-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbooks.php
More file actions
118 lines (103 loc) · 3.95 KB
/
books.php
File metadata and controls
118 lines (103 loc) · 3.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Authorization");
header("Content-Type: application/json");
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
exit(0);
}
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "library_db";
$port = 3307;
$conn = new mysqli($servername, $username, $password, $dbname, $port);
if ($conn->connect_error) {
http_response_code(500);
echo json_encode(['error' => "Connection failed: " . $conn->connect_error]);
exit;
}
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
case 'GET':
if (isset($_GET['id'])) {
$id = intval($_GET['id']);
$sql = "SELECT id, book_title, author_name, genre, publication_year, quantity FROM library WHERE id=$id";
$result = $conn->query($sql);
$row = $result->fetch_assoc();
echo json_encode($row ?: []);
} else {
$sql = "SELECT id, book_title, author_name, genre, publication_year, quantity FROM library";
$result = $conn->query($sql);
$rows = [];
while ($row = $result->fetch_assoc()) {
$rows[] = $row;
}
echo json_encode($rows);
}
break;
case 'POST':
// POST 包含新增和更新(带 id)
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$book_title = $conn->real_escape_string($_POST['book_title'] ?? '');
$author_name = $conn->real_escape_string($_POST['author_name'] ?? '');
$genre = $conn->real_escape_string($_POST['genre'] ?? '');
$publication_year = intval($_POST['publication_year'] ?? 0);
$quantity = intval($_POST['quantity'] ?? 0);
$imgData = null;
if (isset($_FILES['book_cover']) && $_FILES['book_cover']['error'] === UPLOAD_ERR_OK) {
$imgData = file_get_contents($_FILES['book_cover']['tmp_name']);
$imgData = $conn->real_escape_string($imgData);
}
if ($id > 0) {
// 更新
$sql = "UPDATE library SET
book_title='$book_title',
author_name='$author_name',
genre='$genre',
publication_year=$publication_year,
quantity=$quantity";
if ($imgData !== null) {
$sql .= ", book_cover='$imgData'";
}
$sql .= " WHERE id=$id";
if ($conn->query($sql) === TRUE) {
echo json_encode(['status' => 'updated']);
} else {
http_response_code(500);
echo json_encode(['error' => $conn->error]);
}
} else {
// 新增
$sql = "INSERT INTO library (book_title, author_name, genre, publication_year, quantity, book_cover) VALUES (
'$book_title', '$author_name', '$genre', $publication_year, $quantity, " .
($imgData !== null ? "'$imgData'" : "NULL") . ")";
if ($conn->query($sql) === TRUE) {
echo json_encode(['status' => 'success', 'id' => $conn->insert_id]);
} else {
http_response_code(500);
echo json_encode(['error' => $conn->error]);
}
}
break;
case 'DELETE':
if (!isset($_GET['id'])) {
http_response_code(400);
echo json_encode(['error' => 'Missing id']);
exit;
}
$id = intval($_GET['id']);
$sql = "DELETE FROM library WHERE id=$id";
if ($conn->query($sql) === TRUE) {
echo json_encode(['status' => 'deleted']);
} else {
http_response_code(500);
echo json_encode(['error' => $conn->error]);
}
break;
default:
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
break;
}
$conn->close();