Design and Development of Product Quotation System Based on PHP

Summary

With the continuous deepening of the application of Internet technology, more and more elements of e-commerce have been integrated into the production and sales chain of products. Through the Internet, consumers can establish intuitive connections with different types of products from all over the world, and complete the purchase process through convenient and fast operations. In order to facilitate users to compare the prices, performances and other parameters of products from different manufacturers and different origins among tens of millions of products, quickly find the products they need, shorten the purchase time as much as possible, and share information between manufacturers and consumers To establish an efficient platform, adopt simple and efficient PHP language and MySQL database and other technologies, and draw on the most classic technical ideas and development models in the open source community to design and develop this product quotation system. The system mainly implements front-end modules such as product search, user reviews, and online purchases, and back-end modules such as product management, user management, and order management. Through scientific and comprehensive testing, the system has realized the main functions of product quotation and online shopping. As an important supplement to the existing e-commerce and online shopping mode, the product quotation system will definitely show its outstanding advantages in practical application.

Keywords : product quotation; online shopping; e-commerce; PHP; MySQL; open source community

Table of contents

Design and Development of Product Quotation System Based on PHP

Summary

1 Introduction

1.1 System development background

1.1.1 Development of Online Shopping

1.1.2 Current Situation of Product Quotation System

1.2 Goals realized by the system

1.3 Significance of system development

2 Analysis of Product Quotation System

2.1 Design goals of the website

2.2 Feasibility analysis of the website

2.2.1 User groups and market analysis

2.2.2 Technical Capability Analysis

2.2.3 Feasibility Analysis Summary

2.3 Features of website design

3 System development technology and main framework

3.1 Selection of development technology

3.1.1 PHP programming technology

3.1.2 Development of MySQL open source database

3.2 The main structure and development mode of the system

4 System function and process analysis

4.1 Design and Analysis of Platform Functional Modules

4.2 System flow analysis

4.2.1 Front-end shopping process

4.2.2 Registration and login function process

4.2.3 Product search process

4.2.4 Message and comment process

4.2.5 Commodity management process

4.2.6 Order Processing Process

4.2.7 User Management Process

5. Concrete Realization of System Functions

5.1 Design of system database

5.2 General Description of Functions

5.2.1 System flow chart

5.2.2 Directory Structure Description

5.3 Realization of each functional module

5.3.1 Database connection

5.3.2 User registration and audit module

5.3.3 Implementation of user login module

5.3.4 Realization of commodity search module

5.3.5 Implementation of shopping cart module

5.3.6 Implementation of product management module

5.3.7 Implementation of user management and permissions

5.3.8 Order and comment management

5.3.9 System data management

6 System testing and analysis of difficulties

6.1 Construction of the system operating environment

6.2 System program installation

6.3 System testing

6.3.1 Test analysis of key parts of the system

6.3.2 Analysis and explanation of test results

6.3.3 System security and performance analysis

6.4 Problems and solutions in the system

in conclusion

references

thanks

1 Introduction

1.1 System development background

1.1.1 Development of Online Shopping

Shopping online can be considered a part of e-commerce. In a broad sense, e-commerce refers to a system that relies on modern information technology and network technology, integrates financial electronics, management information, and business information networking, and aims to realize the harmony and unity of material flow, capital flow, and information flow. The new trade mode is the electronic and networked trade process [1].

Online shopping has also become a fashion, it provides people with the possibility to buy anything they need without leaving home, so it has been accepted and recognized by more and more consumers, especially those who grew up in the Internet age young people. Of course, successful e-commerce cannot be accomplished simply by writing a set of programs. It not only needs to be closely linked with the financial system, but also needs to be supported by a complete logistics system. In addition, there must be a good reputation, strong pre-publicity, and perfect after-sales service. There are many successful online shopping sites in China, such as Alibaba, no matter which aspect they are, they are all models worth learning.

Although my country's online shopping system is not yet mature enough, and there are still various problems, its development is in line with economic principles and people's needs. As long as the right medicine is prescribed, it will be able to gradually develop and improve, and occupy a firm position in the fiercely competitive modern business competition. .

1.1.2 Current Situation of Product Quotation System

The development of the product quotation system is mainly used to help consumers find the products they need by comparing product parameters in the shortest time, and use the online purchase function provided by the system to realize the entire shopping process.

At present, the product quotation system has been more and more applied to large-scale e-commerce solutions, and has achieved good results. On Paopao.com ( publishing the most authoritative and latest IT product quotations in real time, 500 product categories, 220,000 products in the -Bubble.com product quotation query channel), Zhongguancun Online ( IT digital product quotations_Zhongguancun Online Quotation_Professional IT Digital Product Center-Zhongguancun Online Product Library ), IT World Network ( http://www.it.com.cn/ ), Pacific Internet ( Quotation_Pacific Technology ) and other domestic famous IT and digital product information networks are all Provides a powerful product quotation function [1].

1.2 Goals realized by the system

This system mainly realizes the combination of product quotation and traditional online shopping. On the one hand, users can use the system to search for various attributes of products, make a simple comparison of products from different manufacturers and different models, and finally submit an order and complete the entire online purchase process. On the other hand, establish a strict review and fast order processing mechanism, and manage the rights of administrators, which are divided into system administrators, product administrators, and order administrators. The administrator sets the product category and manufacturer information in the background, and customizes the attributes of different products, and establishes exclusive product attribute fields.

1.3 Significance of system development

The development of this system will shorten the intermediate link between product selection and shopping for users to a certain extent, simplify the shopping process and improve efficiency. Save a lot of time for users. Through the review of newly registered users, a safe and reliable shopping environment can be established to solve the problem of integrity in traditional e-commerce.

2 Analysis of Product Quotation System

2.1 Design goals of the website

The website uses a concise framework structure, allowing users who have passed the review and logged in to search for products,

Use the shopping cart, fill in the order, select payment and delivery methods, etc., and users can post product reviews. When filling in the order, they can attach a message to explain the products they ordered. The administrator has the right to perform user management (including review, view, edit and add), order management and message management, as well as some general settings and database management (including backup and recovery) in the background panel.

2.2 Feasibility analysis of the website

2.2.1 User groups and market analysis

From the analysis of the characteristics of the user group, they are mainly young people between the ages of 18 and 35 [2], they are more likely to accept new lifestyles, and they also have a lot of spending power, and with the rapid growth of the number of Internet users , Internet users of all ages are gradually accepting this new way of shopping, and the rise of online payment and logistics industries has highlighted the advantages of e-commerce. As of the first quarter of this year, the number of Internet users in my country has reached 144 million, which is a huge base and is constantly increasing. The huge user base is bound to inject strong vitality into the online shopping market.

From the analysis of the market prospect, according to a report on the development of global online shopping released by two American institutions, in 2007, the global online shopping market capacity will increase by 20%, reaching 211 billion US dollars. However, my country's online shopping market has entered fierce competition, including domestic and foreign giants such as Taobao, eBay, and Dangdang, which have already mastered absolute market shares. Experts predict that my country's online shopping market will reach 28 billion yuan in the next few years, and e-commerce has become another new support point for my country's Internet industry after portals, games, short messages and searches.

2.2.2 Technical Capability Analysis

According to the functional requirements of this system, the PHP programming language and the open source MySQL database engine are used for development. Since PHP is an efficient programming language with clear language structure, it is especially suitable for the development of modular functions, and because it is closely integrated with the server, there are a large number of excellent function libraries available, which have a great impact on execution efficiency and security. Great advantage. As a fast, multi-threaded, multi-user and robust SQL database server, MySQL still maintains a high execution speed in a data environment of tens of millions according to third-party test results. Therefore, technically, it is completely feasible.

2.2.3 Summary of Feasibility Analysis

Combining the characteristics of the online shopping market user groups and growing demand, as well as factors such as technology and market prospects, the online shopping market has great development prospects, and the product quotation system is based on the comparison of product prices and other parameters. The online shopping system on the Internet, so the development of this system is feasible.

2.3 Features of website design

The design of the system needs to pay attention to the safety and smoothness of user operation. Therefore, it is necessary to limit the user management and qualification review. Only members who have been reviewed and confirmed have the right to use the ordering function of the product, and different permissions must be assigned to administrators. Search will occupy an important position in the system functions, and multiple attribute fields of products can be used for fuzzy search, and comparison and purchase channels can be provided in the search results.

3 System development technology and main framework

3.1 Selection of development technology

3.1.1 PHP programming technology

PHP ("PHP Hypertext Preprocessor", an acronym for Hypertext Preprocessor) is a widely used open source, multipurpose scripting language that can be embedded in HTML and is especially suitable for web development. It is also a simple, object-oriented, interpreted, robust, safe, very high-performance, architecture-independent, portable, dynamic scripting language.

The PHP code is interpreted on the server side and converted into ordinary HTML page content and sent to the browser side. This mode allows us to use it to complete quite complex functions. It can run in most operating system environments including Windows and Linux, and is often used in conjunction with the free web server software Apache and the free database software MySQL on the Linux platform, which has a high cost performance.

Powerful database support: Currently, its support covers most of the common databases including Oracle, Sybase, Microsoft SQL, MySQL, Informix, Solid dBase, ODBC, Unix dbm, PostgreSQL, Adabas D, etc. It is very simple to write a web page program with database function.

PHP can be compiled to have functions for interfacing with many databases. PHP and MySQL are a great combination.

Scalability: As mentioned earlier, PHP has entered a period of rapid development. It may be difficult for a non-programmer to extend PHP with additional functionality, but it is not difficult for a PHP programmer.

Object Oriented Programming: PHP provides classes and objects. Web-based programming jobs require object-oriented programming skills. PHP also supports constructors, extracting classes, etc.

3.1.2 Development of MySQL open source database

MySQL is the most popular open source SQL database management system developed, distributed and supported by MySQL AB. MySQL AB is a commercial company based on MySQL developers, a second generation open source company using a successful business model combining open source values and methodologies. MySQL is a registered trademark of MySQL AB.

Its main features and advantages are as follows:

MySQL is a fast, multi-threaded, multi-user and robust SQL database server. The MySQL server supports the use of mission-critical, heavy-duty production systems, or it can be embedded in a large configuration (mass-deployed) software.

MySQL is a relational database management system. It stores data in separate tables to increase access speed and flexibility. The SQL in "MySQL" stands for "Structured Query Language". SQL is the most common standard language for accessing databases, and it is the SQL standard defined by ANSI/ISO.

MySQL is open source. Open source means that anyone can use and modify the software, and anyone can download and use MySQL from the Internet without paying any fees.

3.2 The main structure and development mode of the system

1. 1. B/S-based architecture

The quotation system of this product adopts B/S mode, and the server adopts the famous web server-side software apache. The http server has good cross-platform and security, and can run on operating systems including windows, linux, and mac. The user client can browse and operate normally with various browsers. It should be noted that during the development of the program, the file directory structure of different operating systems should be taken into account in relation to the program and the path.

1. 1. Application of OOP (Object-Oriented Programming) in PHP

The object-oriented approach is a software development method that uses concepts such as objects, classes, inheritance, encapsulation, aggregation, message passing, and polymorphism to construct systems. The basic idea of the object-oriented method is to construct a software system starting from the objectively existing things (ie objects) in the real world, and use the natural way of thinking of human beings as much as possible in the system construction.

The debate about whether the OOP idea is applicable to PHP program development has been going on. On the one hand, PHP has always been known for its fast development, and variables can be directly called in the program. Moreover, PHP itself provides a huge function library. OOP, on the other hand, requires the use of objects to call every function and property. However, in the development of this system, a lot of OOP ideas are used. The most prominent part is the operation of the database. When the operation of the database appears in the subsequent code, the object call is used to make the entire process and structure clearer. In the development process of PHP5, the idea of OOP has been given a certain amount of attention [7].

4 System function and process analysis

4.1 Design and Analysis of Platform Functional Modules

According to the demand analysis and the overall workflow of the product quotation system, the basic functional modules of this system mainly include query, purchase, message, user management, product management, message management and order management, etc. In addition to the above basic modules, during the development process Some related modules have also been developed to supplement and improve the whole system in order to obtain better results.

The relationship diagram of the system function modules is shown in Figure 1.

Figure 1 Functional block diagram of the product quotation system

4.2 System flow analysis

The following part mainly analyzes the implementation flow ideas of each functional module.

4.2.1 Shopping process at the front desk

Only registered users who have passed the review of the administrator have the right to purchase products in this system. When the user searches for the product to be ordered, click the "Buy" button to put the product in the shopping cart, and the system page turns to the shopping cart page , the user can see the existing inventory of the product and set the quantity of the purchased product according to their own needs.

Once set up, the user can continue shopping or start the order filling process through the "Checkout" on the page. The page will display the basic information of the ordered product and the mailing address of the user (used as the product delivery address). The user needs to confirm the correct delivery address. If you need to set a new delivery address, you can add it in your address book . After the delivery address is confirmed, the user needs to choose the delivery method, such as ordinary mail, express delivery, etc. After confirming the delivery method, enter the choice of payment method. The user can choose online payment or post office remittance. Online payment can Payment is realized through the online payment interface. After the payment method is confirmed, all the information of the order is set, and the user makes the final confirmation, and confirms the order after it is correct. The entire order process is complete. Wait for the administrator to process the order.

Users can view personal order records and order processing status on the personal panel.

The overall process of user shopping is shown in Figure 2.

Figure 2 Front-end shopping flow chart

4.2.2 Registration and login function process

The implementation of the registration process is relatively simple. Users can find the member registration link on the system home page or any page in the system that has access rights only through login. Click the registration link, the user fills in the information required by the form, and the real information must be filled in, because new registered users must be reviewed by the administrator before they can become full members and order products on this site. After the information is filled in and submitted, the system will prompt that the registration is successful, but it needs to be reviewed by the administrator.

In the login function, registered users need to provide their correct registered email address and password. Users who forget their password can fill in the email name used for registration through "Retrieve Password" and submit a request to retrieve the password. After receiving the request, the system will Send the user's new password to the user's registered email address by email.

4.2.3 Commodity search process

The search function is the most important module of the system. On the search page, users can enter product keywords and search according to the product's price range, product manufacturer, and product category. During the search process, symbols and keywords can be used Combination of words for fuzzy search. In the search results, each product will be displayed in a standardized form, and the key attributes and characteristics of the product will be intuitively displayed, and a direct purchase button will be provided.

4.2.4 Comment process

There is a product review function under the introduction of each product. Registered users can comment on the product, ask questions or questions about the product, and rate it. After the information is submitted, the administrator will be able to view relevant comments and questions through the background management function.

4.2.5 Commodity management process

In this product quotation system, the administrator mainly adds product information. In the background product management, the administrator needs to set the category of the product. The category setting can set up the first-level classification and the second-level classification. The main category information includes category name, sorting order, category image and picture, etc. Administrators also need to set and manage product manufacturers. When adding product information, administrators need to set attributes such as product category, manufacturer, price, and inventory quantity. The inventory quantity will automatically decrease after each order. After the product is added, it cannot be directly displayed on the front page. It can only be displayed after the product is activated by the administrator. Administrators have the authority to manage existing categories, manufacturers, and products including editing and deleting. Since the product inventory will decrease as the product is ordered, the administrator can modify the inventory quantity by editing the product. At the same time, special products can also be set as special products for sale.

4.2.6 Order Processing Process

When the administrator sees a new order, he checks the order information, processes the order according to the product ordered by the user and the payment and shipping method selected, and starts the formal process when he confirms that the order payment has been received from the user. Processing, and modify the processing status of the product order according to the processing situation. Users can understand the order status through the personal panel, know the latest processing status in a timely manner, and maintain a convenient communication channel with the website, thus ensuring the smoothness of the shopping process. Safe and smooth.

4.2.7 User Management Process

User group is an important module of this system. In order to review newly registered users, during the development process, newly registered users are defaulted as members of the group to be reviewed. After logging in, the administrator can view the information of newly registered users. After confirming that the audit is passed, transfer it from the pending audit group to the official user group, which realizes the basic audit function, and only official members have the right to order products on this site. Secondly, in user management, the administrator can add users, and after the addition is completed, an email will be sent to the newly added user for notification. Administrators can also search for users by name, email address, and group they belong to, and perform operations such as editing and deleting users. Administrators also exist as a special group, mainly divided into system administrators, order administrators and product administrators, and each administrator has corresponding permissions.

5. Concrete Realization of System Functions

5.1 Design of system database

According to requirement analysis and system function requirements, system information data is stored in MySQL data table. A brief description of the important data sheets is given below.

1. customers (user information table)

This table stores the basic information of the user and is mainly used for user login and activity records in the station. The data in the table is written when the user registers, as shown in Table 1.

Table 1 User Information Table

field name	Field Type	field length	Whether primary key	describe
customers_id	int	11	yes	User ID, automatically generated
customers_gender	char	1	no	user gender
customers_firstname	varchar	32	no	username
customers_email_address	varchar	96	no	email address for user registration
customers_default_address_id	int	11	no	User default address number
customers_fax	varchar	32	no	user fax
customers_password	varchar	40	no	user password
customers_newsletter	char	1	no	News subscribed by user
status	enum		no	user group
credit	int	10	no	account credits
Regret yourself	int	10	no	registration date
lastvisit	int	10	no	last visit time

2. usergroups (user group table)

This table stores the information of system groups. Each group has different permissions. Newly registered users default to the group to be reviewed. The field attributes of this table are shown in Table 2.

Table 2 System group information table

field name	Field Type	field length	Whether primary key	describe
groupid	Smallint	6	yes	Group number, automatically generated
status	Enum		no	user group type
grouptitle	Varchar	30	no	group name
creditshigher	Int	10	no	Points cap
creditslower	Int	10	no	Points lower limit
groupdiscount	Float		no	account discount
allowsetconfig	Tinyint	1	no	Do you have system configuration permissions?
allowsetproduct	Tinyint	1	no	Do you have permission to manage products?
allowsetmodules	Tinyint	1	no	Do you have permission to manage modules
alloweditcustomer	Tinyint	4	no	Do you have permission to edit users
alloweditorder	Tinyint	1	no	Do you have permission to process orders
allowadmindata	Tinyint	1	no	Do you have permission to manage data

3. categories (product classification table)

This table stores product category information, mainly including product numbers, logo pictures, and order type numbers. The field attributes are described in Table 3.

Table 3 Product classification table

field name	Field Type	field length	Whether primary key	describe
categories_id	Int	11	yes	product type number
categories_image	Varchar	64	no	Product logo image
parent_id	Int	11	no	parent class number
sort_order	Int	3	no	order type number
date_added	Datatime		no	date added
last_modified	Datatime		no	last modified date

4. address_book (user mailing address list)

The system saves the mailing address when the user registers in this table. The user can set up to 5 mailing addresses in the address book according to his own situation. The mailing address is mainly used as the shipping address and mail receiving address of the ordered products. Ensure that the product is delivered to the user through the delivery method selected by the user. Field attributes are described in Table 4.

Table 4 User Communication Address Table

field name	Field Type	field length	Whether primary key	describe
address_book_id	Int	11	yes	Address book number
customers_id	Int	11	no	user ID
entry_firstname	Varchar	32	no	surname
entry_lastname	Varchar	32	no	name
entry_street_address	Varchar	64	no	Address
entry_postcode	Varchar	10	no	zip code
entry_city	Varchar	32	no	City
entry_state	Varchar	32	no	Provinces and cities
entry_country_id	Int	11	no	country number
entry_zone_id	Int	11	no	area number
entry_tel_regular	Varchar	32	no	Fixed telephone
entry_tel_mobile	varchar	32	no	mobile phone

5. manufacturers (manufacturer information table)

制造商信息表主要存储了制造商的基本信息，包括编号、名称、形象图片、添加及更新日期。本表信息由系统管理员进行管理。字段属性描述如表5。

表5 制造商信息表

字段名	字段类型	字段长度	是否主键	描述
manufacturers_id	Int	11	是	制造商编号
manufacturers_name	Varchar	32	否	制造商名称
manufacturers_image	Varchar	64	否	制造商标识图
date_added	Datetime		否	添加日期
last_modified	Datetime		否	最后修改日期

6．products（产品信息表）

该表存储了产品的基本信息。由管理员在后台添加产品时候输入。字段属性描述如表6。

表6 产品信息表

字段名	字段类型	字段长度	是否主键	描述
products_id	Int	11	是	产品编号自动生成
products_quantity	Int	4	否	产品库存数量
products_image	Varchar	64	否	产品图片
products_price	decimal	15，4	否	产品价格
products_date	Datetime		否	产品发布时间
products_last_modified	Datetime		否	产最新编辑时间
products_date_available	Datetime		否	激活时间
products_weight	decimal	5，2	否	产品重量
products_status	Tinyint	1	否	产品状态
manufacturers_id	Int	11	否	产品制造商编号
products_ordered	Int	11	否	已订购产品
products_type	int	2	否	产品型号
categories_id	int	10	否	产品类别编号

7．reviews（用户评论表）

该表存储了用户提交的产品评论信息，主要包括了用户的信息和评论以及评分的信息。字段属性描述如表7。

表7 用户评论表

字段名	字段类型	字段长度	是否主键	描述
reviews_id	Int	11	是	评论编号
products_id	Int	11	否	产品名称
customers_id	Int	11	否	用户编号
customers_name	Varchar	64	否	用户姓名
reviews_rating	Int	1	否	评论评分
date_added	Datetime		否	添加日期
last_modified	Datetime		否	最后修改日期
title	Text		否	题目内容
reviews_read	Int	5	否	评论阅读次数

5.2功能总体说明

5.2.1 系统流程图

系统整体主要流程图如图3。

图3 系统整体主要流程图

5.2.2 目录结构说明

本系统程序代码包含11个子目录，主要目录描述说明为：

admin : 管理后台程序目录，包括后台程序、数据库备份目录、后台管理子模块程序目录。

htmlarea : htmlarea在线编辑器的全部程序，包括编辑器的js文件、编辑器图标以及模版程序。

images : 该目录主要为系统中使用到的图片、图标，包括jpg、gif、ico等格式。

includes : 系统的重要函数，包括全局配置文件，还有调用频繁的代码段。

modules : 存放系统中一些小的功能模块的代码。比如站内新闻订阅。

osdata : 数据库备份和恢复的设置目录，主要存放系统备份的数据库，可以从这里面将数据库导入到系统中去。

templates : 系统前台模版文件，为html格式，通过PHP文件的包含而使用。

5.3各功能模块的实现

5.3.1 数据库的连接

系统中对数据库的操作是以类的形式表现的，将对数据库操作的函数封装到类dbstuff中，包括数据库的连接和查询以及从查询结果从取数据。然后建立一个新的对象db，在整个系统中直接使用对象操作数据库。在类dbstuff中，对数据库连接的代码片段是：

function connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect = 0){

if ($pconnect){

if (!@MySQL_pconnect($dbhost, $dbuser, $dbpw)){

$this->halt('连接数据库服务器失败');

}

else{

if (!@MySQL_connect($dbhost, $dbuser, $dbpw)){

$this->halt('连接数据库服务器失败');

}

MySQL_select_db($dbname); //选择数据库

}

function select_db($dbname){ //将选择数据库以函数的形式表示

return MySQL_select_db($dbname);

}

对数据库操作的类封装在includes目录中的db_MySQL.PHP文件中，然后在application_top.PHP文件中建立对象，然后在使用到数据库操作的每个页面将application_top.PHP包含进去。在application_top.PHP建立对象的操作代码为：

$db = new dbstuff; //建立对象

$db->connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD, DB_DATABASE,

USE_PCONNECT); //使用对象来操作数据库连接

$db->select_db(DB_DATABASE);

5.3.2 用户注册与审核模块

作为一个产品报价系统，首先它是一个在线购物系统，因此为了建立一个良好的购物环境，保证系统的安全和用户的信息，新用户的审核是一个重要的环节。新用户在前台首页或者系统任何一个需要登录才能操作的功能页，都会自动的跳转到登录注册页面，注册页面如图4所示。

图4 用户注册页面

点击用户注册链接，进入如图4的页面，填写真实的个人信息，在确认无误之后提交，系统将对提交信息进行初步的过滤，如果无误，将会提示注册成功。此时用户可以登录系统，使用搜索功能，发布产品评论，修改个人资料，但是不能订购产品，在等待管理员审核通过之后才具有购买产品的权限，成为正式会员。审核功能如图15。

在注册页面，标注星号的为必须填写的字段，在程序中对此类字段进行是否为空的判断。如果均不为空则插入数据表中，否则返回信息提交页面。

在这个过程中，重要的就是提取用户提交的信息，这是对信息进行判断和写入数据库的重要步骤，该过程使用到了位于includes目录中的global.PHP文件中自定义函数tep_db_prepare_input()。该函数的实现为：

function tep_db_prepare_input($string){

if (is_string($string)){

return trim(tep_sanitize_string(stripslashes($string))); //字符串替换函数

}

elseif (is_array($string)){

reset($string);

while (list($key, $value) = each($string)){

$string[$key] = tep_db_prepare_input($value);

}

return $string;

}

else{

return $string;

}

审核模块，由管理员在后台对所要审核的会员所在的群组进行更改，管理员能全面的查看到会员的全部资料，确认之后将用户由待审核组更改为正式会员组即实现了审核功能。

5.3.3 用户登录模块的实现

注册用户通过前台页面的登录窗口（如图5），进入系统，以进行相关操作。登录主要使用用户邮箱地址和注册密码，如果与数据库匹配成功则登录成功。用户遗忘密码时，通过找回密码功能来获得一个新的密码，这使用到了两个操作：

首先就是通过用户提供的邮箱地址进行数据库的操作，如果邮箱存在就随机产生一个密码，并将加密后的新密码写入到数据库中。

图5 用户登录页面

产生新密码的实现过程为：

$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']); //读取用户提交信息

$check_customer_query = $db->query("select customers_firstname, customers_password, customers_id from $table_customers where customers_email_address = '".safe_input($email_address)."'"); //数据库查询

if ($db->num_rows($check_customer_query)){ //邮箱地址存在，分配新密码

$check_customer = $db->fetch_array($check_customer_query);

$new_password = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); //随机产生密码

$crypted_password = md5($new_password); //对随机产生的密码加密$db->query("update $table_customers set customers_password =

'".safe_input($crypted_password). "' where customers_id = '" . (int)$check_customer['customers_id'] . "'");//更新用户信息

其次，系统需要自动的发送邮件到用户信箱，将新密码以邮件方式发送给用户。发送给用户的密码是没有加密前的随机密码。发送邮件之前，系统需要配置好邮件服务功能。实现过程使用到了函数tep_mail(),该函数的实现代码为：

function tep_mail($to_name, $to_email_address, $email_subject, $email_text,

$from_email_name, $from_email_address){

if (SEND_EMAILS != 'true')

return false;

require_once('includes/classes/mime.PHP');

require_once('includes/classes/email.PHP');

$message = new email(array('X-Mailer: Mailer'));

$text = strip_tags($email_text);

if (EMAIL_USE_HTML == 'true'){

$message->add_html($email_text, $text);

}

else{

$message->add_text($text);

}

$message->build_message();

$message->send($to_name, $to_email_address, $from_email_name,

$from_email_address, $email_subject); //使用到了PHP封装的函数send()

}

5.3.4 商品搜索模块的实现

产品搜索主要是通过对数据字段的查询实现的。如图6所示，用户通过输入产品名称的关键字，目前可以实现的是使用产品名称关键字、产品分类（包含子分类）、产品制造商与产品的价格范围和上架的日期范围进行组合式的搜索服务。

搜索结果将产品以列表的形式调用出来，并且显示各个产品的参数，以便于产品之间的比较，搜索结果显示如图7。在实现该模块中，对数据库的查询、产品的显示形式与分页是重点技术点。

图6 产品搜索页面

其中搜索过程对数据库的操作较为复杂，需要同时对不同数量的关键字进行处理。搜索处理用到的重要函数有以下2个：

function tep_get_all_get_params() 用于获取用户搜索输入的所有参数

function tep_parse_search_string() 用户对所有参数的处理。

图7 前台产品展示页面

5.3.5 购物车模块的实现

在产品列表点“购买”按钮，就自动的将所要购买的产品放进购物车中，如图7，在图8中，点继续购物就可以回到产品页面，继续选择自己需要的产品。如果要结帐，只需要点“结帐”按钮，就会进入到订单填写的流程。如图2所示。订单处理主要包括确认收货地址、选择收货方式和选择支付方式三个主要步骤，其中可以发布订单的特殊要求和供货方需要注意的事项。购物车管理页面如图8。

图8 购物车管理页面

在本模块中，需要对用户是否具有购物权限进行判断，未审核通过的用户虽然能够将喜欢的产品放进购物车（即使未通过审核的用户，放进购物车的产品信息也可以保存，以便用户在具有权限时继续购买，但在未通过审核前，其行为不影响产品库存数量）。权限判断的代码为：

$query1 = $db->query(

"select status from $table_customers where customers_id ='".(int)

$customer_id."'");

$check_status = $db->fetch_array($query1);

if ($check_status['status'] == 'verify'){

echo "<script>alert('您的资料还没有通过审核，暂时不能购买产品，我们将尽快为您开通。');history.back();</script>";

exit();

}

5.3.6 产品管理模块的实现

产品管理模块包含的主要功能有：添加管理产品分类（如图9），添加管理产品（如图10），设置制造商（如图11），设置产品特有属性（如图12）。

产品分类管理模块，为二级分类。通过管理后台的“新分类”链接，可以添加新的分类，通过“新产品”的链接可以在当前类别下添加产品，同样在一级分类下面也具有这两项功能。可以对已存在类别进行包括修改、删除和移动在内的操作。而对类的操作均是对数据库的直接操作。其中添加类的核心代码为：

$action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action']: (isset($HTTP_POST_VARS['action']) ? $HTTP_POST_VARS['action']: ''));

if ($action){

switch ($action){

case 'new_category':

if (isset($HTTP_POST_VARS['categories_id']))

$categories_id = stripslashes($HTTP_POST_VARS['categories_id']);

$sort_order = stripslashes($HTTP_POST_VARS['sort_order']);

$db->query(

"insert into $table_categories (parent_id,sort_order,date_added) values ('$current_category_id','$sort_order',now())");

$categories_id = $db->insert_id();

$languages = tep_get_languages();

for ($i = 0, $n = sizeof($languages); $i < $n; $i++){

$categories_name_array = $HTTP_POST_VARS['categories_name'];

$language_id = $languages[$i]['id'];

$categories_name = stripslashes($categories_name_array[$language_id]);

$db->query(

"insert into $table_categories_description (categories_name,categories_id,language_id) values ('$categories_name','$categories_id','$language_id')");

}

$categories_image = new upload('categories_image',

'/upload/images/category');

if ($categories_image->parse($timestamp)){

$categories_image->save();

$db->query("update $table_categories set categories_image =

'".addslashes($categories_image->filename)."' where categories_id = '".(int)$categories_id."'");

}

updatecache('categories');

cpmsg("分类添加成功。", tep_href_link('admincp.PHP', 'act=catalog&cPath

='.$cPath.'&cID='.$categories_id));

5.3.7 用户管理与权限的实现

主要包括了对用户的搜索查找、添加用户、编辑、删除以及对用户群组的权限和积分设置。搜索结果以列表形式显示。用户搜索页如图13。

搜索用户的实现程序片段为：

elseif ($searchsubmit || $deletesubmit || $exportsubmit){

if (!$page){ //分页显示程序段

$page = 1;

}

$offset = ($page - 1) * MAX_DISPLAY_SEARCH_RESULTS;

$conditions = ""; //用户搜索条件处理

$conditions .= $name != "" ?

" AND (customers_firstname LIKE '%$name%' OR customers_firstname='$name')" : NULL;

$conditions .= $email != "" ?

" AND (customers_email_address LIKE '%$email%' OR customers_email_address='$email')" : NULL;

$conditions .= $userstatus != "" ? " AND status='$userstatus'" : NULL;

if ($conditions){ //如果搜索条件存在，开始搜索

$conditions = substr($conditions, 5);

if ($searchsubmit){ //action判断

$query = $db->query(

"SELECT COUNT(*) FROM $table_customers WHERE $conditions"); //符合条件的用户总数

$num = $db->result($query, 0);

$multipage = multi($num, MAX_DISPLAY_SEARCH_RESULTS, $page, "admincp.PHP?act=members&searchsubmit=yes&name=$name&email=$email&userstatus=$userstatus");

$query = $db->query(

"SELECT * FROM $table_customers WHERE $conditions LIMIT $offset,".MAX_DISPLAY_SEARCH_RESULTS);

while ($member = $db->fetch_array($query)){

//循环分页显示用户列表

}

5.3.8 订单与评论管理

订单管理是产品报价系统的重要部分，主要实现的功能包括订单搜索、订单查看与处理、订单删除等。订单搜索通过订单号、订单状态、顾客名与顾客邮箱关键字进行搜索。在订单处理页，管理员能查看新订单的完整资料，并根据订单的处理状态进行管理，并通过系统邮件与顾客沟通，将订单的处理信息反馈给顾客，同时管理员能对一些订单进行删除操作。

评论管理主要提供了简单的评论查看与删除功能，整个实现过程较为简单。

5.3.9 系统数据管理

MySQL数据库的最大特点就是提供了很多便于直接使用的操作函数，可以轻松的将复杂的数据库操作由清晰的函数实现。在系统数据管理这个模块，主要实现了数据备份和数据恢复（即数据库导入）。

6系统测试及难点分析

6.1系统运行环境的搭建

本系统的开发和测试均在windows操作系统平台下进行的，使用AMP集成软件包搭建运行环境

Apache，一种开放源码的HTTP服务器，可以在大多数计算机操作系统中运行，由于其跨平台和安全性而被广泛使用，是最流行的Web服务器端软件之一。它快速、可靠并且可通过简单的API扩展，Perl/Python等解释器可被编译到服务器中[ 5]。

Apache支持许多特性，其中大部分通过编译的模块实现。这些特性从服务器端的编程语言支持到身份认证方案。一些通用的语言接口支持Perl、Python、Tcl和PHP。流行的认证模块包括mod_access，mod_auth和mod_digest。其他的例子有SSL和TLS支持（mod_ssl），proxy模块。很有用的URL重写(由mod_rewrite实现)，定制日志文件(mod_log_config)，以及过滤支持(mod_include和mod_ext_filter)。Apache日志可以通过网页浏览器使用免费的脚本AWStats或Visitors来进行分析。

相比较linux下的复杂安装过程，在windows操作系统下搭建运行环境相对简单，但是不足之处在于配置选项较少，安全性相对不高。在windows上主要采用继承软件包来直接安装，甚至不需要做任何配置就可以直接使用。

第一：采用著名的AMP集成软件包wamp5,在众多AMP集成软件中，wamp5是最为出色的，它使用了最新的PHP5版本。安装与使用的流程如下：

1．从官方网站：http://www.wampserver.com下载最新版本。软件包为exe可执行文件，下载完毕直接双击，连续选择下一步就安装成功了。如果你需要对默认的设置做简要的修改，在安装的过程中很容易做到。可以自定义WWW根目录的存放位置，强烈建议放到D盘等安全的分区中，以避免万一系统崩溃，造成数据丢失。

2．对于中文用户来说，安装结束后，首先要设置的是，把MySQL的数据库默认编码改为UTF-8，这样可以排除很多中文乱码问题：在WAMP5菜单中选择打开my(wamp).ini，设置其中的default-character-set=utf8, 然后重启WAMP5。

3．数据库默认的密码是空的，可以在PHPMyAdmin中设置root帐号的密码为123456。修改之后，接着需要修改PHPMyAdmin的配置文件config.inc.PHP，否则PHPMyAdmin就不能进入数据库：
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '2003032024';

4．由于MySQL4.1之后版本对密码验证的方法发生了改动，如果在WAMP5中使用PHP4.x，那么就需要启用MySQL的old password功能，否则无法登录PHPMyAdmin。在WAMP5菜单中选择MySQL/MySQL console，然后输入下列命令：
MySQL> SET PASSWORD FOR
-> 'root'@'localhost' = OLD_PASSWORD('2003032024');

第二：采用其他的AMP集成软件。比如：AppServ（http://www.appservnetwork.com）、XAMPP（http://www.apachefriends.org/en）以及由网友Caisong制作的集成软件（I love china）。其安装和配置过程大体相同。

6.2系统程序的安装

在搭建有apache+PHP+MySQL的服务器平台上，系统管理员只需要使用MySQL命令端或者web管理软件在MySQL服务器端创建一个数据库mywork.然后使用MySQL数据库导入命令将系统中的数据库文件导入到新创建的数据库mywork中即可。然后配置位于目录includes中的配置文件configure.PHP，修改为当前的数据库用户名和密码即可安装成功。使用默认用户邮箱：[email protected] 和密码：117227 登录后台进行系统设置和管理。

6.3系统的测试

测试平台为windows操作系统，运行环境由MAP集成软件包搭建。Apache和PHP采用了缺省设置。

6.3.1 系统关键部分测试分析

测试分为两个部分：

第一部分主要就是测试系统所要求的最基本的功能，主要侧重于用户前台的使用流程。基本的用户注册和登录功能相当流畅，但是在产品搜索功能上，虽然能够使用关键字搜索到产品，但是还有所欠缺，而且可以使用的产品属性关键字还太少。在前台的购物流程中，前期发现的购物权限设置问题已经得到了解决。测试过程中，购物环节完全可以成功运行，但是当用户购买产品超过库存数量的时候，虽然程序可以正确运行，但是缺少一个适当的判断环节。

第二部分主要是针对后台管理的测试，由于后台管理功能模块较为集中，是整个系统的核心所在，特别是对用户的审核、对管理员的权限分配以及对订单的处理都完全符合系统设计初期的功能要求。因此从整体上来说，系统的设计和实现是成功的。

6.3.2 测试结果分析与说明

从整体的测试结果来看，在大中型的商务应用中，PHP与MySQL的结合具有相当的优势。

首先就是缩短了开发时间，PHP与MySQL提供的大量固有的函数库直接在程序中使用，提高了程序的运行效率。虽然系统的功能还显得弱小，但是系统的优良性能已经得到了很好的体现。

6.3.3 系统安全与性能分析

系统设计过程中，对代码中出现的可能对系统造成安全威胁的字符进行过滤和字符的转换，在一定程度上提高了系统运行的安全性。同时所采用的编程语言和数据库的特性足以承受大量的数据读取和写入。

6.4系统中存在的问题及解决方法

第一：在系统的设计初期，对用户的权限分配考虑不周，所有登录用户均可以进行产品购买。缺少对新注册用户的审核。这个问题已经得到解决，在系统的用户群组中建立了待审核用户组，默认所有新注册用户为该组成员，用户注册成功提交之后，提示用户等待管理员审核。在产品购买页面对用户进行判断，如果为待审核群组的会员则不能进行购物。

第二：由于第一个问题的出现，在后台的用户资料查看中，没有将用户的详细资料调用显示，管理员不能够直观全面的了解用户的情况。就不方便进行审核，解决办法是从数据库中读取用户的资料，以表格形式显示出来。

结论

在系统的开发过程中，充分的借鉴了开源社区的优秀代码段和设计思想，使用面向对象的编程方式与php结合，完整的实现了系统的需求。而且使用到了模版和程序分离的模式，对于系统管理员来说，前台的设计工作将变的更加轻松。而优秀的开源数据引擎MySQL本身所具有的良好性能，对于繁杂而且庞大的数据处理有明显的优势，这就为系统的使用提供了稳定性和安全性。

在过去几个月的设计和开发过程中，通过老师的指导、主动的收集资料，已有知识的整合，对构建大型系统尤其是商务应用系统有了进一步的认识，更加熟悉在php中使用面向对象的编程思想，对如何进一步提高php与MySQL系统的安全性有了更多的思考。

然而，做为产品报价系统，在产品的销售和在线订单实现过程中，本身需要有良好的性能来防范可能出现的任何漏洞，对程序代码本身的安全性要求相当高，从这个方面来看，还需要进一步的工作来完善，在确保功能流程的前提下为用户提供体验性好而且可信任的服务。另外对于订单的管理也存在需要改进的地方，比如按照月份生成Excel或者PDF格式的报表。

参考文献

[1] 金兰,郑玉,黄续新.我国电子商务的现状与未来[J] .计算机时代，2006，（10）：25～29。

[2] 李端明，李宇翔.电子商务环境下的网络消费者[J] .商场现代化，2006，（30）：31～36。

[3] 威利[澳] . PHP和MySQL Web开发（第3版）[M] .武欣等译.北京：机械工业出版社，2005。

[4] 威廉斯[澳]，莱恩[澳] .PHP & MySQL Web数据库应用开发指南[M] .南京：东南大学出版社，2006。

[5] 仲进平，寿加炎.PHP+MYSQL 网络开发技术[M] . 北京：人民邮电出版社，2000。

[6] Matt Zandstra[美] .PHP5的异常处理机制 [J] .PHP&More，2006，（2）：19～24。

[7] Leendert Brouwer[US]. Using PHP in an OO way [J]. PHP&More, 2006, (3): 35-41.

[8] Yang Baochang. The solution of MySQL to realize Chinese full-text search [J]. Programmer, 2006, (10): 26～29.

[9] Gu Zhihua, Hu Chaojian. MySQL storage engine and database performance [J]. Computer Age, 2006, (10): 71～82.

thanks

This article was completed under the enthusiastic care and guidance of Teacher Liu Jiayong. Their profound knowledge and rigorous academic style have benefited me a lot, and I have been greatly helped in PHP technology, database programming design, and product quotation system planning and design. , played a great role in the successful completion of this subject. I would like to express my heartfelt thanks to them!

In the process of completing the thesis, I also received enthusiastic help from other teachers and many students in terms of process design and program debugging of the quotation system. It was their enthusiastic and selfless help that made the project progress smoothly. Problems encountered in design and development. Here I would like to express my deep gratitude to them!

Finally, I would like to express my heartfelt thanks to all the experts and teachers who reviewed this article in the midst of their busy schedules!

Pay attention to the blogger, the next article is more exciting

One-click three-in-one! ! !

One-click three-in-one! ! !
Thanks for the one-click triple! ! !