我有一个代码用于更新关于SQL的表的信息,我试图使用相同的代码进行微小修改以使其删除但不删除。我在这里找不到任何我想念的东西。
<html>
<head>
</head>
<body>
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db('my_db6');
$query = "SELECT * FROM emp";
$result = mysql_query($query) or die(mysql_error());
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="1" cellspacing="1" cellpadding="2">
<tr>
<?php
while($row = mysql_fetch_array($result))
{
$ename = $row['ename'];
$empno = $row['empno'];
$position = $row['position'];
?>
<td width="100"></td>
<td><?=$ename?></td>
</tr>
<tr>
<td width="100">E-Name</td>
<td><input name="ename" type="text" value="<?=$ename?>"></td>
</tr>
<tr>
<td width="100">Employee Number</td>
<td><input name="empno" type="text" value="<?=$empno?>"></td>
</tr>
<tr>
<td width="100">Position</td>
<td><input name="position" type="text" value="<?=$position?>"></td>
</tr>
<?php } ?>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
if(isset($_POST['update']))
{
$ename = $_POST['ename'];
$empno = $_POST['empno'];
$position = $_POST['position'];
$sql = mysql_query("UPDATE EMP SET ename = '$ename', empno = '$empno', position = '$position' WHERE ename = '$ename'");
echo "Updated data successfully\n";
}
?>
</body>
</html>
这是我想要删除的代码:
<html>
<head>
</head>
<body>
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db('my_db6');
$query = "SELECT * FROM emp";
$result = mysql_query($query) or die(mysql_error());
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="1" cellspacing="1" cellpadding="2">
<tr>
<?php
while($row = mysql_fetch_array($result))
{
$ename = $row['ename'];
$empno = $row['empno'];
$position = $row['position'];
?>
<td width="100"></td>
<td><?=$ename?></td>
</tr>
<tr>
<td width="100">E-Name</td>
<td><input name="ename" type="text" value="<?=$ename?>"></td>
</tr>
<tr>
<td width="100">Employee Number</td>
<td><input name="empno" type="text" value="<?=$empno?>"></td>
</tr>
<tr>
<td width="100">Position</td>
<td><input name="position" type="text" value="<?=$position?>"></td>
</tr>
<?php } ?>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="delete" type="submit" id="delete" value="delete">
</td>
</tr>
</table>
</form>
<?php
if(isset($_POST['delete']))
{
$ename = $_POST['ename'];
$empno = $_POST['empno'];
$position = $_POST['position'];
$sql = mysql_query("DELETE EMP SET ename = '', empno = '', position = '' WHERE ename = '$ename'");
echo "Deleted data successfully\n";
}
?>
</body>
</html>
但它不会在SQL数据表条目中进行任何更改或删除
答案 0 :(得分:0)
我认为你的删除语法错了。我不是MySQL的专家,但在删除中指定列值没有意义。尝试
DELETE FROM emp WHERE ename = '$ename'
正如我现在看到的一些人在评论中也提到过,你转向使用参数化查询非常关键。这种方法目前容易受到非常严重的SQL注入攻击。
答案 1 :(得分:0)
使用此选项删除条目:
mysql_query("DELETE FROM `emp` WHERE `ename`='$ename'");
如果您想编辑条目:
mysql_query("UPDATE `emp` SET `ename`='', `empno`='', `position`='' WHERE `ename`='$ename'");
我建议您在查询中使用它之前转义$ename,您可以这样做:
$ename = mysql_real_escape_string($_POST['ename']);