我正在尝试从我的shirt_types表(即T恤产品)中删除产品列表。我有一个管理员页面,列出表格中的所有项目以及信息。我在每个项目的列末尾添加了删除链接。当我点击删除按钮时,它会将我重定向到需要的shirt_delete页面,但之后什么也没有。它包括标题,然后页面的其余部分为空白。我认为至少应该显示页眉和页脚,但事实并非如此。下面是我使用的代码是list_shirts:
$select_shirts = "SELECT shirt_type, shirt_quantity, shirt_color, price, shirt_description, photo, shirt_types_id from shirt_types order by $sort";
$exec_select_shirts = @mysqli_query($link, $select_shirts);
if(!$exec_select_shirts){
echo "The shirt types information could not be retrieved from the shirt_types table because of: ".mysqli_error($link);
mysqli_close($link);
include('footer_admin.php');
die();
} else {
echo "<div id='list_users'><table id='list_user' border='0'>";
echo "<tr>";
echo "<th><a href='".$_SERVER['PHP_SELF']."?sort=size&bool=".!$bool."'>Size</a></th>";
echo "<th><a href='".$_SERVER['PHP_SELF']."?sort=qnty&bool=".!$bool."'>Quantity</a></th>";
echo "<th><a href='".$_SERVER['PHP_SELF']."?sort=color&bool=".!$bool."'>Color</a></th>";
echo "<th><a href='".$_SERVER['PHP_SELF']."?sort=price&bool=".!$bool."'>Price</a></th>";
echo "<th><a href='".$_SERVER['PHP_SELF']."?sort=desc&bool=".!$bool."'>Description</a></th>";
echo "<th><a href='".$_SERVER['PHP_SELF']."?sort=photo&bool=".!$bool."'>Photo</a></th>";
echo "<th>Delete</th>";
echo "</tr>";
while ($one_row = mysqli_fetch_assoc($exec_select_shirts)) {
echo "<tr>";
echo "<td class='first'>".$one_row['shirt_type']."</td>";
echo "<td class='second'>".$one_row['shirt_quantity']."</td>";
echo "<td class='first'>".$one_row['shirt_color']."</td>";
echo "<td class='second'>".$one_row['price']."</td>";
echo "<td class='first'>".$one_row['shirt_description']."</td>";
echo "<td class='second'><img src='./images/".$one_row['photo']."' /></td>";
echo "<td class='first'><a href='shirt_delete.php?shirt_types_id=".$one_row['shirt_types_id']."'>Delete</a></td>";
echo "</tr>";
}
这是我试图用来从数据库中删除衬衫及其信息的shirt_delete.php文件。
<?php
require('mysql_connect.php');
session_start();
if (isset($_SESSION['shirt_users_id']) && isset($_SESSION['full_name'])) {
$title="Delete Shirts Page";
include_once("header_admin.php");
if(!empty($_GET['shirt_types_id'])){
$shirt_types_id = $_GET['shirt_types_id'];
mysqli_query($link, "SET AUTOCOMMIT = 0");
$del_shirt_users_id = "DELETE shirt_types.*
FROM shirt_types
WHERE shirt_types_id = $shirt_types_id";
$$del_shirt_types_id = @mysqli_query($link, $del_shirt_types_id);
if(!$$del_shirt_types_id){
rollback(mysqli_error($link));
}else{
mysqli_query($link, "COMMIT");
header('refresh: 0; url=list_shirts.php');
}
}else{
echo "Problem occurred";
header('refresh: 3; url=list_shirts.php');
}
} else {
echo "You are not an authentic administrator. Being directed to the login page...";
header("Refresh: 2; url='login.php'");
}
mysqli_close($link);
require("footer.php");
die();
?>
注意:我理解SQL注入是真实的,在现实世界的应用程序中,这段代码是不够的。但这是三部曲系列的第一部分。我们现在不要担心sql注入。感谢大家的建议和对此的担忧!
答案 0 :(得分:2)
尝试使用,删除shirt_types.*
$del_shirt_users_id = "DELETE FROM shirt_types
WHERE shirt_types_id = $shirt_types_id";
而不是
$del_shirt_users_id = "DELETE shirt_types.*
FROM shirt_types
WHERE shirt_types_id = $shirt_types_id";
并且,改变:
$del_shirt_types_id = @mysqli_query($link, $del_shirt_types_id);
if(!$del_shirt_types_id){
而不是
$$del_shirt_types_id = @mysqli_query($link, $del_shirt_types_id);
if(!$$del_shirt_types_id){
答案 1 :(得分:2)
通过使用外部变量构建SQL语句,您将对SQL注入攻击保持开放态度。
在您的特定情况下,如果某人shirt_types_id的值为“0或(1 = 1)”,那么您将创建的SQL将大致如下所示:
DELETE FROM shirt_types WHERE shirt_types_id = 0 or (1=1)
由于1=1始终为true,因此您将删除每个shirt_types记录。
请了解如何使用参数化查询(最好使用PDO模块)来保护您的网络应用。 http://bobby-tables.com/php有一些示例可以帮助您入门,this question有很多详细示例。