function.php

大学期间的一次数据库实验

<?php
	try {
		$db=new PDO(
			"mysql:dbname=bookshop;host=localhost;charset=utf-8",
			"root",
			"1qaz2wsx"
		);
	}catch (PDOException $e){
		die($e->getMessage());
	}
	
	function check_login($name,$password){
		global $db;
		$sql = "select id from admin where name='$name' and password ='$password'";
		$result = $db->query($sql);
		$user_id = $result->fetch();
		if($user_id){
			session_start();
			$_SESSION['SID'] = $user_id;
			echo "<script type='text/javascript'>";
			echo "window.location='admin/admin.php'";
			echo "</script>";
		} else {
			echo "<script type='text/javascript'>";
			echo "window.location='login.php'";
			echo "</script>";
		}
	}
	
	function is_admin($id){
		if(!$id){
			echo "<script type='text/javascript'>";	
			echo "window.location='../login.php'";
			echo "</script>";
		}
	}
	
	function add_book($book){
		global $db;
		$name = $book["name"];
		$author = $book["author"];
		$face =$book["face"];
		$info = $book["info"];
		$publish = $book["publish"];
		$total_page = (int)$book["total_page"];
		$price = (float)$book["price"];
		$stock = (int)$book["stock"];
		$sold = (int)$book["sold"];
		$to_be_sell = (int)$book["to_be_sell"];
		$add_date = $book["add_date"];
		$admin_id = (int)$book["admin_id"];
		$sql = "insert into book(name,author,face,info,publish,total_page,price,stock,sold,to_be_sell,add_date,admin_id) values('$name','$author','$face','$info','$publish',$total_page,$price,$stock,$sold,$to_be_sell,'$add_date',$admin_id)";
		try {
			$db->exec($sql);
		} catch (PDOException $e){
			die($e->getMessage());
		}
	}
	
	function control_book_table(){
		global $db;
		$sql = "select * from book";
		echo "<table border='1px'>";
			echo "<tr>";
				echo "<td>缂栧彿</td>";
				echo "<td>涔﹀悕</td>";
				echo "<td>浣滆