MySQL:使用PHP按钮删除一行
我正在尝试为显示的行创建删除按钮。这些行是MySQL数据库中的实际数据 当我运行代码时,我能够启动会话,查看显示的所有数据。但是,当我单击Delete按钮时,数据库中的数据不会改变 我怀疑是删除按钮的“值”。我不知道如何将该值与sql查询关联 任何帮助都将不胜感激。谢谢大家!MySQL:使用PHP按钮删除一行,php,mysql,sql,database,sql-delete,Php,Mysql,Sql,Database,Sql Delete,我正在尝试为显示的行创建删除按钮。这些行是MySQL数据库中的实际数据 当我运行代码时,我能够启动会话,查看显示的所有数据。但是,当我单击Delete按钮时,数据库中的数据不会改变 我怀疑是删除按钮的“值”。我不知道如何将该值与sql查询关联 任何帮助都将不胜感激。谢谢大家! <html> <head> <title>Delete Transaction</title> </head> <body> <?php ses
<html>
<head>
<title>Delete Transaction</title>
</head>
<body>
<?php
session_start();
if (isset($_SESSION['Username'])) {
$Username=$_SESSION['Username'];
}
?>
<h2><?php echo "USER $Username LOGGED IN"; ?></h2>
<form action ="" method = "post">
<?php
$dbc=mysqli_connect('localhost','testuser','password','Project')
or die ("Could not Connect! \n");
$sql_query = "SELECT MemberID FROM Members WHERE Username = '$Username';";
$result1 = mysqli_query($dbc,$sql_query) or die ("error querying database");
if (mysqli_num_rows($result1) > 0 ) {
$row = mysqli_fetch_assoc($result1);
$mID = $row['MemberID'];
} // assigning mID as MemberID
$sql = "SELECT * FROM Sales WHERE Members_ID = '$mID' "; // Getting Members_ID in Sales Table
$result=mysqli_query($dbc,$sql) or die ("Error Querying Database");
$sql_getSalesID = "SELECT SalesID FROM Sales WHERE Members_ID ='$mID'"; // Getting SalesID
$result2 = mysqli_query($dbc,$sql_getSalesID) or die ("Error Querying Database 2");
if (mysqli_num_rows($result2) > 0 ) {
$row = mysqli_fetch_assoc($result2);
$SalesID = $row['SalesID'];
}
if (isset($_POST['SalesID']) and is_numeric($_POST['SalesID']))
{
$delete =$_POST['SalesID'];
$sql_delete="DELETE FROM Sales WHERE SalesID = '$delete'";
$result3 = mysqli_query($dbc,$sql_delete) or die ("Error Querying Database 3");
}
echo "<table>";
echo "<tr> <th> User </th> <th> Item </th> <th> Purchase Date </th> <th> Delete Option </th> </tr>";
while($row=mysqli_fetch_array($result)){
echo "<tr> <td>".$row['Members_ID']."</td>
<td>".$row['Items_ID']."</td> <td>".$row['PurchaseDate']."</td>
<td><button type='submit' name ='deleteTrans' value ='".$sql_delete."'> Delete </button></td> </tr>";
}
echo "</table>";
mysqli_close();
?>
</form>
</body>
</html>
删除事务
请参阅适合您的解决方案:
使用$\u GET删除此销售
我还添加了一个抵御攻击的防火墙:SQL注入和XSS
像这样:
<html>
<head>
<title>Delete Transaction</title>
</head>
<body>
<?php
session_start();
if (isset($_SESSION['Username'])) {
$Username=$_SESSION['Username'];
}
?>
<h2><?= "USER $Username LOGGED IN"; ?></h2>
<form action ="" method = "post">
<?php
$db = @new mysqli('localhost','testuser','password','Project') or die ("Could not Connect! \n");
// Protect From SQL injection & XSS
if (isset($_GET)) {
foreach ($_GET as $key => $value) {
$_GET[$key] = $db->real_escape_string($value);
$_GET[$key] = htmlspecialchars(trim($value), ENT_QUOTES, "utf-8");
}
}
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = $db->real_escape_string($value);
$_POST[$key] = htmlspecialchars(trim($value), ENT_QUOTES, "utf-8");
}
}
if (isset($_REQUEST)) {
foreach ($_REQUEST as $key => $value) {
$_REQUEST[$key] = $db->real_escape_string($value);
$_REQUEST[$key] = htmlspecialchars(trim($value), ENT_QUOTES, "utf-8");
}
}
//Your Code
$sql_query = "SELECT MemberID FROM Members WHERE Username = '$Username';";
$result1 = $db->query($sql_query) or die ("error querying database");
if (mysqli_num_rows($result1) > 0) {
$row = $result1->fetch_assoc();
$mID = $row['MemberID'];
} // assigning mID as MemberID
$sql = "SELECT * FROM Sales WHERE Members_ID = '$mID' "; // Getting Members_ID in Sales Table
$result=mysqli_query($db,$sql) or die ("Error Querying Database");
$sql_getSalesID = "SELECT SalesID FROM Sales WHERE Members_ID ='$mID'"; // Getting SalesID
$result2 = $db->query($sql_getSalesID) or die ("Error Querying Database 2");
if (mysqli_num_rows($result2) > 0 ) {
$row = $result2->fetch_assoc();
$SalesID = $row['SalesID'];
}
// Check if click del button
if (isset($_GET['del']) && is_numeric($_GET['del']))
{
$del = $_GET['del'];
$sql_delete = "DELETE FROM Sales WHERE SalesID = '$del'";
$result3 = $db->query($sql_delete) or die ("Error Querying Database 3");
}
echo "<table>";
echo "<tr> <th> User </th> <th> Item </th> <th> Purchase Date </th> <th> Delete Option </th> </tr>";
while($row = $result->fetch_assoc()){ ?>
<tr><td><?= $row['Members_ID']; ?></td>
<td><?= $row['Items_ID']; ?></td> <td><?= $row['PurchaseDate']; ?></td>
<td><a href="?del=<?= $row['SalesID']; ?>" class ='btn btn-danger'> Delete </a></td></tr>
}
<?
echo "</table>";
?>
</form>
</body>
</html>
删除事务
}
从您的问题标题中,您可能会感到困惑。PHP没有“按钮”。这是HTML格式的东西。PHP在服务器上运行,HTML、JS等在用户浏览器中运行。如果您希望基于浏览器中的事件在PHP中发生某些事情,则需要提交表单或使用AJAX将数据/信息发送到服务器上的PHP脚本。您没有检查错误,那么您希望发生什么?此外,您的代码可接受SQL注入。请使用参数化查询来防止出现这种情况。或者共享网页的URL,这样我们就可以攻击你的服务器了!LOL“非常感谢您的帮助。谢谢!”-这通常是一个迹象,表明您的解决方案已经运行,就像您在之前的帖子中所做的那样。如果你只是想保持沉默,那么你需要提高你的沟通技巧,哦,还有调试$_POST['deleteTrans']