php实现在线预约系统
数据库设计
创建一个MySQL数据库表存储预约信息,包含字段如id、name、email、phone、service_type、appointment_date、appointment_time、status等。示例SQL:
CREATE TABLE appointments (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100) NOT NULL,
email VARCHAR(100) NOT NULL,
phone VARCHAR(20) NOT NULL,
service_type VARCHAR(50) NOT NULL,
appointment_date DATE NOT NULL,
appointment_time TIME NOT NULL,
status ENUM('pending', 'confirmed', 'cancelled') DEFAULT 'pending',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);表单界面
使用HTML和CSS创建预约表单,包含必要字段验证。示例表单代码:
<form action="submit_appointment.php" method="post">
<input type="text" name="name" placeholder="Full Name" required>
<input type="email" name="email" placeholder="Email" required>
<input type="tel" name="phone" placeholder="Phone Number" required>
<select name="service_type" required>
<option value="">Select Service</option>
<option value="consultation">Consultation</option>
<option value="checkup">Checkup</option>
</select>
<input type="date" name="appointment_date" required>
<input type="time" name="appointment_time" required>
<button type="submit">Book Appointment</button>
</form>后端处理
创建PHP脚本处理表单提交,验证数据并存入数据库:
<?php
// 连接数据库
$conn = new mysqli('localhost', 'username', 'password', 'appointment_db');
// 检查连接
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// 获取表单数据
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$service_type = $_POST['service_type'];
$appointment_date = $_POST['appointment_date'];
$appointment_time = $_POST['appointment_time'];
// 插入数据
$sql = "INSERT INTO appointments (name, email, phone, service_type, appointment_date, appointment_time)
VALUES (?, ?, ?, ?, ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssssss", $name, $email, $phone, $service_type, $appointment_date, $appointment_time);
if ($stmt->execute()) {
echo "Appointment booked successfully!";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$stmt->close();
$conn->close();
?>预约管理后台
创建管理员界面查看和管理预约:
// 查询所有预约
$sql = "SELECT * FROM appointments ORDER BY appointment_date, appointment_time";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<tr>
<td>".$row["name"]."</td>
<td>".$row["email"]."</td>
<td>".$row["appointment_date"]."</td>
<td>".$row["appointment_time"]."</td>
<td>".$row["status"]."</td>
<td>
<a href='confirm.php?id=".$row["id"]."'>Confirm</a>
<a href='cancel.php?id=".$row["id"]."'>Cancel</a>
</td>
</tr>";
}
}时间冲突检查
在提交预约前检查时间是否已被占用:
$check_sql = "SELECT id FROM appointments
WHERE appointment_date = ?
AND appointment_time = ?";
$check_stmt = $conn->prepare($check_sql);
$check_stmt->bind_param("ss", $appointment_date, $appointment_time);
$check_stmt->execute();
$check_result = $check_stmt->get_result();
if ($check_result->num_rows > 0) {
echo "This time slot is already booked. Please choose another time.";
exit;
}邮件通知
使用PHP邮件函数发送确认邮件:
$to = $email;
$subject = "Appointment Confirmation";
$message = "Dear $name,\n\nYour appointment for $service_type on $appointment_date at $appointment_time has been booked.";
$headers = "From: appointments@yourdomain.com";
mail($to, $subject, $message, $headers);安全防护
添加基本安全措施防止SQL注入和XSS攻击:
// 过滤输入
$name = htmlspecialchars(strip_tags($_POST['name']));
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
// 使用预处理语句防止SQL注入
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssssss", $name, $email, $phone, $service_type, $appointment_date, $appointment_time);完整系统扩展
考虑添加以下功能增强系统:
- 用户注册登录系统
- 预约修改功能
- 预约提醒功能
- 日历视图展示可用时间段
- 多语言支持
- 支付集成(如需收费服务)
