PHP MySQL删除行 [英] PHP MySQL delete row

问题描述

我到处搜索并且找不到答案，我相信我的代码正确，但是可能有错字.

I have searched everywhere and cannot find the answer, I believe I have the correct code but there could be a typo.

这是怎么回事?

我具有将产品ID正确发布到url的链接，如图所示:

I have the link that posts the product id correctly to the url as shown:

userAccount.php:

while($columnDelete = mysqli_fetch_array($query, MYSQLI_ASSOC)){
        echo "<section class='product'>
                <a href='extras/deleteProcess.php?productId=".$columnDelete['productId']."' class='deleteProduct' style='color:#990000;font-family:arial;font-weight:bold;font-size:12pt;background:transparent;'>Delete?</a>
                <section class='productImg'>
                    <a target='_self' href='fullProductInfo.php?productId=".$columnDelete['productId']."'>
                        <img src='http://www.littlepenguindesigns.co.uk/pages/CMX/images/products/".$columnDelete['productImg']."' alt='".$columnDelete['productName']."' border='0' width='230' height='200' border='0' />
                    </a>
                </section>
                <section class='productName'><a target='_self' href='fullProductInfo.php?productId=".$columnDelete['productId']."'>".$columnDelete['productName']."</a></section>
                <section class='productPrice'>&pound;".$columnDelete['price']."</section></section>";
    }

$columnDelete['productId'];正在将正确的ID发布到url和deleteProcess.php页面，我可以在URL中看到productId，并且我也将其回显到页面上进行检查，它确实显示:

The $columnDelete['productId']; is posting the correct ID to the url and the deleteProcess.php page, I can see the productId in the URL and I have also echoed it out onto the page to check, it does show:

deleteProcess.php:

$productId = $_GET['productId'];
$con = mysqli_connect("BLAH","BLAH","BLAH","BLAH") or die('Server connection not possible.');
$sql = ("DELETE FROM `product` WHERE `product`.`productId`= $productId");
mysqli_query($con, $sql);

echo "Deleted product ID: $productId successfully.<br /><br /><br /><br /><br /><br /> <a href='../userAccount.php#deletion'>Go back to user account and delete another.</a>";

我不知道发生了什么，该产品被调用到deleteProcess.php并进入页面，但没有删除，也没有显示任何错误.当我刚接触php和mysql时，我认为我会做最好的研究，因为我没有想到要问的答案，所以任何人都可以告诉我我做错了什么，或指出正确的方向.

I cannot understand what is going on, the product gets called into deleteProcess.php and onto the page but doesn't delete, it shows no errors either. As I'm newish to php and mysql I thought I'd best research, as I came up with no answer I thought to ask, so can anybody tell me what I'm doing wrong or point me in the right direction.

推荐答案

$sql = ("DELETE FROM `product` WHERE `product`.`productId`= $productId");
mysqli_query($con,$sql);

到

$sql = "DELETE FROM `product` WHERE `product`.`productId`= $productId";
mysqli_query($con,$sql) OR DIE(mysqli_error($con)); //useful for debugging

警告！！此代码容易受到SQL注入的攻击. 通过清除所有用户输入来修复SQL注入.

warning! this code is vulnerable to SQL injection. fix sql injection by sanitizing all user input.

$productId = mysql_real_escape_string($_GET['productId']); // use mysql_real_escape_string on $_GET
$con = mysqli_connect("BLAH","BLAH","BLAH","BLAH") or die('Server connection not possible.');
$sql = "DELETE FROM `product` WHERE `product`.`productId`= '$productId'"; //add single quotes around variable $productid to seperate string from query
mysqli_query($con, $sql);

这篇关于PHP MySQL删除行的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！