Javascript Php CRUD应用程序:使用Ajax删除行将返回整个页面
我已经使用PHP和Bootstrap制作了一个CRUD应用程序 我的delete_record.php文件包含以下代码:Javascript Php CRUD应用程序:使用Ajax删除行将返回整个页面,javascript,php,jquery,ajax,twitter-bootstrap,Javascript,Php,Jquery,Ajax,Twitter Bootstrap,我已经使用PHP和Bootstrap制作了一个CRUD应用程序 我的delete_record.php文件包含以下代码: <?php include("includes/header.php"); include("includes/nav.php"); if (isset($_GET['mid'])) { $sql = "DELETE FROM medical_records WHERE mid = " . $_GET['mid']; //echo $sql; if (m
<?php
include("includes/header.php");
include("includes/nav.php");
if (isset($_GET['mid'])) {
$sql = "DELETE FROM medical_records WHERE mid = " . $_GET['mid'];
//echo $sql;
if (mysqli_query($con, $sql)) {
//header("Location: {$_SERVER['HTTP_REFERER']}");
echo "Record successfully deleted";
} else {
echo "Error: " . mysqli_error($con);
}
}?>
<?php include("includes/footer.php"); ?>
$('.delete-icn').on('click', function(evt){
evt.preventDefault();
var mid = $(this).data('mid');
if(confirm('Are you sure you want to delete?')) {
$.ajax({
url: 'delete_record.php?mid=' + mid,
method: 'GET',
data: {mid:mid},
success: function(deleteMsg){
$('#delete_msg').slideDown(250);
$('#delete_msg').text(deleteMsg);
}
});
}
});
if (isset($_GET['mid'])) {
$sql = "DELETE FROM medical_records WHERE mid = " . $_GET['mid'];
if (mysqli_query($con, $sql)) {
//header("Location: {$_SERVER['HTTP_REFERER']}");
echo "Record successfully deleted";
} else {
echo "Error: " . mysqli_error($con);
}
}?>
因此没有发生重大变化。使用
mysqli\u受影响的行DELETE好的,你的答案可能很好,但这里有个问题。当有人呼叫http://example.com/delete_record.php?mid=1&20OR%201%3D1
?回答:您执行以下查询,并且您的整个数据库将被清除
DELETE FROM medical_records WHERE mid = 1 OR 1=1;
尝试改用:
您正在使用GET和POST;使用一个。您还正在执行其他php文件的include()。。。。如果您只需要echo,那么只需要echo。我已将方法“POST”更改为方法“GET”,但仍然返回delete_record.php的整个代码。removeheader.php
,nav.php
和footer.php
我已更改,但没有发生重大更改。delate操作的php部分工作正常,它在ajax部分之前工作。Comment redirect header和inspect元素以查看是否仍然得到 delete_record.php
页面上的标签?好的,包括(“functions/init.php”);delete_record.php顶部缺少(它是header.php中包含的“normaly”,我从delete_record.php中排除了它),但还有一件事:records_all.php文件(显示所有记录)不会更新(再次渲染),除非我重新引用页面。我使用数据表很好地显示记录。使用AJAX
页面不会自动刷新。
<?php
$link = mysqli_connect("localhost", "my_user", "my_password", "world");
if (!$link) {
printf("Can't connect to localhost. Error: %s\n", mysqli_connect_error());
exit();
}
/* Insert rows */
mysqli_query($link, "CREATE TABLE Language SELECT * from CountryLanguage");
printf("Affected rows (INSERT): %d\n", mysqli_affected_rows($link));
mysqli_query($link, "ALTER TABLE Language ADD Status int default 0");
/* update rows */
mysqli_query($link, "UPDATE Language SET Status=1 WHERE Percentage > 50");
printf("Affected rows (UPDATE): %d\n", mysqli_affected_rows($link));
/* delete rows */
mysqli_query($link, "DELETE FROM Language WHERE Percentage < 50");
printf("Affected rows (DELETE): %d\n", mysqli_affected_rows($link));
/* select all rows */
$result = mysqli_query($link, "SELECT CountryCode FROM Language");
printf("Affected rows (SELECT): %d\n", mysqli_affected_rows($link));
mysqli_free_result($result);
/* Delete table Language */
mysqli_query($link, "DROP TABLE Language");
/* close connection */
mysqli_close($link);
?>
DELETE FROM medical_records WHERE mid = 1 OR 1=1;
<?php
include("functions/init.php");
if (isset($_GET['mid'])) {
$sql = "DELETE FROM medical_records WHERE mid = ?";
$stmt = $con->prepare($sql);
$stmt->bind_param("i", $_GET["mid"]);
if ($stmt->execute()) {
echo "Fisa a fost stearsa.";
} else {
echo "Error: $stmt->error";
}
}