수정/삭제/목록/검색
게시글 수정하기
글쓴이와 게시글의 데이터가 일치할 때, 수정이 가능 하도록 데이터 불러오기
1. boardModify.php
<?php
$boardID = $_GET['boardID'];
$sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, m.youName, b.boardView, b.regTime FROM studyBoard b JOIN studyMember m ON (m.studyMemberID = b.studyMemberID) WHERE b.studyBoardID = {$boardID}";
$result = $connect -> query($sql);
if($result){
$info = $result -> fetch_array(MYSQLI_ASSOC);
echo "<div style='display: none'><label for='boardID'>번호</label><input type='text' name='boardID' id='boardID' class='title-text' value='".$_GET['boardID']."' /></div>";
echo "<div><label for='boardTitle'>제목</label><input type='text' name='boardTitle' id='boardTitle' class='title-text' value='".$info['boardTitle']."' /></div>";
echo "<div><label for='boardContent'>내용</label><textarea name='boardContent' id='boardContent' rows='13' class='title-text'>".$info['boardContent']."</textarea></div>";
echo "<div class='mt20'><label for='boardPass'>비밀번호</label><input type='password' name='boardPass' id='boardPass' class='title-text' placeholder='로그인 비밀번호를 입력해주세요!!' autocomplete='off' require /></div>";
}
?>수정한 게시글을 저장하기 위한 데이터 불러오기 & 글쓴이 비밀번호 검사
2. boardModifySave.php
<?php
$boardID = $_POST['boardID'];
$boardTitle = $_POST['boardTitle'];
$boardContent = $_POST['boardContent'];
$boardPass = $_POST['boardPass'];
$memberID = $_SESSION['studyMemberID'];
$boardTitle = $connect -> real_escape_string($boardTitle);
$boardContent = $connect -> real_escape_string($boardContent);
$sql = "SELECT * FROM studyMember WHERE studyMemberID = ${memberID}";
$result = $connect -> query($sql);
if( $result ){
$info = $result -> fetch_array(MYSQLI_ASSOC);
// echo "<pre>";
// var_dump($info);
// echo "</pre>";
//비밀번호 확인
if($info['youPass'] == $boardPass ){
//업데이트
//비밀번호 유효성검사 필요함(생략)
$sql = "UPDATE studyBoard SET boardTitle = '{$boardTitle}', boardContent = '{$boardContent}' WHERE studyBoardID = '{$boardID}'";
$result = $connect -> query($sql);
} else {
echo "
<script>
alert('비밀번호를 입력하지 않았거나 틀렸습니다.');
history.back(1);
</script>
";
}
}
?>게시글 삭제하기
삭제하기 위한 게시글과 글쓴이의 일치 검사 및 데이터 불러오기
3. boardRemove.php
<?php
include "../connect/connect.php";
include "../connect/session.php";
include "../connect/sessionCheck.php";
$boardID = $_GET['boardID'];
$boardID = $connect -> real_escape_string($boardID);
$sql = "DELETE FROM studyBoard WHERE studyBoardID = {$boardID}";
$connect -> query($sql);
?>
<script>
location.href = "board.php";
</script>게시글 수정/삭제/목록 버튼 추가
<div class="btn">
<a href="boardModify.php?boardID=<?=$boardID?>" class="form-btn">수정하기</a>
<a href="boardRemove.php?boardID=<?=$_GET['boardID']?>" onclick="confirm('정말 삭제하시겠습니까?')" class="form-btn">삭제하기</a>
<a href="board.php" class="form-btn">목록보기</a>
</div>게시글 검색하기
검색키워드가 데이터에 존재하는지 아닌지 검사
<?php
$searchKeyword = $_GET['searchKeyword'];
$searchOption = $_GET['searchOption'];
// echo $searchKeyword, $searchOption;
if( $searchKeyword == '' || $searchKeyword == null ){
echo "<p>검색어가 없습니다.</p>";
}
?>검색어 찾기 & 검색어 필터 기능
<?php
$searchKeyword = $connect -> real_escape_string($searchKeyword);
$searchOption = $connect -> real_escape_string($searchOption);
// $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) WHERE b.boardTitle LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
// $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) WHERE b.boardContent LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
// $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) WHERE m.youName LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
$sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) ";
switch ($searchOption){
case 'title';
$sql .= "WHERE b.boardTitle LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
break;
case 'content';
$sql .= "WHERE b.boardContent LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
break;
case 'name';
$sql .= "WHERE m.youName LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
break;
}
$result = $connect -> query($sql);
if($result){
$count = $result -> num_rows;
echo "<p>총 ". $count ."건이 검색되었습니다.</p>";
if($count > 0){
for($i=1; $i<=$count; $i++){
$boardInfo = $result -> fetch_array(MYSQLI_ASSOC);
echo "<tr>";
echo "<td>".$boardInfo['studyBoardID']."</td>";
echo "<td><a href='boardView.php?boardID={$boardInfo['studyBoardID']}'>".$boardInfo['boardTitle']."</a></td>";
echo "<td>".$boardInfo['youName']."</td>";
echo "<td>".date('Y-m-d', $boardInfo['regTime'])."</td>";
echo "<td>".$boardInfo['boardView']."</td>";
echo "</tr>";
}
} else {
echo "<tr><td colspan='4'>게시글이 없습니다.</td></tr>";
}
} else {
echo "관리자에게 문의하세요!";
}
?>real_escape_string :
예를 들어 우리가 어떠한 string을 입력할 때 Tom's cat 이란 입력을 하면 '는 sql문에 앞서 있던 ' 와 중첩이 될 수 있음
이러한 문제를 막기 위해 \n, \r \" 처럼 구별해주는 형태로 만들어주는 것을 Escape string 이라고 함
%% : 백분율 기호를 반환
Last updated