mysql DELETE 适用于 phpmyadmin 但不适用于 php 脚本 [英] mysql DELETE works on phpmyadmin but not on php script

问题描述

基本上正如我的问题所说，它适用于 phpmyadmin 但不适用于 php 本身.当我运行脚本时，它返回true，并且不会死.帮助！

Basically as my question stated, it works on phpmyadmin but not php itself. When I run the script, it returns true, and doesn't die. HELP!

这里是查询:

DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$ID'

这是php脚本:

<?php

include_once "connect_to_mysql.php";

$errorB = false;

$error = '';
$id = '';
$userID = '';
if (empty($_GET['ID']) || empty($_GET['userID'])) {
$errorB = true;

if (empty($_GET['ID'])) {
    $error = $error.'-No selected ID was sent';

}

if (empty($_GET['userID'])) {
    $error = $error.'-No selector ID was sent';

}


} else {
$id = $_GET['ID'];
$userID = $_GET['userID'];
echo $id.$userID;
$sqlInsert = mysql_query("DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$ID'") or die (mysql_error());
echo 'shz';
}

if ($errorB) {
echo $error;

}



?>

我的数据库如下所示:

 id|selectorID|selectedID
 3  1          4
 4  1          5

推荐答案

您的第一个但较小的麻烦是 PHP 变量区分大小写:

Your first, but lesser trouble is the case sensitive nature of PHP variables:

这里

$sqlInsert = mysql_query("DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$ID'") or die (mysql_error());

你指的是$ID，但只有$id:

$id = $_GET['ID'];

正确:

$sqlInsert = mysql_query("DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$id'") or die (mysql_error());

重要提示

虽然这很可能会奏效，但这很容易发生SQL注入！改用 PDO，或者至少使用 escape你的价值观！！！

While this will most likely work, but this is prone to SQL injection! Use PDO instead, or at the very least, escape your values!!!

这篇关于mysql DELETE 适用于 phpmyadmin 但不适用于 php 脚本的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！