我一直在关注本教程 Best way to delete mysql rows from html page - delete link and php
但我卡住了,我的行不会删除。 请帮忙
// My Viewing dish Page
<?php
$result = mysql_query("SELECT * FROM dish");
echo "<table border='1'>
<tr>
<th>DishID</th>
<th>DishName</th>
<th>DishPrice</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['DishID'] . "</td>";
echo "<td>" . $row['DishName'] . "</td>";
echo "<td>" . $row['DishPrice'] . "</td>";
echo '<td><a href="delete.php?id=' . $row['DishID'] . '">Delete</a></td>';
echo "</tr>";
}
echo "</table>";
?>
//Delete Page
<?php
require_once("database.php");
/*
DELETE.PHP
Deletes a specific entry from the 'players' table
*/
// check if the 'id' variable is set in URL, and check that it is valid
if (isset($_GET['DishID']) && is_numeric($_GET['DishID']))
{
// get id value
$DishID = $_GET['DishID'];
// delete the entry
$result = mysql_query("DELETE FROM dish WHERE DishID =$DishID} ")
or die(mysql_error());
// redirect back to the view page
header("Location: admin_modifydishes.php");
}
else
// if id isn't set, or isn't valid, redirect back to view page
{
echo "doesn'twork";
}
?>
我认为这与$ DishID = $ _GET ['DishID'];有关。但我不能解决它,请帮助。
答案 0 :(得分:4)
很容易
要删除的网址是:delete.php?id=your-id
要获取id参数,您需要使用$_GET['id'],不 $_GET['DishID']。
此外,您的删除查询有点不对劲。尝试将其替换为:
$result = mysql_query("DELETE FROM `dish` WHERE `DishID`={$DishID}");
答案 1 :(得分:0)
$result = mysql_query("DELETE FROM dish WHERE DishID =$DishID} ")
or die(mysql_error());
应该是
$result = mysql_query("DELETE FROM dish WHERE DishID =$DishID")
和
$_GET['DishID']
应该是
$_GET['id']
答案 2 :(得分:0)
请注意,除非你在某处清理输入,否则你在这里为自己创造了一个痛苦的世界。
使用这样的SQL会让您对SQL注入攻击持开放态度。如果它可能,以及消毒,你应该看看PDO模块。