warning2,'.'), strlen($warning1)-1);
$ext3 = substr($warning3, strpos($warning3,'.'), strlen($warning1)-1); // Get the extension from the filename.
// Check if the filetype is allowed, if not DIE and inform the user.
if(!in_array($ext,$allowed_filetypes))
die('The file you attempted to upload is not allowed.');
// Now check the filesize, if it is too large then DIE and inform the user.
if(filesize($_FILES['warning1']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large.');
else if(filesize($_FILES['warning2']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large.');
else if(filesize($_FILES['warning3']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large.');
// Check if we can upload to the specified path, if not DIE and inform the user.
if(!is_writable($upload_path))
die('You cannot upload to the specified directory, please CHMOD it to 777.');
// Upload the file to your specified path.
if(move_uploaded_file($_FILES['warning1']['tmp_name'],$upload_path . $filename)
&& move_uploaded_file($_FILES['warning2']['tmp_name'],$upload_path . $filename)
&& move_uploaded_file($_FILES['warning3']['tmp_name'],$upload_path . $filename))
echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked.
else
echo 'There was an error during the file upload. Please try again.'; // It failed :(.
?>
</div>
</form>
</div>
</div>