我有一份学校作业留言簿,现在我需要删除帖子,但只有登录用户才能删除自己的帖子。
如何编写删除语法?我想的是:
if ($_GET['Deletebutton']) {
mysql_query("DELETE FROM guestbook WHERE $id ='PostID' AND $username='Username'");
}
我在下面的页面上发布了我的代码!
<h1>Välkommen till gästboken!</h1>
<h2>Posta till Gästboken</h2>
<form action="home.php" method="post">
<table>
<tr>
<td>Titel:</td>
<td><input type="text" name="titel" style="width: 600px;"/></td>
</tr>
<tr>
<td>Inlägg:</td>
<td><textarea name="inlägg" style="width: 600px; height: 300px;"></textarea></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="postknapp" value="Posta"/></td>
</tr>
</table>
</form>
<p>
<a href="logga_ut.php">Logga ut</a>
<?php
session_start();
$username = $_SESSION['username'];
if ($_SESSION['login'] == 1) { //om sessionen är 1 så
// Connect to the database
mysql_connect("localhost", "root", "");
mysql_select_db("guestbookdatabase");
//******************************************************************//
//Display stuff
echo "<h1>Nuvarande Poster</h1>";
if ($_POST['postknapp']) {
$title = strip_tags($_POST['titel']);
$message = strip_tags($_POST['inlägg']);
if ($title && $message) {
//Lägg till i databasen
mysql_query("INSERT INTO guestbook (Title,Post,Username) VALUES ('$title','$message','$username')");
echo "Ditt inlägg har lagts till i gästboken!";
}
else
echo "Du har inte fyllt i nödvändig information för att kunna göra ett inlägg.";
}
$query = mysql_query("SELECT * FROM guestbook ORDER BY PostID DESC");
$numrows = mysql_num_rows($query);
if ($numrows > 0) {
while ($row = mysql_fetch_assoc($query)) {
$id = $row['PostID'];
$name = $row['Username'];
$title = $row['Title'];
$message = $row['Post'];
$date = $row['Timestamp'];
$message = nl2br($message);
echo "<div>
Av <b>$name</b> vid <b>$date</b><br />
<h2>$title</h2> <p>
$message <p>
<div align = 'right'><input type='button' name='Raderaknapp' value='Ta bort inlägget' />
</div></div><hr />";
if ($_GET['Raderaknapp']) {
mysql_query("DELETE FROM guestbook WHERE $id ='PostID' AND $username='Username'");
echo "Inlägget har tagits bort!";
}
}
}
else
echo "Inga inlägg hittades.";
mysql_close();
} else { // om session inte är 1 så
echo "Du har INTE tillåtelse till gästboken! Klicka på länken för att logga in!";
?>
<p>
<br/><a href="index.html">Till login >></a>
<?php
}
?>
答案 0 :(得分:2)
尝试:
mysql_query("DELETE FROM guestbook WHERE PostID = '".$id."' AND Username = '".$name."'");
答案 1 :(得分:1)
Please, don't use mysql_*
functions in new code。它们不再被维护and are officially deprecated。请改为了解prepared statements,并使用PDO或MySQLi这是good tutorial for PDO。
现在,如果你想继续这个。
if ($_GET['Deletebutton']) {
$id = mysql_real_escape_string($_POST['id']);
$username = mysql_real_escape_string($_POST['username']);
mysql_query("DELETE FROM guestbook WHERE id ='".$id."' AND username='".$username."'")
or die("My SQL can not perform this task right now");
}