php实现crud
PHP 实现 CRUD 操作
CRUD(Create, Read, Update, Delete)是数据库操作的基本功能。以下是一个使用 PHP 和 MySQL 实现 CRUD 的完整示例。
数据库准备
创建名为 users 的示例表:
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(50) NOT NULL,
email VARCHAR(50) NOT NULL,
phone VARCHAR(15)
);数据库连接配置(db.php)
<?php
$host = 'localhost';
$dbname = 'test_db';
$username = 'root';
$password = '';
try {
$conn = new PDO("mysql:host=$host;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
?>创建(Create)
<?php
include 'db.php';
if(isset($_POST['submit'])) {
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$sql = "INSERT INTO users (name, email, phone) VALUES (:name, :email, :phone)";
$stmt = $conn->prepare($sql);
$stmt->execute(['name' => $name, 'email' => $email, 'phone' => $phone]);
header("Location: index.php");
exit();
}
?>
<form method="post">
<input type="text" name="name" placeholder="Name" required>
<input type="email" name="email" placeholder="Email" required>
<input type="text" name="phone" placeholder="Phone">
<button type="submit" name="submit">Add User</button>
</form>读取(Read)
<?php
include 'db.php';
$sql = "SELECT * FROM users";
$stmt = $conn->prepare($sql);
$stmt->execute();
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<table>
<tr>
<th>ID</th>
<th>Name</th>
<th>Email</th>
<th>Phone</th>
<th>Actions</th>
</tr>
<?php foreach($users as $user): ?>
<tr>
<td><?= $user['id'] ?></td>
<td><?= $user['name'] ?></td>
<td><?= $user['email'] ?></td>
<td><?= $user['phone'] ?></td>
<td>
<a href="edit.php?id=<?= $user['id'] ?>">Edit</a>
<a href="delete.php?id=<?= $user['id'] ?>" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</table>更新(Update)
<?php
include 'db.php';
if(isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "SELECT * FROM users WHERE id = :id";
$stmt = $conn->prepare($sql);
$stmt->execute(['id' => $id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
}
if(isset($_POST['update'])) {
$id = $_POST['id'];
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$sql = "UPDATE users SET name = :name, email = :email, phone = :phone WHERE id = :id";
$stmt = $conn->prepare($sql);
$stmt->execute(['id' => $id, 'name' => $name, 'email' => $email, 'phone' => $phone]);
header("Location: index.php");
exit();
}
?>
<form method="post">
<input type="hidden" name="id" value="<?= $user['id'] ?>">
<input type="text" name="name" value="<?= $user['name'] ?>" required>
<input type="email" name="email" value="<?= $user['email'] ?>" required>
<input type="text" name="phone" value="<?= $user['phone'] ?>">
<button type="submit" name="update">Update User</button>
</form>删除(Delete)
<?php
include 'db.php';
if(isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "DELETE FROM users WHERE id = :id";
$stmt = $conn->prepare($sql);
$stmt->execute(['id' => $id]);
header("Location: index.php");
exit();
}
?>安全注意事项
使用预处理语句防止 SQL 注入 验证和过滤所有用户输入 对敏感操作实施 CSRF 保护 在生产环境中使用 HTTPS
扩展建议
添加分页功能提高大数据量性能 实现搜索和过滤功能 使用 AJAX 实现无刷新操作 考虑使用 PHP 框架如 Laravel 或 Symfony 简化开发
