update

admin.php

@@ -1,5 +1,4 @@
 <?php
-// ini_set("display_errors", false);
 
 session_start();
 define("IN_SYS", true);
@@ -34,6 +33,8 @@ if (!is_file($section_page)) {
 
 $message = [];
 
+$dbpdo = DBPDO::getInstance($dbconfig);
+
 $controller = "{$ROOT}/admin/controllers/{$section}.php";
 if (is_file($controller)) {
     include_once $controller;

admin/controllers/tickets.php

@@ -6,34 +6,15 @@ if (!defined('IN_SYS')) {
     exit;
 }
 
-// $err = getMsg("errors");
-// $data = getMsg("form_data");
+$err = getMsg("errors");
+$data = getMsg("form_data");
 
 $tickets = [
     "total" => 10,
     "pages" => 4,
     "page" => 1,
-    "list" => [
-        [
-            "date" => "Saturday, August 11th, 2018 (04:50)",
-            "department" => "Saturday, August 11th, 2018 (04:50)",
-            "subject" => "Invoice Payment Confirmation",
-            "status" => "",
-            "lastupdated" => ""
-        ],
-        [
-            "date" => "Friday, August 10th, 2018 (12:00)",
-            "department" => "Friday, August 10th, 2018 (12:00)",
-            "subject" => "Customer Invoice",
-            "status" => "",
-            "lastupdated" => ""
-        ],
-        [
-            "date" => "Tuesday, April 3rd, 2018 (00:51)",
-            "department" => "Tuesday, April 3rd, 2018 (00:51)",
-            "subject" => "Your password has been reset",
-            "status" => "",
-            "lastupdated" => ""
-        ]
-    ]
+    "list" => [],
 ];
+
+// $tickets["list"] = $dbpdo->select('SELECT * FROM `tickets` WHERE `user_id` = ?', [$user->id]);
+$tickets["list"] = $dbpdo->select_and("tickets");

admin/views/tickets.php

@@ -13,7 +13,6 @@ if (!defined('IN_SYS')) {
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <span class="panel-title">Support Tickets</span>
-                    <!-- <a class="btn btn-default btn-xs pull-right" href="<?php echo setRouter('admin', 'tickets'); ?>">New Ticket</a> -->
                 </div>
                 <div class="panel-body">
                     <div class="table-responsive">
@@ -25,22 +24,24 @@ if (!defined('IN_SYS')) {
                                     <th>Subject</th>
                                     <th>Status</th>
                                     <th>Last Updated</th>
+                                    <th></th>
                                 </tr>
                             </thead>
                             <tbody>
                                 <?php if ($tickets["total"]) {
                                     foreach ($tickets["list"] as $key => $value) { ?>
                                         <tr>
-                                            <th><?php echo $value["date"]; ?></th>
+                                            <th><?php echo cTime($value["date"]); ?></th>
                                             <td><?php echo $value["department"]; ?></td>
                                             <td><?php echo $value["subject"]; ?></td>
                                             <td><?php echo $value["status"]; ?></td>
-                                            <td><?php echo $value["lastupdated"]; ?></td>
+                                            <td><?php echo cTime($value["lastupdated"]); ?></td>
+                                            <td><a class="btn btn-default btn-xs pull-right" href="<?php echo setRouter('admin', 'tickets_details', ['id' => $value['id']]); ?>">Details</a></td>
                                         </tr>
                                     <?php }
                             } else { ?>
                                     <tr>
-                                        <td colspan="5" class="text-center">No Records Found</td>
+                                        <td colspan="6" class="text-center">No Records Found</td>
                                     </tr>
                                 <?php } ?>
                             </tbody>

clientarea.php

@@ -12,9 +12,7 @@ if (!is_file($section_page)) {
 }
 
 $objDB = objDB();
-
 $dbpdo = DBPDO::getInstance($dbconfig);
-
 $user = get_userinfo();
 
 $controller = "{$ROOT}/clientarea/controllers/{$section}.php";

clientarea/controllers/tickets.php

@@ -14,58 +14,12 @@ if (!isUserLoggedIn()) {
 $err = getMsg("errors");
 $data = getMsg("form_data");
 
-function getTickets()
-{
-    // DB_HOST, DB_USER, DB_PASSWORD, DB_NAME
-    echo "getTickets()";
-    $stmt = $dbpdo->prepare(
-        "SELECT * FROM tickets"
-    );
-    $sql = 'SELECT * FROM `tickets`';
-    $rs = $pdo->query($sql);
-    $data = $rs->fetchAll(); //取出所有结果
-    print_r($data);
-    // $sql = 'UPDATE t1 SET t1.`id1`=11 WHERE t1.`id1`=1';
-    // $rs = $pdo->query($sql);
-    // // $stmt->bind_param("s", $email);
-    // $stmt->execute();
-    // // $stmt->store_result();
-    // // return $stmt->num_rows;
-    // $result = $stmt->get_result();
-
-    // // while ($row = $result->fetch_assoc()) {
-    // //     // do something with $row
-    // // }
-    // return $result;
-}
-
-print_r(getTickets());
-
 $tickets = [
     "total" => 10,
     "pages" => 4,
     "page" => 1,
-    "list" => [
-        [
-            "date" => "Saturday, August 11th, 2018 (04:50)",
-            "department" => "Saturday, August 11th, 2018 (04:50)",
-            "subject" => "Invoice Payment Confirmation",
-            "status" => "",
-            "lastupdated" => "",
-        ],
-        [
-            "date" => "Friday, August 10th, 2018 (12:00)",
-            "department" => "Friday, August 10th, 2018 (12:00)",
-            "subject" => "Customer Invoice",
-            "status" => "",
-            "lastupdated" => "",
-        ],
-        [
-            "date" => "Tuesday, April 3rd, 2018 (00:51)",
-            "department" => "Tuesday, April 3rd, 2018 (00:51)",
-            "subject" => "Your password has been reset",
-            "status" => "",
-            "lastupdated" => "",
-        ],
-    ],
+    "list" => [],
 ];
+
+// $tickets["list"] = $dbpdo->select('SELECT * FROM `tickets` WHERE `user_id` = ?', [$user->id]);
+$tickets["list"] = $dbpdo->select_and("tickets", ["user_id" => $user->id]);

clientarea/controllers/tickets_add.php

@@ -15,5 +15,36 @@ $err = getMsg("errors");
 $data = getMsg("form_data");
 
 $ticket_types = [
-    "技术支持","销售财务","管理员信箱"
-];
+    "技术支持", "销售财务", "管理员信箱"
+];
+
+if (isset($_POST["do_add_tickets"])) {
+    $department = filter_input(INPUT_POST, "department", FILTER_SANITIZE_STRING);
+    $subject = filter_input(INPUT_POST, "subject", FILTER_SANITIZE_STRING);
+    $content = filter_input(INPUT_POST, "content", FILTER_SANITIZE_STRING);
+    $errors = array();
+
+    $data = [
+        "department" => $department,
+        "subject" => $subject,
+        "content" => $content
+    ];
+    if (!count($errors)) {
+        $data["date"] = time();
+        $data["lastupdated"] = "";
+        $data["user_id"] = $user->id;
+        $res = $dbpdo->add("tickets", $data);
+        print_r($res);
+        if ($res) {
+            setMsg("msg_notify", "Add Tickets successfully.", "success");
+            redirect("clientarea", "tickets_details", ["id" => $res]);
+        } else {
+            setMsg("msg_notify", "Add Tickets failed.", "warning");
+            redirect("clientarea", "tickets_add");
+        }
+    } else {
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+        redirect("clientarea", "tickets");
+    }
+}

clientarea/controllers/tickets_details.php

@@ -0,0 +1,62 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (!isUserLoggedIn()) {
+    setMsg("msg_notify", "You need to login before accessing the Tickets Add page.", "warning");
+    redirect("clientarea", "login");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+$ticket_types = [
+    "技术支持", "销售财务", "管理员信箱"
+];
+
+if (empty($_GET["id"])) {
+    redirect("clientarea", "tickets");
+}
+$tickets_id = filter_input(INPUT_GET, "id", FILTER_SANITIZE_STRING);
+
+if (isset($_POST["do_comment_tickets"])) {
+    $comment = filter_input(INPUT_POST, "comment", FILTER_SANITIZE_STRING);
+    $errors = array();
+
+    $data = [
+        "tickets_id" => $tickets_id,
+        "comment" => $comment
+    ];
+    if (!count($errors)) {
+        $data["date"] = time();
+        $data["user_type"] = "user";
+        if ($dbpdo->find_and('tickets', ["id" => $tickets_id, "user_id" => $user->id])) {
+            if ($dbpdo->add("tickets_comment", $data)) {
+                $dbpdo->update("tickets", ["lastupdated" => $data["date"]]);
+                setMsg("msg_notify", "Add Comment successfully.", "success");
+            } else {
+                setMsg("msg_notify", "Add Comment failed.", "warning");
+            }
+            redirect("clientarea", "tickets_details", ["id" => $res]);
+        } else {
+            setMsg("msg_notify", "The Tickets Not found.", "warning");
+            redirect("clientarea", "tickets");
+        }
+    } else {
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+        redirect("clientarea", "tickets_details", ["id" => $res]);
+    }
+} else {
+    $res = $dbpdo->find_and('tickets', ["id" => $tickets_id, "user_id" => $user->id]);
+    if ($res) {
+        $data = $res;
+    } else {
+        setMsg("msg_notify", "The Tickets Not found.", "warning");
+        redirect("clientarea", "tickets");
+    }
+}

clientarea/views/tickets.php

@@ -25,22 +25,24 @@ if (!defined('IN_SYS')) {
                                     <th>Subject</th>
                                     <th>Status</th>
                                     <th>Last Updated</th>
+                                    <th></th>
                                 </tr>
                             </thead>
                             <tbody>
                                 <?php if ($tickets["total"]) {
                                     foreach ($tickets["list"] as $key => $value) { ?>
                                         <tr>
-                                            <th><?php echo $value["date"]; ?></th>
+                                            <th><?php echo cTime($value["date"]); ?></th>
                                             <td><?php echo $value["department"]; ?></td>
                                             <td><?php echo $value["subject"]; ?></td>
                                             <td><?php echo $value["status"]; ?></td>
-                                            <td><?php echo $value["lastupdated"]; ?></td>
+                                            <td><?php echo cTime($value["lastupdated"]); ?></td>
+                                            <td><a class="btn btn-default btn-xs pull-right" href="<?php echo setRouter('clientarea', 'tickets_details', ['id' => $value['id']]); ?>">Details</a></td>
                                         </tr>
                                     <?php }
                             } else { ?>
                                     <tr>
-                                        <td colspan="5" class="text-center">No Records Found</td>
+                                        <td colspan="6" class="text-center">No Records Found</td>
                                     </tr>
                                 <?php } ?>
                             </tbody>

clientarea/views/tickets_add.php

@@ -18,22 +18,22 @@ if (!defined('IN_SYS')) {
                 <div class="panel-body">
                     <form action="" method="POST">
                         <div class="form-group">
-                            <label for="ticket-type">Type: <sup>*</sup></label>
-                            <select name="ticket-type" id="ticket-title" class="form-control <?php echo (isset($err['ticket_type_err'])) ? 'is-invalid' : ''; ?>">
-                                <?php foreach ($ticket_types as $key => $value) {?>
+                            <label for="department">Type: <sup>*</sup></label>
+                            <select name="department" id="department" class="form-control <?php echo (isset($err['department_err'])) ? 'is-invalid' : ''; ?>">
+                                <?php foreach ($ticket_types as $key => $value) { ?>
                                     <option value="<?php echo $key; ?>"><?php echo $value; ?></option>
-                                <?php }?>
+                                <?php } ?>
                             </select>
                             <span class="text-warning"><?php echo isset($err["ticket_type_err"]) ? $err["ticket_type_err"] : ""; ?></span>
                         </div>
                         <div class="form-group">
-                            <label for="ticket-title">Title: <sup>*</sup></label>
-                            <input type="text" name="title" id="ticket-title" value="<?php echo ($data['title']); ?>" class="form-control <?php echo (isset($err['content_err'])) ? 'is-invalid' : ''; ?>" placeholder="Title">
-                            <span class="text-warning"><?php echo isset($err["title_err"]) ? $err["title_err"] : ""; ?></span>
+                            <label for="subject">Subject: <sup>*</sup></label>
+                            <input type="text" name="subject" id="subject" value="<?php echo ($data['subject']); ?>" class="form-control <?php echo (isset($err['subject_err'])) ? 'is-invalid' : ''; ?>" placeholder="Subject">
+                            <span class="text-warning"><?php echo isset($err["subject_err"]) ? $err["subject_err"] : ""; ?></span>
                         </div>
                         <div class="form-group">
-                            <label for="password">Content: <sup>*</sup></label>
-                            <textarea name="content" id="ticket-content" value="<?php echo ($data['content']); ?>" class="form-control <?php echo (isset($err['content_err'])) ? 'is-invalid' : ''; ?>" rows="10" maxlength="5000" placeholder="Content"></textarea>
+                            <label for="content">Content: <sup>*</sup></label>
+                            <textarea name="content" id="content" value="<?php echo ($data['content']); ?>" class="form-control <?php echo (isset($err['content_err'])) ? 'is-invalid' : ''; ?>" rows="10" maxlength="5000" placeholder="Content"></textarea>
                             <span class="text-warning"><?php echo isset($err["content_err"]) ? $err["content_err"] : ""; ?></span>
                         </div>
                         <div class="form-group">

clientarea/views/tickets_details.php

@@ -0,0 +1,38 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-12">
+            <?php echo (getMsg("msg_notify")); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <span class="panel-title">Tickets Details</span>
+                    <a class="btn btn-default btn-xs pull-right" href="<?php echo setRouter('clientarea', 'tickets'); ?>">Tickets List</a>
+                </div>
+                <div class="panel-body">
+                    <p>Type: <?php echo $ticket_types[$data['department']]; ?></p>
+                    <p>Subject: <?php echo $data['subject']; ?></p>
+                    <p>Content: <?php echo $data['content']; ?></p>
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="Comment">Comment: <sup>*</sup></label>
+                            <textarea name="comment" id="comment" value="<?php echo ($data['comment']); ?>" class="form-control <?php echo (isset($err['comment_err'])) ? 'is-invalid' : ''; ?>" rows="10" maxlength="5000" placeholder="Comment"></textarea>
+                            <span class="text-warning"><?php echo isset($err["comment_err"]) ? $err["comment_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <button type="submit" name="do_comment_tickets" class="btn btn-primary">Add Comment</button>
+                            <button type="submit" name="do_close_tickets" class="btn btn-primary">Close Tickets</button>
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer"></div>
+            </div>
+        </div>
+    </div>
+</div>

core.php

@@ -8,8 +8,7 @@ $ROOT = __DIR__;
 include_once "{$ROOT}/data/config.php";
 include_once "{$ROOT}/library/language.php";
 include_once "{$ROOT}/library/functions.php";
-include_once "{$ROOT}/library/dbpdo.php";
+include_once "{$ROOT}/library/pdo.class.php";
 
 $rooturl = $_SERVER['HTTP_HOST'];
 $domain = preg_replace('/^www\./', '', $rooturl);
-

data/demo.sql

@@ -37,20 +37,21 @@ CREATE TABLE IF NOT EXISTS `tickets`(
     `date` VARCHAR(255) NOT NULL,
     `department` VARCHAR(255) NOT NULL,
     `subject` VARCHAR(255) NOT NULL,
+    `content` VARCHAR(5000) NOT NULL,
     `status` TINYINT(4) NOT NULL,
     `lastupdated` VARCHAR(255) NOT NULL,
     `user_id` INT(11) NOT NULL,
     PRIMARY KEY(`id`)
 ) ENGINE = MyISAM DEFAULT CHARSET = utf8 AUTO_INCREMENT = 100;
 
-CREATE TABLE IF NOT EXISTS `products`(
+CREATE TABLE IF NOT EXISTS `tickets_comment`(
     `id` INT(11) NOT NULL AUTO_INCREMENT,
     `date` VARCHAR(255) NOT NULL,
     `department` VARCHAR(255) NOT NULL,
-    `subject` VARCHAR(255) NOT NULL,
-    `status` TINYINT(4) NOT NULL,
+    `comment` VARCHAR(5000) NOT NULL,
+    `user_type` VARCHAR(255) NOT NULL,
     `lastupdated` VARCHAR(255) NOT NULL,
-    `user_id` INT(11) NOT NULL,
+    `tickets_id` INT(11) NOT NULL,
     PRIMARY KEY(`id`)
 ) ENGINE = MyISAM DEFAULT CHARSET = utf8 AUTO_INCREMENT = 100;
 

library/dbpdo.php

@@ -1,35 +0,0 @@
-<?php
-/**
- * 数据库pdo连接
- */
-class DBPDO
-{
-    private static $pdo;
-
-    private function __construct()
-    {
-        //code
-    }
-    private function __clone()
-    {
-        //code
-    }
-    /**
-     * 获取实例化的PDO，单例模式
-     * @return PDO
-     */
-    public static function getInstance($dbConf)
-    {
-        if (!(self::$pdo instanceof PDO)) {
-            $dsn = "mysql:host=" . $dbConf['host'] . ";port=" . $dbConf['port'] . ";dbname=" . $dbConf['dbname'] . ";charset=" . $dbConf['charset'];
-            try {
-                self::$pdo = new PDO($dsn, $dbConf['username'], $dbConf['password']); // , array(PDO::ATTR_PERSISTENT => true, PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8")); // 保持长连接
-                self::$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
-            } catch (PDOException $e) {
-                print "Error:" . $e->getMessage() . "<br/>";
-                die();
-            }
-        }
-        return self::$pdo;
-    }
-}

library/functions.php

@@ -35,9 +35,9 @@ function upload_image($image)
     }
 }
 
-function cTime($timestamp)
+function cTime($t = "")
 {
-    return date("Y-m-d H:i:s", $timestamp);
+    return isset($t) && $t != "" ? date("Y-m-d H:i:s", $t) : "";
 }
 
 function checkUserByEmail($email)
@@ -179,10 +179,7 @@ function send_mail($detail = array())
  */
 function redirect($module, $section = "", $param = [])
 {
-    $url = $param ? setRouter($module, $section) . "&" . http_build_query($param) : setRouter($module, $section);
-    // $param = $param ? http_build_query($param) : "";
-    // $url = $section ? setRouter($module, $section) . "&" . $param : setRouter($module) . "?" . $param;
-    header("Location: {$url}");
+    header("Location: " . setRouter($module, $section, $param));
     exit;
 }
 
@@ -191,9 +188,10 @@ function redirect($module, $section = "", $param = [])
  * @param mixed $section
  * @return string
  */
-function setRouter($module, $section = "")
+function setRouter($module, $section = "", $param = [])
 {
-    return empty($section) ? "{$module}.php" : "{$module}.php?s=$section";
+    if (!empty($section)) $param = array_merge(["s" => $section], $param);
+    return empty($param) ? "{$module}.php" : "{$module}.php?" . http_build_query($param);
 }
 
 /** make a full path http URL
@@ -221,7 +219,7 @@ function is_email($email = "")
  */
 function getVersion()
 {
-    if ((float) phpversion() < 5.5) {
+    if ((float)phpversion() < 5.5) {
         exit('requires the php version 5.5.+');
     }
 }

library/pdo.class.php

@@ -0,0 +1,507 @@
+<?php
+
+
+class DBPDO
+{
+    protected static $_instance = null;
+    protected $dbName = '';
+    protected $dsn;
+    protected $dbh;
+
+    /**
+     * 构造
+     * 
+     * @return DBPDO
+     */
+    private function __construct($config)
+    {
+        try {
+            $this->dsn = "mysql:host=" . $config['dbhost'] . ";dbname=" . $config['dbname'] . ";port=" . $config['dbport'] . ";charset=" . $config['charset'];
+            // $this->dsn = 'mysql:host=127.0.0.1;dbname=dbname;port=3306';
+            $this->dbh = new PDO($this->dsn, $config['dbuser'], $config['dbpass']);
+            $this->dbh->exec('SET character_set_connection=' . $config['charset'] . ', character_set_results=' . $config['charset'] . ', character_set_client=binary');
+        } catch (PDOException $e) {
+            $this->outputError($e->getMessage());
+        }
+    }
+
+    /**
+     * 防止克隆
+     * 
+     */
+    private function __clone()
+    { }
+
+    /**
+     * Singleton instance
+     * 
+     * @return Object
+     */
+    public static function getInstance($dbConf)
+    {
+        if (self::$_instance === null) {
+            self::$_instance = new self($dbConf);
+        }
+        return self::$_instance;
+    }
+
+    /**
+     * Query
+     *
+     * @param String $strSql SQL语句
+     * @param String $queryMode 查询方式(All or Row)
+     * @param Boolean $debug
+     * @return Array
+     */
+    public function query($strSql, $queryMode = 'All', $debug = false)
+    {
+        if ($debug === true) $this->debug($strSql);
+        $recordset = $this->dbh->query($strSql);
+        $this->getPDOError();
+        if ($recordset) {
+            $recordset->setFetchMode(PDO::FETCH_ASSOC);
+            if ($queryMode == 'All') {
+                $result = $recordset->fetchAll();
+            } elseif ($queryMode == 'Row') {
+                $result = $recordset->fetch();
+            }
+        } else {
+            $result = null;
+        }
+        return $result;
+    }
+
+    /** select: Query all records
+     *
+     * @param string $sql sql语句
+     * @param Array $where 查询条件
+     * @return $res;
+     **/
+    public function select($sql, $where = '')
+    {
+        $stmt = $this->dbh->prepare($sql);
+        if ($where) {
+            $stmt->execute($where);
+        } else {
+            $stmt->execute();
+        }
+        return $stmt->fetchAll(PDO::FETCH_ASSOC);
+    }
+
+    /** select all records width AND condition
+     *
+     * @param String $table tableName
+     * @param Array $data ["key_a" => "1111", "key_b" => "2222"]
+     * @return Array;
+     **/
+    public function select_and($table, $data = '')
+    {
+        if ($data) {
+            $where_string = [];
+            $where_array = [];
+            foreach ($data as $key => $value) {
+                $where_string[] = "`$key` = ?";
+                $where_array[] = $value;
+            }
+            $where_string = implode(' AND ', $where_string);
+            $sql = "SELECT * FROM `$table` WHERE $where_string";
+            return $this->select($sql, $where_array);
+        } else {
+            return $this->select("SELECT * FROM `$table`");
+        }
+    }
+
+    /** find: Query a single record
+     *
+     * @param string $sql sql语句
+     * @param Array $where 查询条件
+     * @return $res;
+     **/
+    public function find($sql, $where = [])
+    {
+        $stmt = $this->dbh->prepare($sql);
+        if ($where) {
+            $stmt->execute($where);
+        } else {
+            $stmt->execute();
+        }
+        return $stmt->fetch(PDO::FETCH_ASSOC);
+    }
+
+    /** find records width width AND condition
+     *
+     * @param String $table tableName
+     * @param Array $data ["key_a" => "1111", "key_b" => "2222"]
+     * @return Array;
+     **/
+    public function find_and($table, $data = [])
+    {
+        if ($data) {
+            $where_string = [];
+            $where_array = [];
+            foreach ($data as $key => $value) {
+                $where_string[] = "`$key` = ?";
+                $where_array[] = $value;
+            }
+            $where_string = implode(' AND ', $where_string);
+            $sql = "SELECT * FROM `$table` WHERE $where_string";
+            return $this->find($sql, $where_array);
+        } else {
+            return $this->find("SELECT * FROM `$table`");
+        }
+    }
+
+    /**
+     * del 执行删除操作
+     * @param string $sql sql语句
+     * @param Array $where 查询条件
+     * @return $res;
+     **/
+    public function del($sql, $where = '')
+    {
+        $stmt = $this->dbh->prepare($sql);
+        if ($where) {
+            $stmt->execute($where);
+            $res = $stmt->rowCount();
+        } else {
+            $res = false;
+        }
+        return $res;
+    }
+
+    /**
+     * add 新增记录
+     * @param String $table 表名
+     * @param String $sql sql语句
+     * @param Array $data 新增内容
+     * @return $res;
+     **/
+    public function add($table, $data = '')
+    {
+
+        $this->checkFields($table, $data);
+        $sql = "INSERT INTO `$table` (" . implode(',', array_keys($data)) . ") VALUES (:" . implode(',:', array_keys($data)) . ")";
+        $stmt = $this->dbh->prepare($sql); // 预处理语句
+        $ret = $stmt->execute($data); // 新增的数据
+        $id = $this->dbh->lastInsertId(); // 新增的id
+        if ($ret) {
+            $res = $id;
+        } else {
+            $res = false;
+        }
+        return $res;
+    }
+
+    /**
+     * save 修改记录
+     * @param string $sql sql语句
+     * @param Array $data 
+     * @return $res;
+     **/
+    public function save($table, $data = '', $where = '')
+    {
+
+        $this->checkFields($table, $data);
+        if ($where) {
+            $strSql = '';
+            foreach ($data as $key => $value) {
+                $strSql .= ",$key=:$key";
+            }
+            $strSql = substr($strSql, 1);
+            $strSql = "UPDATE `$table` SET $strSql WHERE $where";
+        } else {
+            $strSql = '';
+            foreach ($data as $key => $value) {
+                $strSql .= ",$key=:$key";
+            }
+            $strSql = substr($strSql, 1);
+            $strSql = "UPDATE `$table` SET $strSql ";
+        }
+        // if ($debug === true) $this->debug($strSql);
+
+        $stmt = $this->dbh->prepare($strSql); //预处理语句
+        $stmt->execute($data); //修改的数据
+        $ret = $stmt->rowCount(); //获取影响行数
+        if ($ret > 0) {
+            $res = true;
+        } else {
+            $res = false;
+        }
+        return $res;
+    }
+
+    /**
+     * Update 更新
+     *
+     * @param String $table 表名
+     * @param Array $arrayDataValue 字段与值
+     * @param String $where 条件
+     * @param Boolean $debug
+     * @return Int
+     */
+    public function update($table, $arrayDataValue, $where = '', $debug = false)
+    {
+        $this->checkFields($table, $arrayDataValue);
+        if ($where) {
+            $strSql = '';
+            foreach ($arrayDataValue as $key => $value) {
+                $strSql .= ", `$key`='$value'";
+            }
+            $strSql = substr($strSql, 1);
+            $strSql = "UPDATE `$table` SET $strSql WHERE $where";
+        } else {
+            $strSql = "REPLACE INTO `$table` (`" . implode('`,`', array_keys($arrayDataValue)) . "`) VALUES ('" . implode("','", $arrayDataValue) . "')";
+        }
+        if ($debug === true) $this->debug($strSql);
+        $result = $this->dbh->exec($strSql);
+        $this->getPDOError();
+        return $result;
+    }
+
+    /**
+     * Insert 插入
+     *
+     * @param String $table 表名
+     * @param Array $arrayDataValue 字段与值
+     * @param Boolean $debug
+     * @return Int
+     */
+    public function insert($table, $arrayDataValue, $debug = false)
+    {
+        $this->checkFields($table, $arrayDataValue);
+        $strSql = "INSERT INTO `$table` (`" . implode('`,`', array_keys($arrayDataValue)) . "`) VALUES ('" . implode("','", $arrayDataValue) . "')";
+        if ($debug === true) $this->debug($strSql);
+        $result = $this->dbh->exec($strSql);
+        $this->getPDOError();
+        return $result;
+    }
+
+    /**
+     * Replace 覆盖方式插入
+     *
+     * @param String $table 表名
+     * @param Array $arrayDataValue 字段与值
+     * @param Boolean $debug
+     * @return Int
+     */
+    public function replace($table, $arrayDataValue, $debug = false)
+    {
+        $this->checkFields($table, $arrayDataValue);
+        $strSql = "REPLACE INTO `$table`(`" . implode('`,`', array_keys($arrayDataValue)) . "`) VALUES ('" . implode("','", $arrayDataValue) . "')";
+        if ($debug === true) $this->debug($strSql);
+        $result = $this->dbh->exec($strSql);
+        $this->getPDOError();
+        return $result;
+    }
+
+    /**
+     * Delete 删除
+     *
+     * @param String $table 表名
+     * @param String $where 条件
+     * @param Boolean $debug
+     * @return Int
+     */
+    public function delete($table, $where = '', $debug = false)
+    {
+        if ($where == '') {
+            $this->outputError("'WHERE' is Null");
+        } else {
+            $strSql = "DELETE FROM `$table` WHERE $where";
+            if ($debug === true) $this->debug($strSql);
+            $result = $this->dbh->exec($strSql);
+            $this->getPDOError();
+            return $result;
+        }
+    }
+
+    /**
+     * execSql 执行SQL语句
+     *
+     * @param String $strSql
+     * @param Boolean $debug
+     * @return Int
+     */
+    public function execSql($strSql, $debug = false)
+    {
+        if ($debug === true) $this->debug($strSql);
+        $result = $this->dbh->exec($strSql);
+        $this->getPDOError();
+        return $result;
+    }
+
+    /**
+     * 获取字段最大值
+     * 
+     * @param string $table 表名
+     * @param string $field_name 字段名
+     * @param string $where 条件
+     */
+    public function getMaxValue($table, $field_name, $where = '', $debug = false)
+    {
+        $strSql = "SELECT MAX(" . $field_name . ") AS MAX_VALUE FROM $table";
+        if ($where != '') $strSql .= " WHERE $where";
+        if ($debug === true) $this->debug($strSql);
+        $arrTemp = $this->query($strSql, 'Row');
+        $maxValue = $arrTemp["MAX_VALUE"];
+        if ($maxValue == "" || $maxValue == null) {
+            $maxValue = 0;
+        }
+        return $maxValue;
+    }
+
+    /**
+     * 获取指定列的数量
+     * 
+     * @param string $table
+     * @param string $field_name
+     * @param string $where
+     * @param bool $debug
+     * @return int
+     */
+    public function getCount($table, $field_name, $where = '', $debug = false)
+    {
+        $strSql = "SELECT COUNT($field_name) AS NUM FROM $table";
+        if ($where != '') $strSql .= " WHERE $where";
+        if ($debug === true) $this->debug($strSql);
+        $arrTemp = $this->query($strSql, 'Row');
+        return $arrTemp['NUM'];
+    }
+
+    /**
+     * 获取表引擎
+     * 
+     * @param String $dbName 库名
+     * @param String $tableName 表名
+     * @param Boolean $debug
+     * @return String
+     */
+    public function getTableEngine($dbName, $tableName)
+    {
+        $strSql = "SHOW TABLE STATUS FROM $dbName WHERE Name='" . $tableName . "'";
+        $arrayTableInfo = $this->query($strSql);
+        $this->getPDOError();
+        return $arrayTableInfo[0]['Engine'];
+    }
+    /**
+     * beginTransaction 事务开始
+     */
+    public function beginTransaction()
+    {
+        $this->dbh->beginTransaction();
+    }
+
+    /**
+     * commit 事务提交
+     */
+    public function commit()
+    {
+        $this->dbh->commit();
+    }
+
+    /**
+     * rollback 事务回滚
+     */
+    public function rollback()
+    {
+        $this->dbh->rollback();
+    }
+
+    /**
+     * transaction 通过事务处理多条SQL语句
+     * 调用前需通过getTableEngine判断表引擎是否支持事务
+     *
+     * @param array $arraySql
+     * @return Boolean
+     */
+    public function execTransaction($arraySql)
+    {
+        $retval = 1;
+        $this->beginTransaction();
+        foreach ($arraySql as $strSql) {
+            if ($this->execSql($strSql) == 0) $retval = 0;
+        }
+        if ($retval == 0) {
+            $this->rollback();
+            return false;
+        } else {
+            $this->commit();
+            return true;
+        }
+    }
+
+    /**
+     * checkFields 检查指定字段是否在指定数据表中存在
+     *
+     * @param String $table
+     * @param array $arrayField
+     */
+    private function checkFields($table, $arrayFields)
+    {
+        $fields = $this->getFields($table);
+        foreach ($arrayFields as $key => $value) {
+            if (!in_array($key, $fields)) {
+                $this->outputError("Unknown column `$key` in field list.");
+            }
+        }
+    }
+
+    /**
+     * getFields 获取指定数据表中的全部字段名
+     *
+     * @param String $table 表名
+     * @return array
+     */
+    private function getFields($table)
+    {
+        $fields = array();
+        $recordset = $this->dbh->query("SHOW COLUMNS FROM $table");
+        $this->getPDOError();
+        $recordset->setFetchMode(PDO::FETCH_ASSOC);
+        $result = $recordset->fetchAll();
+        foreach ($result as $rows) {
+            $fields[] = $rows['Field'];
+        }
+        return $fields;
+    }
+
+    /**
+     * getPDOError 捕获PDO错误信息
+     */
+    private function getPDOError()
+    {
+        if ($this->dbh->errorCode() != '00000') {
+            $arrayError = $this->dbh->errorInfo();
+            $this->outputError($arrayError[2]);
+        }
+    }
+
+    /**
+     * debug
+     * 
+     * @param mixed $debuginfo
+     */
+    private function debug($debuginfo)
+    {
+        var_dump($debuginfo);
+        exit();
+    }
+
+    /**
+     * 输出错误信息
+     * 
+     * @param String $strErrMsg
+     */
+    private function outputError($strErrMsg)
+    {
+        throw new Exception('MySQL Error: ' . $strErrMsg);
+    }
+
+    /**
+     * destruct 关闭数据库连接
+     */
+    public function destruct()
+    {
+        $this->dbh = null;
+    }
+}