php 实现投票功能
实现投票功能的基本步骤
数据库设计
创建数据表存储投票选项和投票记录。常见的表结构包括:
polls表:存储投票主题(id,title,description,created_at)poll_options表:存储选项(id,poll_id,option_text,vote_count)poll_votes表:记录用户投票(id,poll_id,option_id,user_id,voted_at)
SQL 示例
CREATE TABLE polls (
id INT AUTO_INCREMENT PRIMARY KEY,
title VARCHAR(255) NOT NULL,
description TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE TABLE poll_options (
id INT AUTO_INCREMENT PRIMARY KEY,
poll_id INT NOT NULL,
option_text VARCHAR(255) NOT NULL,
vote_count INT DEFAULT 0,
FOREIGN KEY (poll_id) REFERENCES polls(id)
);
CREATE TABLE poll_votes (
id INT AUTO_INCREMENT PRIMARY KEY,
poll_id INT NOT NULL,
option_id INT NOT NULL,
user_id INT,
voted_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (poll_id) REFERENCES polls(id),
FOREIGN KEY (option_id) REFERENCES poll_options(id)
);前端表单提交
创建投票表单,用户可选择选项并提交:
<form action="vote.php" method="post">
<h3><?php echo htmlspecialchars($poll_title); ?></h3>
<?php foreach ($options as $option): ?>
<label>
<input type="radio" name="option_id" value="<?php echo $option['id']; ?>">
<?php echo htmlspecialchars($option['option_text']); ?>
</label><br>
<?php endforeach; ?>
<button type="submit">投票</button>
</form>后端处理逻辑
在 vote.php 中处理投票请求:
<?php
session_start();
require 'db_connection.php'; // 数据库连接文件
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['option_id'])) {
$option_id = intval($_POST['option_id']);
$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
// 检查用户是否已投票(如需限制)
if ($user_id) {
$stmt = $pdo->prepare("SELECT id FROM poll_votes WHERE poll_id = (SELECT poll_id FROM poll_options WHERE id = ?) AND user_id = ?");
$stmt->execute([$option_id, $user_id]);
if ($stmt->fetch()) {
die("您已参与过本次投票");
}
}
// 更新投票数
$pdo->beginTransaction();
try {
$pdo->prepare("UPDATE poll_options SET vote_count = vote_count + 1 WHERE id = ?")->execute([$option_id]);
$pdo->prepare("INSERT INTO poll_votes (poll_id, option_id, user_id) VALUES ((SELECT poll_id FROM poll_options WHERE id = ?), ?, ?)")
->execute([$option_id, $option_id, $user_id]);
$pdo->commit();
header("Location: results.php?poll_id=" . $pdo->lastInsertId());
} catch (Exception $e) {
$pdo->rollBack();
die("投票失败: " . $e->getMessage());
}
}
?>结果显示页面
在 results.php 中展示投票结果:
<?php
$poll_id = intval($_GET['poll_id']);
$stmt = $pdo->prepare("SELECT title FROM polls WHERE id = ?");
$stmt->execute([$poll_id]);
$poll = $stmt->fetch();
$options = $pdo->query("SELECT option_text, vote_count FROM poll_options WHERE poll_id = $poll_id")->fetchAll();
$total_votes = array_sum(array_column($options, 'vote_count'));
?>
<h3><?php echo htmlspecialchars($poll['title']); ?></h3>
<ul>
<?php foreach ($options as $option): ?>
<li>
<?php echo htmlspecialchars($option['option_text']); ?>:
<?php echo $option['vote_count']; ?> 票
(<?php echo $total_votes > 0 ? round($option['vote_count'] / $total_votes * 100, 2) : 0; ?>%)
</li>
<?php endforeach; ?>
</ul>安全注意事项
- 使用
htmlspecialchars()防止 XSS 攻击 - 通过
intval()或参数化查询防止 SQL 注入 - 对用户身份进行验证(如需要登录投票)
- 使用事务确保数据一致性
扩展功能建议
- 添加 IP 限制或 Cookie 验证防止刷票
- 实现多选投票(需修改表单和数据处理逻辑)
- 增加图表可视化(如使用 Chart.js)
- 设置投票截止时间(在
polls表中添加end_time字段)
