搜索现有数据,如果是php,则加倍
我正在处理一个网页,我希望有一个可能的删除按钮,其工作方式如下:搜索现有数据,如果是php,则加倍,php,mysql,Php,Mysql,我正在处理一个网页,我希望有一个可能的删除按钮,其工作方式如下: - you introduce a country ISO code which you want to delete - click the button - if the country has players participating (competitor table, ISO_country_code column) then prints the message that this cannot happen
- you introduce a country ISO code which you want to delete
- click the button
- if the country has players participating (competitor table, ISO_country_code column) then prints the message that this cannot happen
- if not, deletes the country from country table
我尝试了以下方法,但我不知道如何创建第二个if的条件,以实现适当的工作
$connect=mysqli_connect("localhost","root","","mydatabase");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
$result=mysqli_query($connect,"SELECT COUNT(*) FROM competitor
WHERE ISO_country_code='".$_POST['countrycode']."')")
if ($result>0)
{
echo 'The following country is involved with players, so it can not be deleted!</br></br>';
}
else (mysqli_query($connect,"DELETE FROM country WHERE ISO_country_code='".$_POST['countrycode']."'"));
{
echo 'The following country was deleted: '.$_POST["countrycode"]."</br>";
}
}
您有一些语法错误+可能没有得到要查找的行数
$connect=mysqli_connect("localhost","root","","mydatabase");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
$result=mysqli_query($connect,"SELECT * FROM competitor
WHERE ISO_country_code='".$_POST['countrycode']."'");
$rows = mysql_num_rows($result);
if ($rows>0)
{
echo 'The following country is involved with players, so it can not be deleted!</br></br>';
}
else {
mysqli_query($connect,"DELETE FROM country WHERE ISO_country_code='".$_POST['countrycode']."'");
echo 'The following country was deleted: '.$_POST["countrycode"]."</br>";
}
}
使用面向对象的方法时,$结果不包含整数,它返回true或false或对象
如果要检查查询返回的结果数量,必须用函数替换$result
您应该了解如何防止SQL注入
首先,您必须使用以下内容创建查询的准备语句:
$stmt = mysqli_prepare($connect,"SELECT * FROM competitor WHERE ISO_country_code=?");
然后将参数绑定到语句s代表字符串:
mysqli_stmt_bind_param($stmt,"s",$_POST['countrycode']);
并执行您的声明:
mysqli_stmt_execute($stmt);
然后,您可以使用获得结果,例如。试试这个
if(mysql_num_rows($result) > 0)
{
echo "cannot delete";
}
else if(mysql_num_rows($result) == 0)
{
//write the query for deletion
echo "deleted";
}
请注意1';落桌国家在这篇文章中会非常戏剧化,你这是什么意思?小心你的代码中的SQL注入,你可能想开始使用准备好的语句……最好的SQL注入保护是有的。这是一个很好的观点,但如果不应该的话,仍然会进入第二阶段。@rafanadal你是什么意思?