我写了个后台管理类,其中有自动SQL生成,等等,试用过公司会员图书邮购管理,觉得自动生成SQL,在复杂的业务逻辑中没有办法实现.觉得我以下这个东西太烂还有很多问题.我对模板有点理解,可以自己写个简单的东西,能看明phplib的解析代码,对smarty不懂,对adodb也不想学.
<?
/**
* class.admin.php
* by [email protected] www.yiquan.cn
*/
class Admin{//begin class
var $action="";
var $table="";
var $pk_val=0;
var $pk_name="id";
var $select_sql;
var $array_add=array();
var $array_update=array();
var $array_query=array();
var $array_oder_by=array();
var $array_tpl=array();
var $array_valid=array();
var $caption="";
var $html_header='';
var $html_query='';
var $html_cmd=''; var $pageSize=10;function int_pk_val(){
global $_GET,$_POST;
if($this->pk_val){
return;
} if(!empty($_GET['edit_id'])){
$this->pk_val=$_GET['edit_id'];
return;
} if(!empty($_POST[$this->pk_name])){
$this->pk_val=$_POST[$this->pk_name];
return;
} if(!empty($_POST['id'])){
$this->pk_val=$_POST['id'];
return;
}}function Admin($action,$table,$select_sql){
global $_POST,$ME;
/*foreach($_POST as $key=>$val){
$_POST[$key]=trim(nvl($val));
}*/
$this->POST=$_POST;
$this->ME=$ME;
$this->action=$action;
$this->table=$table;
$this->select_sql=$select_sql; $this->int_pk_val();
}function execute(){
if(empty($this->action)) $this->display();
else{
$action=$this->action;
$this->$action();
}
}function display($page_size=0){
/*显示数据*/
global $CFG,$_POST,$ME; $where=$this->get_where($this->select_sql);
$this->select_sql.=$where;
//echo "<pre>$this->select_sql</pre>";
$this->select_sql.=" order by $this->table.$this->pk_name desc";
$p=new SXPaging($this->select_sql,nvl($_POST['RequirePage']),nvl($_POST['PageSize']));
if($this->html_cmd)
$html_cmd="<INPUT TYPE=hidden NAME=CMD>".$this->html_cmd;
else
$html_cmd="|<INPUT TYPE=hidden NAME=CMD>
<INPUT TYPE=button VALUE=添加 name='btn_add' onclick=this.form.CMD.value='add';this.form.submit();>
<INPUT TYPE=button VALUE=删除 onclick=this.form.CMD.value='del';this.form.submit();>"; include("$CFG->dirtpl/admin/header.html");
echo("<Form method=post action=$ME>");
$str=$p->GetPrint('№',$this->caption,0); if($str)
$str.=$html_cmd.$this->html_query;
else{
$str=$this->display_no_data($where);
}
echo("$str");
echo $this->get_query_state();
echo("</Form>"); include("$CFG->dirtpl/admin/footer.html");
}
function add($errormsg=''){
global $CFG,$_POST,$ME;
$CMD='insert';
$form=(empty($this->array_tpl['form_add']))?$this->array_tpl['form']:$this->array_tpl['form_add'];
include($this->array_tpl['header']);
include($this->array_tpl['form_header']);
include($form);
include($this->array_tpl['footer']);
die;
}function insert(){
/*插入数据*/
global $CFG,$_POST,$ME,$DOC_TITLE;
$sql_add=$this->get_add_sql();
$errormsg=$this->valid();
if(empty($errormsg)){
$qid=db_query($sql_add);
$pk_val=db_insert_id($qid);
$this->pk_val=$pk_val;
set_logs($this->caption,LOG_TYPE_INSERT,$this->table,$pk_val);
$this->go_to_me();
return;
} $this->add($errormsg);
}function check_operator($table,$pk_val){
global $CFG;
if($_SESSION['SESSION']['user']['user_name']==$CFG->admin)
return 1;
$operator=$_SESSION['SESSION']['user']['id'];
$sql="select 1 from $table where $this->pk_name=$pk_val and operator=$operator";
$qid=db_query($sql);
return db_fetch_array($qid);
}function edit($errormsg=''){
global $CFG,$_POST,$ME,$_GET,$DOC_TITLE;
if(empty($this->pk_val))die("编辑ID没有,是程序错了"); $CMD="update"; $sql="select * from $this->table where $this->pk_name=$this->pk_val";
$qid=db_query($sql);
$_POST=db_fetch_array($qid);
foreach($_POST as $key=>$val){
$_POST[$key]=stripslashes(nvl($val));
}
if(empty($_POST['id']))$_POST['id']=$this->pk_val;
$form=empty($this->array_tpl['form_update'])?$this->array_tpl['form']:$this->array_tpl['form_update'];
include($this->array_tpl['header']);
include($this->array_tpl['form_header']);
include($form);
include($this->array_tpl['footer']);
}function update(){
/*修改*/
global $CFG,$_POST,$ME; $sql=$this->get_update_sql();
$errormsg='';
if(!$this->check_operator($this->table,$this->pk_val)){
$errormsg.="<li>不是你添加的数据,你没权修改!";
}else $errormsg=$this->valid(); if(!empty($errormsg)){
$this->edit($errormsg);die();
}
echo "<!--$sql-->";
db_query($sql); set_logs($this->caption,LOG_TYPE_UPDATE,$this->table,$this->pk_val);
$this->go_to_me();
}
<?
/**
* class.admin.php
* by [email protected] www.yiquan.cn
*/
class Admin{//begin class
var $action="";
var $table="";
var $pk_val=0;
var $pk_name="id";
var $select_sql;
var $array_add=array();
var $array_update=array();
var $array_query=array();
var $array_oder_by=array();
var $array_tpl=array();
var $array_valid=array();
var $caption="";
var $html_header='';
var $html_query='';
var $html_cmd=''; var $pageSize=10;function int_pk_val(){
global $_GET,$_POST;
if($this->pk_val){
return;
} if(!empty($_GET['edit_id'])){
$this->pk_val=$_GET['edit_id'];
return;
} if(!empty($_POST[$this->pk_name])){
$this->pk_val=$_POST[$this->pk_name];
return;
} if(!empty($_POST['id'])){
$this->pk_val=$_POST['id'];
return;
}}function Admin($action,$table,$select_sql){
global $_POST,$ME;
/*foreach($_POST as $key=>$val){
$_POST[$key]=trim(nvl($val));
}*/
$this->POST=$_POST;
$this->ME=$ME;
$this->action=$action;
$this->table=$table;
$this->select_sql=$select_sql; $this->int_pk_val();
}function execute(){
if(empty($this->action)) $this->display();
else{
$action=$this->action;
$this->$action();
}
}function display($page_size=0){
/*显示数据*/
global $CFG,$_POST,$ME; $where=$this->get_where($this->select_sql);
$this->select_sql.=$where;
//echo "<pre>$this->select_sql</pre>";
$this->select_sql.=" order by $this->table.$this->pk_name desc";
$p=new SXPaging($this->select_sql,nvl($_POST['RequirePage']),nvl($_POST['PageSize']));
if($this->html_cmd)
$html_cmd="<INPUT TYPE=hidden NAME=CMD>".$this->html_cmd;
else
$html_cmd="|<INPUT TYPE=hidden NAME=CMD>
<INPUT TYPE=button VALUE=添加 name='btn_add' onclick=this.form.CMD.value='add';this.form.submit();>
<INPUT TYPE=button VALUE=删除 onclick=this.form.CMD.value='del';this.form.submit();>"; include("$CFG->dirtpl/admin/header.html");
echo("<Form method=post action=$ME>");
$str=$p->GetPrint('№',$this->caption,0); if($str)
$str.=$html_cmd.$this->html_query;
else{
$str=$this->display_no_data($where);
}
echo("$str");
echo $this->get_query_state();
echo("</Form>"); include("$CFG->dirtpl/admin/footer.html");
}
function add($errormsg=''){
global $CFG,$_POST,$ME;
$CMD='insert';
$form=(empty($this->array_tpl['form_add']))?$this->array_tpl['form']:$this->array_tpl['form_add'];
include($this->array_tpl['header']);
include($this->array_tpl['form_header']);
include($form);
include($this->array_tpl['footer']);
die;
}function insert(){
/*插入数据*/
global $CFG,$_POST,$ME,$DOC_TITLE;
$sql_add=$this->get_add_sql();
$errormsg=$this->valid();
if(empty($errormsg)){
$qid=db_query($sql_add);
$pk_val=db_insert_id($qid);
$this->pk_val=$pk_val;
set_logs($this->caption,LOG_TYPE_INSERT,$this->table,$pk_val);
$this->go_to_me();
return;
} $this->add($errormsg);
}function check_operator($table,$pk_val){
global $CFG;
if($_SESSION['SESSION']['user']['user_name']==$CFG->admin)
return 1;
$operator=$_SESSION['SESSION']['user']['id'];
$sql="select 1 from $table where $this->pk_name=$pk_val and operator=$operator";
$qid=db_query($sql);
return db_fetch_array($qid);
}function edit($errormsg=''){
global $CFG,$_POST,$ME,$_GET,$DOC_TITLE;
if(empty($this->pk_val))die("编辑ID没有,是程序错了"); $CMD="update"; $sql="select * from $this->table where $this->pk_name=$this->pk_val";
$qid=db_query($sql);
$_POST=db_fetch_array($qid);
foreach($_POST as $key=>$val){
$_POST[$key]=stripslashes(nvl($val));
}
if(empty($_POST['id']))$_POST['id']=$this->pk_val;
$form=empty($this->array_tpl['form_update'])?$this->array_tpl['form']:$this->array_tpl['form_update'];
include($this->array_tpl['header']);
include($this->array_tpl['form_header']);
include($form);
include($this->array_tpl['footer']);
}function update(){
/*修改*/
global $CFG,$_POST,$ME; $sql=$this->get_update_sql();
$errormsg='';
if(!$this->check_operator($this->table,$this->pk_val)){
$errormsg.="<li>不是你添加的数据,你没权修改!";
}else $errormsg=$this->valid(); if(!empty($errormsg)){
$this->edit($errormsg);die();
}
echo "<!--$sql-->";
db_query($sql); set_logs($this->caption,LOG_TYPE_UPDATE,$this->table,$this->pk_val);
$this->go_to_me();
}
function del($ctl_name='',$table='',$real_do=0,$no_check=0){
/*删除*/
global $_POST,$_SESSION;
$operator=$_SESSION['SESSION']['user']['id'];
if(!$ctl_name)$ctl_name='del_id';
if($table)$this->table=$table;
if(!empty($_POST[$ctl_name])){ $can_delete_rows="";
foreach($_POST[$ctl_name] as $pk_val){
$checked=$no_check?1:$this->check_operator($this->table,$pk_val);
if($checked){
$sql="delete from $this->table where $this->pk_name = $pk_val";
db_query($sql);
set_logs($this->caption,LOG_TYPE_DELETE,$this->table,$pk_val);
}else{
$can_delete_rows.="$pk_val,";
}
}
}
if($can_delete_rows)$can_delete_rows="主键为 $can_delete_rows 的数据非您添加,您不能删除!";
$this->go_to_me($can_delete_rows);
}function _print(){}
function valid(){
$error_msg="";
$error_msg.=$this->valid_array_valid();
return $error_msg;
}function valid_array_valid(){
/*验证数据有效性*/
global $_POST;
$error_msg="";
$str='';
$count=count($this->array_valid);
for($i=0;$i<$count;$i++){ $item=$this->array_valid[$i]; switch($item['valid']){
case 'numeric':
if(!is_numeric($this->POST[$item['field']]))$error_msg.="<li>$item[chinese]不是数字";
break;
default:
if(empty($this->POST[$item['field']]))$error_msg.="<li>$item[chinese]不可为空";
break;
} }
if(!empty($error_msg))$error_msg."<br>请您仔细检查.";
return $error_msg;
}function get_where($sql=''){
global $_POST;
$deleted='';
$where='';
foreach ($this->array_query as $val){
if(!empty($_POST[$val])) $where.=" and ".substr($val,2) ." like binary '%$_POST[$val]%'";
} $hav_where=eregi('where',$sql); if ($hav_where) $deleted.=" and $this->table.isdeleted!=1";
else $deleted.=" where $this->table.isdeleted!=1";
return $deleted.$where;}function get_order_by(){return '';}
function get_add_sql(){
global $_POST,$_SESSION;
$fields=implode(",",$this->array_add);
$values="";
$operator=$_SESSION['SESSION']['user']['id'];
foreach($this->array_add as $val){
$val=trim($val);
$values.="'".addslashes(nvl($_POST[$val]))."',";
} $values=substr($values,0,strlen($values)-1); $sql="insert into $this->table (operator,$fields) values($operator,$values)";
return $sql;
}function get_update_sql(){
global $_POST; $this->array_update=empty($this->array_update)?$this->array_add:$this->array_update;
$sql="update $this->table set "; foreach($this->array_update as $val){
$val=trim($val);
$sql.=" $val='".addslashes(nvl($_POST[$val]))."',";
}
$sql=substr($sql,0,strlen($sql)-1);
$pk=$this->pk_name;
$sql.=" where $pk='$this->pk_val'";
//echo $_POST[$this->pk_name]."----";
if(empty($this->pk_val))die('update no pk_val '.__FILE__.' '.__LINE__);
return $sql;
}
function set_select_sql($val){$this->select_sql=$val;}
function set_array_add($val){$this->array_add=$val;}
function set_array_update($val){$this->array_update=$val;}
function set_array_query($val){$this->array_query=$val;}
function set_array_valid($val){$this->array_valid=$val;}function set_oder_by($val){$this->array_oder_by=$val;}
function set_caption($val){$this->caption=$val;}
function set_pk_val($val){if(!empty($val))$this->pk_val=$val;}
function set_pk_name($val){
global $_POST;
if(!empty($val)){
$this->pk_name=$val;
if(!empty($_POST[$this->pk_name])){
if($this->pk_val)return;
$this->pk_val=$_POST[$this->pk_name];
}
}
}function set_html_query($val,$append=''){
global $ME;
$this->html_query=$val;
$this->html_query.="<INPUT TYPE=button VALUE='查询' onclick=this.form.submit();>
<INPUT TYPE=button VALUE='重置' onclick=\"location='$ME'\">".$append;
}
function set_html_cmd($val){$this->html_cmd=$val;}
function set_array_tpl($val){$this->array_tpl=$val;}function get_query_state(){
global $_POST;
$js_state="<script language=javascript>try{"; foreach($this->array_query as $val){
if(strlen(nvl($_POST[$val])))$js_state.="document.all.$val.value='$_POST[$val]';\n";
}
$js_state.="}catch(e){}</script>";
return $js_state;
}
function display_no_data($where){
global $ME;
if(!empty($where)){
return "<input type=button value='本查询没有数据,请重新查询' onclick=\"location='$ME'\">";
}else return "<input type=button value='没有数据,请添加数据' onclick=\"location='$ME?CMD=add'\">";
}function go_to_me($msg='',$url=''){
global $ME;
if($url)$ME=$url;
if(!empty($msg))$msg="alert('$msg');";
echo "<a href=$ME>back</a>";
echo "<script language=javascript>$msg;location='$ME';</script>";
die();
}}//end class