php实现酒店预订
PHP 实现酒店预订系统
酒店预订系统通常包含用户注册、房间查询、预订管理、支付处理等功能。以下是使用 PHP 实现酒店预订系统的关键步骤和代码示例。
数据库设计
创建数据库表结构,存储用户、房间和预订信息。
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL,
email VARCHAR(100) NOT NULL,
password VARCHAR(255) NOT NULL
);
CREATE TABLE rooms (
id INT AUTO_INCREMENT PRIMARY KEY,
type VARCHAR(50) NOT NULL,
price DECIMAL(10, 2) NOT NULL,
description TEXT,
availability BOOLEAN DEFAULT TRUE
);
CREATE TABLE bookings (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
room_id INT NOT NULL,
check_in DATE NOT NULL,
check_out DATE NOT NULL,
status VARCHAR(20) DEFAULT 'pending',
FOREIGN KEY (user_id) REFERENCES users(id),
FOREIGN KEY (room_id) REFERENCES rooms(id)
);用户注册与登录
实现用户注册和登录功能,确保安全性。
// 注册处理
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['register'])) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$stmt = $pdo->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)");
$stmt->execute([$username, $email, $password]);
}
// 登录处理
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
$email = $_POST['email'];
$password = $_POST['password'];
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
header("Location: dashboard.php");
}
}房间查询与预订
实现房间查询和预订功能。
// 查询可用房间
$check_in = $_POST['check_in'];
$check_out = $_POST['check_out'];
$stmt = $pdo->prepare("SELECT * FROM rooms WHERE availability = TRUE AND id NOT IN (
SELECT room_id FROM bookings WHERE
(check_in <= ? AND check_out >= ?) OR
(check_in <= ? AND check_out >= ?)
)");
$stmt->execute([$check_out, $check_in, $check_in, $check_out]);
$rooms = $stmt->fetchAll();
// 预订房间
if (isset($_POST['book'])) {
$room_id = $_POST['room_id'];
$user_id = $_SESSION['user_id'];
$stmt = $pdo->prepare("INSERT INTO bookings (user_id, room_id, check_in, check_out) VALUES (?, ?, ?, ?)");
$stmt->execute([$user_id, $room_id, $check_in, $check_out]);
}支付处理
集成支付网关(如 Stripe 或 PayPal)处理支付。
// Stripe 支付示例
require_once 'vendor/autoload.php';
\Stripe\Stripe::setApiKey('your_stripe_api_key');
$token = $_POST['stripeToken'];
$amount = $_POST['amount'];
try {
$charge = \Stripe\Charge::create([
'amount' => $amount * 100,
'currency' => 'usd',
'source' => $token,
'description' => 'Hotel Booking Payment'
]);
$stmt = $pdo->prepare("UPDATE bookings SET status = 'paid' WHERE id = ?");
$stmt->execute([$booking_id]);
} catch (\Stripe\Exception\ApiErrorException $e) {
echo $e->getMessage();
}预订管理
提供用户和管理员界面管理预订。
// 用户查看预订
$user_id = $_SESSION['user_id'];
$stmt = $pdo->prepare("SELECT bookings.*, rooms.type, rooms.price FROM bookings JOIN rooms ON bookings.room_id = rooms.id WHERE user_id = ?");
$stmt->execute([$user_id]);
$bookings = $stmt->fetchAll();
// 管理员管理预订
$stmt = $pdo->query("SELECT bookings.*, users.username, rooms.type FROM bookings JOIN users ON bookings.user_id = users.id JOIN rooms ON bookings.room_id = rooms.id");
$all_bookings = $stmt->fetchAll();安全性考虑
确保系统安全性,防止 SQL 注入和 XSS 攻击。
// 使用预处理语句防止 SQL 注入
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
// 转义输出防止 XSS
echo htmlspecialchars($user_input, ENT_QUOTES, 'UTF-8');部署与优化
部署到服务器并进行性能优化。
- 使用缓存(如 Redis)减少数据库查询。
- 启用 HTTPS 确保数据传输安全。
- 定期备份数据库。
通过以上步骤,可以构建一个功能完整的酒店预订系统。根据需求,可以进一步扩展功能,如评价系统、房间图片上传等。
