수정/삭제/목록/검색

게시글 수정하기

글쓴이와 게시글의 데이터가 일치할 때, 수정이 가능 하도록 데이터 불러오기

1. boardModify.php

5KB

boardModify.php

<?php
    $boardID = $_GET['boardID'];

    $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, m.youName, b.boardView, b.regTime FROM studyBoard b JOIN studyMember m ON (m.studyMemberID = b.studyMemberID) WHERE b.studyBoardID = {$boardID}";
    $result = $connect -> query($sql);

    if($result){
        $info = $result -> fetch_array(MYSQLI_ASSOC);
        echo "<div style='display: none'><label for='boardID'>번호</label><input type='text' name='boardID' id='boardID' class='title-text' value='".$_GET['boardID']."' /></div>";
        echo "<div><label for='boardTitle'>제목</label><input type='text' name='boardTitle' id='boardTitle' class='title-text' value='".$info['boardTitle']."' /></div>";
        echo "<div><label for='boardContent'>내용</label><textarea name='boardContent' id='boardContent' rows='13' class='title-text'>".$info['boardContent']."</textarea></div>";
        echo "<div class='mt20'><label for='boardPass'>비밀번호</label><input type='password' name='boardPass' id='boardPass' class='title-text' placeholder='로그인 비밀번호를 입력해주세요!!' autocomplete='off' require /></div>";
    }

?>

수정한 게시글을 저장하기 위한 데이터 불러오기 & 글쓴이 비밀번호 검사

2. boardModifySave.php

2KB

boardModifySave.php

<?php
    $boardID = $_POST['boardID'];
    $boardTitle = $_POST['boardTitle'];
    $boardContent = $_POST['boardContent'];
    $boardPass = $_POST['boardPass'];
    $memberID = $_SESSION['studyMemberID'];

    $boardTitle = $connect -> real_escape_string($boardTitle);
    $boardContent = $connect -> real_escape_string($boardContent);

    $sql = "SELECT * FROM studyMember WHERE studyMemberID = ${memberID}";
    $result = $connect -> query($sql);

    if( $result ){
        $info = $result -> fetch_array(MYSQLI_ASSOC);

        // echo "<pre>";
        // var_dump($info);
        // echo "</pre>";

        //비밀번호 확인
        if($info['youPass'] == $boardPass ){
            //업데이트
            //비밀번호 유효성검사 필요함(생략)
            $sql = "UPDATE studyBoard SET boardTitle = '{$boardTitle}', boardContent = '{$boardContent}' WHERE studyBoardID = '{$boardID}'";
            $result = $connect -> query($sql);
        } else {
            echo "
                <script>
                    alert('비밀번호를 입력하지 않았거나 틀렸습니다.');
                    history.back(1);
                </script>
            ";
        }
    }

?>

게시글 삭제하기

삭제하기 위한 게시글과 글쓴이의 일치 검사 및 데이터 불러오기

3. boardRemove.php

390B

boardRemove.php

<?php
    include "../connect/connect.php";
    include "../connect/session.php";
    include "../connect/sessionCheck.php";

    $boardID = $_GET['boardID'];
    
    $boardID = $connect -> real_escape_string($boardID);

    $sql = "DELETE FROM studyBoard WHERE studyBoardID = {$boardID}";
    $connect -> query($sql);
?>

<script>
    location.href = "board.php";
</script>

게시글 수정/삭제/목록 버튼 추가

4KB

boardView.php

<div class="btn">
    <a href="boardModify.php?boardID=<?=$boardID?>" class="form-btn">수정하기</a>
    <a href="boardRemove.php?boardID=<?=$_GET['boardID']?>" onclick="confirm('정말 삭제하시겠습니까?')" class="form-btn">삭제하기</a>
    <a href="board.php" class="form-btn">목록보기</a>
</div>

게시글 검색하기

7KB

boardSearch.php

검색키워드가 데이터에 존재하는지 아닌지 검사

<?php
    $searchKeyword = $_GET['searchKeyword'];
    $searchOption = $_GET['searchOption'];

    // echo $searchKeyword, $searchOption;

    if( $searchKeyword == '' || $searchKeyword == null ){
        echo "<p>검색어가 없습니다.</p>";
    }
?>

검색어 찾기 & 검색어 필터 기능

<?php
    $searchKeyword = $connect -> real_escape_string($searchKeyword);
    $searchOption = $connect -> real_escape_string($searchOption);

    // $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) WHERE b.boardTitle LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
    // $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) WHERE b.boardContent LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
    // $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) WHERE m.youName LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";

    $sql = "SELECT b.studyBoardID, b.boardTitle, b.boardContent, b.boardView, m.youName, b.regTime FROM studyBoard b JOIN studyMember m ON (b. studyBoardID = m.studyMemberID) ";

    switch ($searchOption){
        case 'title';
            $sql .= "WHERE b.boardTitle LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
            break;
        case 'content';
            $sql .= "WHERE b.boardContent LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
            break;
        case 'name';
            $sql .= "WHERE m.youName LIKE '%{$searchKeyword}%' ORDER BY DESC LIMIT 10";
            break;
    }
    $result = $connect -> query($sql);

    if($result){
        $count = $result -> num_rows;

        echo "<p>총 ". $count ."건이 검색되었습니다.</p>";

        if($count > 0){
            for($i=1; $i<=$count; $i++){
                $boardInfo = $result -> fetch_array(MYSQLI_ASSOC);
                echo "<tr>";
                echo "<td>".$boardInfo['studyBoardID']."</td>";
                echo "<td><a href='boardView.php?boardID={$boardInfo['studyBoardID']}'>".$boardInfo['boardTitle']."</a></td>";
                echo "<td>".$boardInfo['youName']."</td>";
                echo "<td>".date('Y-m-d', $boardInfo['regTime'])."</td>";
                echo "<td>".$boardInfo['boardView']."</td>";
                echo "</tr>";
            }
        } else {
            echo "<tr><td colspan='4'>게시글이 없습니다.</td></tr>";
        }
    } else {
        echo "관리자에게 문의하세요!";
    }
?>

real_escape_string :

예를 들어 우리가 어떠한 string을 입력할 때 Tom's cat 이란 입력을 하면 '는 sql문에 앞서 있던 ' 와 중첩이 될 수 있음

이러한 문제를 막기 위해 \n, \r \" 처럼 구별해주는 형태로 만들어주는 것을 Escape string 이라고 함

%% : 백분율 기호를 반환

참고 : https://crivius.tistory.com/12