制作一个简单的PHP新闻列表框架

1、首先在Eclipse PHP上建立文件框架；-----admin 后台文件夹-----common 类配置文件夹-----config配置文件（系统配置文件）------templates (Smarty 配置的HTML文件夹）------templates_c（Smarty缓存文件夹）

2、添加管理员数据库；建立一个test数据库，建立一个p_admin表格，在表格上建立一个admin的管理员账号，密码采用md5()编译过后的密码，复制到password中。

3、配置smarty文件；1.将smarty文件复制到common的文件夹中，实现前台与后台的页面分离；2.在global.php文件中设置smarty的调用程序；$smarty = new Smarty(); //调用smarty函数$smarty ->template_dir =$smarty_template_dir;//配置smarty的模板路径$smarty ->compile_dir =$smarty_complie_dir;//配置smarty的编译路径$smarty ->config_dir =$smarty_config_dir;//配置smarty的配置路径$smarty ->cache_dir =$smarty_cache_dir;//配置smarty的缓存路径$smarty ->caching =$smarty_caching;//配置smarty的缓存$smarty ->left_delimiter =$smarty_delimiter[0];//配置smarty的分隔符$smarty ->right_delimiter=$smarty_delimiter[1];//配置smarty的分隔符3.在config/config.php文件中配置smarty；$smarty_template_dir ='./templates/';$smarty_complie_dir ='./templates_c/';$smarty_config_dir ='./configs/';$smarty_cache_dir ='./cache/';$smarty_caching = FALSE;$smarty_delimiter =explode("|","{|}");4.调试smarty是否配置完成；在index文件上：1.在template模板文件夹中放置index.html文件夹；2.在index.php文件夹中配置代码： $smarty->display("index1.html"); 测试smarty是否配置成功。

4、配置数据库；1.配置数据库的类；（这里分享一个很经典的php mysql的类）class mysql { private $db_host; //数据库主机 private $db_user; //数据库用户名 private $db_pwd; //数据库用户名密码 private $db_database; //数据库名 private $conn; //数据库连接标识; private $result; //执行query命令的结果资源标识 private $sql; //sql执行语句 private $row; //返回的条目数 private $coding; //数据库编码，GBK,UTF8,gb2312 private $bulletin = true; //是否开启错误记录 private $show_error = true; //测试阶段，显示所有错误,具有安全隐患,默认关闭 private $is_error = false; //发现错误是否立即终止,默认true,建议不启用，因为当有问题时用户什么也看不到是很苦恼的 /*构造函数*/ public function __construct($db_host, $db_user, $db_pwd, $db_database, $conn, $coding) { $this->db_host = $db_host; $this->db_user = $db_user; $this->db_pwd = $db_pwd; $this->db_database = $db_database; $this->conn = $conn; $this->coding = $coding; $this->connect(); } /*数据库连接*/ public function connect() { if ($this->conn == "pconn") { //永久链接 $this->conn = mysql_pconnect($this->db_host, $this->db_user, $this->db_pwd); } else { //即使链接 $this->conn = mysql_connect($this->db_host, $this->db_user, $this->db_pwd); } if (!mysql_select_db($this->db_database, $this->conn)) { if ($this->show_error) { $this->show_error("数据库不可用：", $this->db_database); } } mysql_query("SET NAMES $this->coding"); } /*数据库执行语句，可执行查询添加修改删除等任何sql语句*/ public function query($sql) { if ($sql == "") { $this->show_error("SQL语句错误：", "SQL查询语句为空"); } $this->sql = $sql; $result = mysql_query($this->sql, $this->conn); if (!$result) { //调试中使用，sql语句出错时会自动打印出来 if ($this->show_error) { $this->show_error("错误SQL语句：", $this->sql); } } else { $this->result = $result; } return $this->result; } /*创建添加新的数据库*/ public function create_database($database_name) { $database = $database_name; $sqlDatabase = 'create database ' . $database; $this->query($sqlDatabase); } /*查询服务器所有数据库*/ //将系统数据库与用户数据库分开，更直观的显示？ public function show_databases() { $this->query("show databases"); echo "现有数据库：" . $amount = $this->db_num_rows($rs); echo "<br />"; $i = 1; while ($row = $this->fetch_array($rs)) { echo "$i $row[Database]"; echo "<br />"; $i++; } } //以数组形式返回主机中所有数据库名 public function databases() { $rsPtr = mysql_list_dbs($this->conn); $i = 0; $cnt = mysql_num_rows($rsPtr); while ($i < $cnt) { $rs[] = mysql_db_name($rsPtr, $i); $i++; } return $rs; } /*查询数据库下所有的表*/ public function show_tables($database_name) { $this->query("show tables"); echo "现有数据库：" . $amount = $this->db_num_rows($rs); echo "<br />"; $i = 1; while ($row = $this->fetch_array($rs)) { $columnName = "Tables_in_" . $database_name; echo "$i $row[$columnName]"; echo "<br />"; $i++; } } /* mysql_fetch_row() array $row[0],$row[1],$row[2] mysql_fetch_array() array $row[0] 或 $row[id] mysql_fetch_assoc() array 用$row->content 字段大小写敏感 mysql_fetch_object() object 用$row[id],$row[content] 字段大小写敏感 */ /*取得结果数据*/ public function mysql_result_li() { return mysql_result($str); } /*取得记录集,获取数组-索引和关联,使用$row['content'] */ public function fetch_array() { return mysql_fetch_array($this->result); } //获取关联数组,使用$row['字段名'] public function fetch_assoc() { return mysql_fetch_assoc($this->result); } //获取数字索引数组,使用$row[0],$row[1],$row[2] public function fetch_row() { return mysql_fetch_row($this->result); } //获取对象数组,使用$row->content public function fetch_Object() { return mysql_fetch_object($this->result); } //简化查询select public function findall($table) { $this->query("SELECT * FROM $table"); } //简化查询select public function select($table, $columnName = "*", $condition = '', $debug = '') { $condition = $condition ? ' Where ' . $condition : NULL; if ($debug) { echo "SELECT $columnName FROM $table $condition"; } else { $this->query("SELECT $columnName FROM $table $condition"); } } //简化删除del public function delete($table, $condition, $url = '') { if ($this->query("DELETE FROM $table WHERE $condition")) { if (!empty ($url)) $this->Get_admin_msg($url, '删除成功！'); } } //简化插入insert public function insert($table, $columnName, $value, $url = '') { if ($this->query("INSERT INTO $table ($columnName) VALUES ($value)")) { if (!empty ($url)) $this->Get_admin_msg($url, '添加成功！'); } } //简化修改update public function update($table, $mod_content, $condition, $url = '') { //echo "UPDATE $table SET $mod_content WHERE $condition"; exit(); if ($this->query("UPDATE $table SET $mod_content WHERE $condition")) { if (!empty ($url)) $this->Get_admin_msg($url); } } /*取得上一步 INSERT 操作产生的 ID*/ public function insert_id() { return mysql_insert_id(); } //指向确定的一条数据记录 public function db_data_seek($id) { if ($id > 0) { $id = $id -1; } if (!@ mysql_data_seek($this->result, $id)) { $this->show_error("SQL语句有误：", "指定的数据为空"); } return $this->result; } // 根据select查询结果计算结果集条数 public function db_num_rows() { if ($this->result == null) { if ($this->show_error) { $this->show_error("SQL语句错误", "暂时为空，没有任何内容！"); } } else { return mysql_num_rows($this->result); } } // 根据insert,update,delete执行结果取得影响行数 public function db_affected_rows() { return mysql_affected_rows(); } //输出显示sql语句 public function show_error($message = "", $sql = "") { if (!$sql) { echo "<font color='red'>" . $message . "</font>"; echo "<br />"; } else { echo "<fieldset>"; echo "<legend>错误信息提示:</legend><br />"; echo "<div style='font-size:14px; clear:both; font-family:Verdana, Arial, Helvetica, sans-serif;'>"; echo "<div style='height:20px; background:#000000; border:1px #000000 solid'>"; echo "<font color='white'>错误号：12142</font>"; echo "</div><br />"; echo "错误原因：" . mysql_error() . "<br /><br />"; echo "<div style='height:20px; background:#FF0000; border:1px #FF0000 solid'>"; echo "<font color='white'>" . $message . "</font>"; echo "</div>"; echo "<font color='red'><pre>" . $sql . "</pre></font>"; $ip = $this->getip(); if ($this->bulletin) { $time = date("Y-m-d H:i:s"); $message = $message . "\r\n$this->sql" . "\r\n客户IP:$ip" . "\r\n时间 :$time" . "\r\n\r\n"; $server_date = date("Y-m-d"); $filename = $server_date . ".txt"; $file_path = "error/" . $filename; $error_content = $message; //$error_content="错误的数据库，不可以链接"; $file = "error"; //设置文件保存目录 //建立文件夹 if (!file_exists($file)) { if (!mkdir($file, 0777)) { //默认的 mode 是 0777，意味着最大可能的访问权 die("upload files directory does not exist and creation failed"); } } //建立txt日期文件 if (!file_exists($file_path)) { //echo "建立日期文件"; fopen($file_path, "w+"); //首先要确定文件存在并且可写 if (is_writable($file_path)) { //使用添加模式打开$filename，文件指针将会在文件的开头 if (!$handle = fopen($file_path, 'a')) { echo "不能打开文件 $filename"; exit; } //将$somecontent写入到我们打开的文件中。 if (!fwrite($handle, $error_content)) { echo "不能写入到文件 $filename"; exit; } //echo "文件 $filename 写入成功"; echo "——错误记录被保存!"; //关闭文件 fclose($handle); } else { echo "文件 $filename 不可写"; } } else { //首先要确定文件存在并且可写 if (is_writable($file_path)) { //使用添加模式打开$filename，文件指针将会在文件的开头 if (!$handle = fopen($file_path, 'a')) { echo "不能打开文件 $filename"; exit; } //将$somecontent写入到我们打开的文件中。 if (!fwrite($handle, $error_content)) { echo "不能写入到文件 $filename"; exit; } //echo "文件 $filename 写入成功"; echo "——错误记录被保存!"; //关闭文件 fclose($handle); } else { echo "文件 $filename 不可写"; } } } echo "<br />"; if ($this->is_error) { exit; } } echo "</div>"; echo "</fieldset>"; echo "<br />"; } //释放结果集 public function free() { @ mysql_free_result($this->result); } //数据库选择 public function select_db($db_database) { return mysql_select_db($db_database); } //查询字段数量 public function num_fields($table_name) { //return mysql_num_fields($this->result); $this->query("select * from $table_name"); echo "<br />"; echo "字段数：" . $total = mysql_num_fields($this->result); echo "<pre>"; for ($i = 0; $i < $total; $i++) { print_r(mysql_fetch_field($this->result, $i)); } echo "</pre>"; echo "<br />"; } //取得 MySQL 服务器信息 public function mysql_server($num = '') { switch ($num) { case 1 : return mysql_get_server_info(); //MySQL 服务器信息 break; case 2 : return mysql_get_host_info(); //取得 MySQL 主机信息 break; case 3 : return mysql_get_client_info(); //取得 MySQL 客户端信息 break; case 4 : return mysql_get_proto_info(); //取得 MySQL 协议信息 break; default : return mysql_get_client_info(); //默认取得mysql版本信息 } } //析构函数，自动关闭数据库,垃圾回收机制 public function __destruct() { if (!empty ($this->result)) { $this->free(); } //mysql_close($this->conn); } //function __destruct(); /*获得客户端真实的IP地址*/ function getip() { if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) { $ip = getenv("HTTP_CLIENT_IP"); } else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) { $ip = getenv("HTTP_X_FORWARDED_FOR"); } else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) { $ip = getenv("REMOTE_ADDR"); } else if (isset ($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) { $ip = $_SERVER['REMOTE_ADDR']; } else { $ip = "unknown"; } return ($ip); } function inject_check($sql_str) { //防止注入 $check = eregi('select|insert|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile', $sql_str); if ($check) { echo "输入非法注入内容！"; exit (); } else { return $sql_str; } } function checkurl() { //检查来路 if (preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) !== preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])) { header("Location: http://www.kebeke.com"); exit(); } }} $db=new mysql($db_host, $db_user, $db_pwd, $db_database,$conn,$coding);?>2.测试数据库是否连接成功：1.$db = new action($db_host, $db_user, $db_pwd,$db_database,$conn,$coding); //实例化数据库类；2.代码测试数据库是否连接成功：$query=$db->queryquery(select*from p_admin);$row=$db->fetch_array($query);echo $row[username];

5、编写后台登录界面；1.配置后台操作控制类action.class.php:代码如下：（此代码的目的为了后台判断及跳转）<?php class action extends MySQL { /** * 用户权限判断($uid, $shell, $m_id) */ public function Get_user_shell($uid, $shell) { $query = $this->select('p_admin', '*', '`uid` = \'' . $uid . '\''); $us = is_array($row = $this->fetch_array($query)); $shell = $us ? $shell == md5($row[username] . $row[password] . "PHP100") : FALSE; return $shell ? $row : NULL; } //end shell public function Get_user_shell_check($uid, $shell, $m_id = 9) { if ($row=$this->Get_user_shell($uid, $shell)) { if ($row[m_id] <= $m_id) { return $row; } else { echo "你无权限操作！"; exit (); } //end m_id } else { $this->Get_admin_msg('index.php','请先登陆'); } } //end shell //======================================== /** * 用户登陆超时时间(秒) */ public function Get_user_ontime($long = '3600') { $new_time = mktime(); $onlinetime = $_SESSION[ontime]; echo $new_time - $onlinetime; if ($new_time - $onlinetime > $long) { echo "登录超时"; session_destroy(); exit (); } else { $_SESSION[ontime] = mktime(); } } /** * 用户登陆 */ public function Get_user_login($username, $password) { $username = str_replace(" ", "", $username); $query = $this->select('p_admin', '*', '`username` = \'' . $username . '\''); $us = is_array($row = $this->fetch_array($query)); ; $ps = $us ? md5($password) == $row[password] : FALSE; if ($ps) { $_SESSION[uid] = $row[uid]; $_SESSION[shell] = md5($row[username] . $row[password] . "PHP100"); $_SESSION[ontime] = mktime(); $this->Get_admin_msg('main.php','登陆成功！'); } else { $this->Get_admin_msg('index.php','密码或用户错误！'); session_destroy(); } } /** * 用户退出登陆 */ public function Get_user_out() { session_destroy(); $this->Get_admin_msg('index.php','退出成功！'); } /** * 后台通用信息提示 */ public function Get_admin_msg($url, $show = '操作已成功！') { $msg = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <link rel="stylesheet" href="css/common.css" mce_href="css/common.css" type="text/css" /> <meta http-equiv="refresh" content="2; URL=' . $url . '" /> <title>管理区域</title> </head> <body> <div id="man_zone"> <table width="30%" border="1" align="center" cellpadding="3" cellspacing="0" class="table" style="margin-top:100px;" mce_style="margin-top:100px;"> <tr> <th align="center" style="background:#cef" mce_style="background:#cef">信息提示</th> </tr> <tr> <td><p>' . $show . '<br /> 2秒后返回指定页面！<br /> 如果浏览器无法跳转，<a href="' . $url . '" mce_href="' . $url . '">请点击此处</a>。</p></td> </tr> </table> </div> </body> </html>'; echo $msg; exit (); } //======================== } //end class ?> 2.配置后台配置公共文件：admin_global.php,代码如下：<?phpsession_start(); //通过session进行数据传值include_once '../configs/config.php';include_once '../common/db.class.php';include_once 'common/action.class.php';include_once 'common/page.class.php';$db= new action($db_host, $db_user, $db_pwd, $db_database, $conn , $coding);//数据库操作类$uid= $_SESSION[uid];$shell= $_SESSION[shell];?>4.配置登录界面： a.首先下载一个登录的模板（html的代码）； b.在html代码前面增加php代码进行登录判断: 代码如下： （此代码为判断登录的用户名及密码是否与数据库一致）<?phpsession_start();include_once 'admin_global.php';if((!empty($_POST[username]))&&(!empty($_POST[password]))&&$_POST[submit]){ $r=$db->Get_user_login($_POST["username"],$_POST["password"]);}?>这样，一个完整的框架就已经搭建完成了。现在根据各自的功能的需要，进行2次开发了。