本文由 资源共享网 – myhkhk 发布,转载请注明出处,如有问题请联系我们![免费]工资条管理查询系统源码(上传)
收藏
<?php
session_start();
date_default_timezone_set('Asia/Shanghai');
// ====================== 配置 ======================
define('ADMIN_USERNAME', 'admin');
define('ADMIN_PASSWORD_HASH', '$2y$10$...'); // 请替换为你自己的哈希值
define('DB_DIR', __DIR__ . '/data');
define('DB_FILE', DB_DIR . '/pdf_system.sqlite');
define('UPLOAD_DIR', __DIR__ . '/uploads');
// 自动创建目录
if (!is_dir(DB_DIR)) mkdir(DB_DIR, 0755, true);
if (!is_dir(UPLOAD_DIR)) mkdir(UPLOAD_DIR, 0755, true);
// ====================== 数据库 ======================
function getDB(): PDO
{
static $pdo = null;
if ($pdo === null) {
$pdo = new PDO('sqlite:' . DB_FILE);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
$pdo->exec("CREATE TABLE IF NOT EXISTS files (
id INTEGER PRIMARY KEY AUTOINCREMENT,
real_name TEXT NOT NULL,
id_card TEXT NOT NULL,
original_filename TEXT,
stored_filename TEXT,
upload_time DATETIME DEFAULT CURRENT_TIMESTAMP,
UNIQUE(real_name, id_card)
)");
}
return $pdo;
}
// ====================== 闪存消息 ======================
function flash($type, $msg)
{
$_SESSION['flash'][] = ['type' => $type, 'msg' => $msg];
}
function getFlash()
{
$msgs = $_SESSION['flash'] ?? [];
unset($_SESSION['flash']);
return $msgs;
}
// ====================== 权限检查 ======================
function requireAdmin()
{
if (empty($_SESSION['admin_logged_in'])) {
header('Location: ?action=login');
exit;
}
}
// ====================== 路由 ======================
$action = $_GET['action'] ?? 'index';
switch ($action) {
case 'index':
showIndex();
break;
case 'login':
handleLogin();
break;
case 'logout':
logout();
break;
case 'admin':
requireAdmin();
handleAdmin();
break;
case 'download':
handleDownload();
break;
default:
showIndex();
}
// ====================== 前台页面 ======================
function showIndex()
{
$flashes = getFlash();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>PDF 下载系统</title>
</head>
<body>
<h2>请输入姓名和身份证号下载文件</h2>
<?php foreach ($flashes as $f): ?>
<p style="color:<?= $f['type'] === 'error' ? 'red' : 'green' ?>">
<?= htmlspecialchars($f['msg']) ?>
</p>
<?php endforeach; ?>
<form action="?action=download" method="get">
<label>姓名:<input type="text" name="name" required></label><br><br>
<label>身份证号:<input type="text" name="idcard" pattern="\d{17}[\dXx]" title="18位身份证号" required></label><br><br>
<button type="submit">查找并下载</button>
</form>
</body>
</html>
<?php
}
// ====================== 下载处理 ======================
function handleDownload()
{
$name = trim($_GET['name'] ?? '');
$idcard = strtoupper(trim($_GET['idcard'] ?? ''));
if ($name === '' || !preg_match('/^\d{17}[\dX]$/', $idcard)) {
flash('error', '姓名或身份证号格式不正确');
header('Location: ?action=index');
exit;
}
try {
$db = getDB();
$stmt = $db->prepare("SELECT original_filename, stored_filename FROM files WHERE real_name = ? AND id_card = ? LIMIT 1");
$stmt->execute([$name, $idcard]);
$row = $stmt->fetch();
if (!$row) {
flash('error', '未找到匹配的文件,请确认信息是否正确');
header('Location: ?action=index');
exit;
}
$file_path = UPLOAD_DIR . '/' . $row['stored_filename'];
if (!file_exists($file_path)) {
flash('error', '文件已从服务器删除,请联系管理员');
header('Location: ?action=index');
exit;
}
header('Content-Type: application/pdf');
header('Content-Disposition: attachment; filename="' . $row['original_filename'] . '"');
header('Content-Length: ' . filesize($file_path));
readfile($file_path);
exit;
} catch (PDOException $e) {
flash('error', '系统错误,请稍后再试');
header('Location: ?action=index');
exit;
}
}
// ====================== 登录处理 ======================
function handleLogin()
{
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if ($username === ADMIN_USERNAME && password_verify($password, ADMIN_PASSWORD_HASH)) {
$_SESSION['admin_logged_in'] = true;
header('Location: ?action=admin');
exit;
} else {
$error = '用户名或密码错误';
}
}
?>
<!DOCTYPE html>
<html>
<head><meta charset="utf-8"><title>后台登录</title></head>
<body>
<h2>管理员登录</h2>
<?php if (!empty($error)): ?>
<p style="color:red"><?= htmlspecialchars($error) ?></p>
<?php endif; ?>
<form method="post">
<label>用户名:<input type="text" name="username"></label><br><br>
<label>密 码:<input type="password" name="password"></label><br><br>
<button type="submit">登录</button>
</form>
</body>
</html>
<?php
}
function logout()
{
$_SESSION = [];
session_destroy();
header('Location: ?action=index');
exit;
}
// ====================== 后台管理(上传+列表+删除) ======================
function handleAdmin()
{
$db = getDB();
// ---------- 处理上传 ----------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action_type']) && $_POST['action_type'] === 'upload') {
$uploaded = 0;
$errors = [];
if (!empty($_FILES['pdf_files']['name'][0])) {
$files = $_FILES['pdf_files'];
for ($i = 0; $i < count($files['name']); $i++) {
$orig = $files['name'][$i];
if ($files['error'][$i] !== UPLOAD_ERR_OK) {
$errors[] = "文件 {$orig} 上传失败(错误码 {$files['error'][$i]})";
continue;
}
if ($files['size'][$i] > 10 * 1024 * 1024) {
$errors[] = "文件 {$orig} 超过 10MB";
continue;
}
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mime = $finfo->file($files['tmp_name'][$i]);
if ($mime !== 'application/pdf') {
$errors[] = "文件 {$orig} 不是有效的 PDF";
continue;
}
if (preg_match('/^(.+)_(\d{17}[\dXx])\.pdf$/u', $orig, $matches)) {
$real_name = $matches[1];
$id_card = strtoupper($matches[2]);
$stored = bin2hex(random_bytes(16)) . '.pdf';
$dest = UPLOAD_DIR . '/' . $stored;
if (move_uploaded_file($files['tmp_name'][$i], $dest)) {
try {
$stmt = $db->prepare("INSERT INTO files (real_name, id_card, original_filename, stored_filename) VALUES (?, ?, ?, ?)");
$stmt->execute([$real_name, $id_card, $orig, $stored]);
$uploaded++;
} catch (PDOException $e) {
if ($e->getCode() == 23000) {
$errors[] = "文件 {$orig} 的姓名和身份证号已存在,无法重复上传";
} else {
$errors[] = "文件 {$orig} 数据库错误:" . $e->getMessage();
}
unlink($dest);
}
} else {
$errors[] = "文件 {$orig} 移动失败,请检查目录权限";
}
} else {
$errors[] = "文件 {$orig} 名称格式错误,必须为 姓名_身份证号.pdf";
}
}
} else {
$errors[] = '没有选择任何文件';
}
if ($uploaded > 0) flash('success', "成功上传 {$uploaded} 个文件");
foreach ($errors as $e) flash('error', $e);
header('Location: ?action=admin');
exit;
}
// ---------- 处理批量删除 ----------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action_type']) && $_POST['action_type'] === 'delete') {
if (!empty($_POST['delete_ids']) && is_array($_POST['delete_ids'])) {
$deleted = 0;
foreach ($_POST['delete_ids'] as $id) {
$id = intval($id);
$stmt = $db->prepare("SELECT stored_filename FROM files WHERE id = ?");
$stmt->execute([$id]);
$row = $stmt->fetch();
if ($row) {
$file = UPLOAD_DIR . '/' . $row['stored_filename'];
if (file_exists($file)) unlink($file);
$db->prepare("DELETE FROM files WHERE id = ?")->execute([$id]);
$deleted++;
}
}
if ($deleted > 0) flash('success', "成功删除 {$deleted} 个文件");
}
header('Location: ?action=admin');
exit;
}
// 获取文件列表
$files = $db->query("SELECT * FROM files ORDER BY upload_time DESC")->fetchAll();
$flashes = getFlash();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>后台管理</title>
<style>
table { border-collapse: collapse; width: 100%; }
th, td { border: 1px solid #ccc; padding: 6px; text-align: left; }
th { background: #f5f5f5; }
.msg { margin: 10px 0; }
</style>
</head>
<body>
<h2>PDF 文件管理</h2>
<p><a href="?action=logout">退出登录</a> | <a href="?action=index" target="_blank">前台页面</a></p>
<?php foreach ($flashes as $f): ?>
<div class="msg" style="color:<?= $f['type'] === 'error' ? 'red' : 'green' ?>">
<?= htmlspecialchars($f['msg']) ?>
</div>
<?php endforeach; ?>
<h3>批量上传 PDF</h3>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="action_type" value="upload">
<input type="file" name="pdf_files[]" multiple accept=".pdf" required>
<button type="submit">上传</button>
<p><small>文件名格式:姓名_身份证号.pdf(可多选)</small></p>
</form>
<h3>已上传文件列表</h3>
<?php if (empty($files)): ?>
<p>暂无文件</p>
<?php else: ?>
<form method="post" onsubmit="return confirm('确认删除选中的文件吗?');">
<input type="hidden" name="action_type" value="delete">
<table>
<tr>
<th><input type="checkbox" onclick="var cbs=document.querySelectorAll('input[name=\'delete_ids[]\']'); for(var i=0;i<cbs.length;i++) cbs[i].checked=this.checked;"></th>
<th>姓名</th>
<th>身份证号</th>
<th>原始文件名</th>
<th>上传时间</th>
</tr>
<?php foreach ($files as $f): ?>
<tr>
<td><input type="checkbox" name="delete_ids[]" value="<?= $f['id'] ?>"></td>
<td><?= htmlspecialchars($f['real_name']) ?></td>
<td><?= htmlspecialchars($f['id_card']) ?></td>
<td><?= htmlspecialchars($f['original_filename']) ?></td>
<td><?= $f['upload_time'] ?></td>
</tr>
<?php endforeach; ?>
</table>
<br>
<button type="submit">批量删除选中文件</button>
</form>
<?php endif; ?>
</body>
</html>
<?php
后台登录上传pdf(姓名_身份证号.pdf) ;前台用户输入自己的姓名和身份证号就可以下载对应的工资条pdf
上传到服务器,配置域名、和密码(php -r "echo password_hash('你的密码', PASSWORD_DEFAULT);");打开 http://域名/?action=login 登录后就可以批量上传pdf; 在前台打开 http://域名/ 输入姓名和身份证就可以下载自己的工资单
