我有一个表,我需要使用php编辑/删除sql db中的行。问题(与时间一样古老的故事)是删除/编辑功能都无法正常工作。我没有得到任何错误消息,所以我花了好几个小时梳理代码,谷歌搜索和搜索其他类似的问题,没有真正解决我的具体问题。
我可能错过了引号或类似的蠢事,但有些指针会非常感激。
这是我的编辑代码:
//if the 'id' variable is set in the URL, we know that we need to edit a record
if (isset($_GET['GroomingID']))
{
//if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
//make sure the 'id' in the URL is valid
if (is_numeric($_POST['GroomingID']))
{
//get variables from the URL/form
$GroomingID = $_POST['GroomingID'];
$firstName = htmlentities($_POST['FirstName'], ENT_QUOTES);
$lastName = htmlentities($_POST['LastName'], ENT_QUOTES);
//check that firstname and lastname are both not empty
if ($firstName == '' || $lastName == '')
{
//if they are empty, show an error message and display the form
$error = 'ERROR: Please fill in all required fields';
renderForm($firstName, $lastName, $error, $GroomingID);
}
else
{
//if everything is fine, update the record
if($stmt = $link->prepare("UPDATE grooming SET FirstName = ?, LastName = ? WHERE GroomingID=?"))
{
$stmt->bind_param("ssi", $firstName, $lastName, $GroomingID);
$stmt->execute();
$stmt->close();
}
//show an error message if the query encounters an error
else
{
echo "Error: could not preapre sql statement.";
}
//redirect the user once the form is updated
header("Location: PS_Manage_Appnts.php");
exit();
}
}
//if the 'id' variable isn't valid, show error message
else
{
echo "Error";
}
}
//if the form hasn't been submitted yet, get the info from the database and show the form
else
{
//make sure the 'id' value is valid
if (is_numeric($_GET['GroomingID']) && $_GET['GroomingID'] > 0)
{
//get 'id' from URL
$id = $_GET['GroomingID'];
//get the record from the database
if($stmt = $link->prepare("SELECT * FROM grooming WHERE GroomingID=?"))
{
$stmt->bind_param("i", $GroomingID);
$stmt->execute();
$stmt->bind_result($GroomingID, $firstName, $lastName);
$stmt->fetch();
//show the form
renderForm($firstName, $lastName, NULL, $GroomingID);
$stmt->close();
}
//show an error if the query has an error
else
{
echo "Error: could not prepare SQL statement.";
}
}
//if the 'id' value is not valid, redirect the user back to the PS_Manage_Appnts.php page
else {
header("location:PS_Manage_Appnts.php");
exit();
}
}
}
我的删除代码(与编辑代码分开):
<?php
//connect to the database
include ("newDBconn.php");
//confirm that the 'id'(in this case, 'GroomingID') variable has been set
if (isset($_GET['GroomingID']) && is_numeric($_GET['GroomingID']))
{
//get the 'id' variable from the URL
$GroomingID = $_GET['GroomingID'];
//delete record from the database
if ($stmt = $link->prepare("DELETE FROM grooming WHERE GroomingID = '?' LIMIT 1"))
{
$stmt->bind_param("i", $GroomingID);
$stmt->execute();
$stmt->close();
}
else
{
echo "ERROR: could not prepare sql statement.";
}
$link->close();
// redirect user after delete is successful
header ("location:PS_Manage_Appnts.php");
exit();
}
else
//if the 'id' variable isn't set, redirect the user
{
header("location:PS_Manage_Appnts.php");
exit();
}
?>
最后,我的数据库连接的代码在一个单独的php文件中:
<?php
//connect to db
$link = mysqli_connect('localhost', 'root', 'pwdpwd', 'pet_shop');
//check connection
if (!$link) {
printf("Connection failed: %s\n", mysqli_connect_error());
exit();
}
?>
注意:我知道msql注入,但是a)这是我的机器上的测试和b)我想先解决这个问题。谢谢你的帮助!
编辑:我确实是通过FireFox的Firebug运行的,并且没有错误。但是,我注意到,当我点击桌面上的“删除”链接时,firebug会显示:http://i.imgur.com/oPqIfOk.png
没有代码将上面带下划线的css文件链接到我的删除文件(PS_delete_post.php),所以我不知道为什么它试图抓取css文件。 PS_delete_post.php不应该有任何css链接到它开始。
EDIT2:根据Neo的建议,我已将$ firstName / $ lastName变量改为全部小写。现在,当点击“修改”时,用户(正确)定向到空表单以输入值,但点击提交添加新行而非修改现有行。 “删除”仍然无效。
答案 0 :(得分:0)
您是从Post和Get发送GroomingID吗?
在更新文件中,您使用此$GroomingID = $_POST['GroomingID'];检索ID但我不确定您是从Post发送还是仅发送。
