使用PHP变量从MySQL表中删除条目 [英] Deleting entry from MySQL table using PHP variable

查看:78
本文介绍了使用PHP变量从MySQL表中删除条目的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我很确定这个问题已经问过很多遍了,我已经在网上搜索了,但仍然找不到解决该问题的方法.

I'm pretty sure this question has been asked many times, I've searched the web and still can't figure out the solution to this problem.

这是代码(我知道它不是防注入证明):

Here's the code (I know it is not injection proof):

要显示表格中的所有条目

To display all the entry in the table

<?php
$query="SELECT * FROM testimony";
$result=mysql_query($query);
while($row=mysql_fetch_array($result))
{
?>
<div>
  <form name="testimonial" action="admintestimony.php" method="post">
  <table border="0">
    <tr>
      <td>Username:</td>
      <td></td>
      <td><input type="text" name="testyname" value='<?php echo $row[0];?>' readonly></td>
    </tr>
    <tr>
      <td>Testimony:</td>
      <td></td>
      <td><textarea name="txttesty" cols="50" rows="10" readonly><?php echo $row[1];?></textarea></td>
    </tr>
    <tr>
      <td><input type="submit" name="approve" value="Approve"></td>
      <td></td>
      <td><input type="submit" name="reject" value="Reject"></td>
    </tr>
  </table>
  </form>
</div>
<?php
}
?>

要检查是否按下批准或拒绝

To check whether approve or reject is pressed

<?php
session_start();
include('connection.php');
$testyname=$_POST['testyname'];
if (isset($_POST['approve']))
{
    header("location:testimonyapproved.php");
}
else if (isset($_POST['reject']))
{
    header("location:reject.php");
}
?>

如果按下拒绝键

<?php
session_start();
$testyname=$_POST['testyname'];
include('connection.php');
mysql_query("SELECT * FROM testimony");
mysql_query("DELETE FROM 'transaction' WHERE 'transaction' 'name' = $testyname");
header("location:testimonyrejected.php");
?>

感谢您的任何帮助.

推荐答案

您的SQL格式错误(引号在错误的位置). 我在此改进的代码中添加了一些注释,请查看.

Your SQL is wrongly formatted (quotes in wrong places). I've added some comments in this improved code, check it out.

mysql_query("SELECT * FROM testimony"); //this line is useless and you can delete it
mysql_query("DELETE FROM transaction WHERE name = '".$testyname."'"); //this line contained wrong syntax

请注意,在新版本的PHP中不建议使用mysql_函数.查看此帖子有关此主题的更多信息.

Please note that mysql_ functions are deprecated in new versions of PHP. Check this post on more info on this subject.

此外,您可能想防止在$testmyname变量中进行SQL注入. 本指南将帮助您解决问题.

Also you might want to prevent SQL injection in the $testmyname variable. This guide will help you with tat.

这篇关于使用PHP变量从MySQL表中删除条目的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆