根据用户选择的内容从数据库中删除数据

时间:2014-11-19 11:55:57

标签: php mysqli

HY,

我有一个表单,从中将数据传递给php脚本,并结合用户选择,php处理查询。但是,不是根据输入验证查询,而是在第一个条件下停止,而不是评估其余条件。

贝娄是我的剧本

   $userName=$_POST['user'];
$userId=$_POST['id'];
$studentName=$_POST['studentName'];
$studentSurname=$_POST['studentSurname'];
if(count($_POST)>0){
if(isset($userId)){

ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_id=$userId";

$result=mysqli_query($conn,$sql);
if(! $result )
{
  die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/

}

else if(isset($userName)){

ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_name='$userName'";

$result=mysqli_query($conn,$sql);
if(! $result )
{
  die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/

}

else(isset($studentName)and isset($studentSurname)){

ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE name='$studentName' AND surname='$studentSurname'";

$result=mysqli_query($conn,$sql);
if(! $result )
{
  die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/


}
}
else{

echo "You have not completed any fild!";
}

和html表单:

<!DOCTYPE html>

<html lang="en">
    <head>
        <meta charset="utf-8" />
        <title>Delete course</title>
        <script src="validateUser.js"></script>

    </head>
    <body>
        <form action="removeuser.php" method ="post">
        <table>
        <tr><td>
        <label for="user">User name:</label>
        </td>
        <td>
        <input type="text" id="user" name="user"></input>
        </td></tr>
        <tr><td>
        <label for="id">User id:</label>
        </td>
        <td>
        <input type="text" id="id" name="id"></input>
        </td></tr>
        <tr><td>
        <label for="studentName">Student name:</label>
        </td>
        <td>
        <input type="text" id="studentName" name="studentName"></input>
        </td></tr>
        <tr><td>
        <label for="studentSurname">
        Student surname:</label></td><td>
        <input type="text" id="studentSurname" name="studentSurname"></input>
        </td></tr>
        <tr><td>

        <tr><td>

        <tr colspan="2"><td>

<input type="submit" value="Add"/></td></tr>
       </form>
    </body>
</html>

我做错了什么?

我修改了查询以反映受以下内容启发的字符串输入变量:Fred-iiFarukIolkaPankaj

问题仍然存在。我如何在seqvential顺序中评估条件,因为评估在if(isset($ userId)之后停止if if和I receive the mesage:

  

VAR NUM   警告:mysqli_error()只需要1个参数,0给出...   无法删除数据:

此致

4 个答案:

答案 0 :(得分:1)

varchar变量附近添加引号。

$sql = "DELETE FROM user"
    . " WHERE name='" . mysqli_real_escape_string($conn, $studentName) . "'"
    . " AND surname='" . mysqli_real_escape_string($conn, $studentSurname) . "'";

注意:通过转义变量或使用预准备语句来避免sql注入。

答案 1 :(得分:1)

您的第一个查询没问题,因为$ userId是一个整数

$sql="DELETE FROM user WHERE user_id=$userId";

其余的quires是字符串,所以改为

$sql="DELETE FROM user WHERE user_name='$userName'";   

$sql="DELETE FROM user WHERE name='$studentName' AND surname='$studentSurname'";

根据用户输入运行对应的删除查询

 if (!empty($_POST['id'])) {
    $sql = "DELETE FROM user WHERE user_id={$_POST['id']}";
    $result = mysqli_query($conn, $sql);
    if (!$result) {
        die('Could not delete data: ' . mysqli_error());
    }
}

if (!empty($_POST['user'])) {
    $sql = "DELETE FROM user WHERE user_name='{$_POST['user']}'";
    $result = mysqli_query($conn, $sql);
    if (!$result) {
        die('Could not delete data: ' . mysqli_error());
    }
}

if (!empty($_POST['studentName']) AND ! empty($_POST['studentSurname'])) {
    $sql = "DELETE FROM user WHERE name='{$_POST['studentName']}' AND surname='{$_POST['studentSurname']}'";
    $result = mysqli_query($conn, $sql);
    if (!$result) {
        die('Could not delete data: ' . mysqli_error());
    }
}

答案 2 :(得分:1)

您在SQL查询中犯了错误。请写下面的查询。

DELETE FROM user WHERE user_name ='“。$ userName。”';以适当的报价格式。您必须在匹配条件值中传递引号。在整数中,您可以作为计划文本值传递。

实施例

DELETE FROM user WHERE user_name ='pankaj';

以这种方式尝试..祝你好运

答案 3 :(得分:0)

  <?php
$conn = mysqli_connect('localhost', 'root', '', 'student');

$userName=$_POST['user'];
$userId=$_POST['id'];
$studentName=$_POST['studentName'];
$studentSurname=$_POST['studentSurname'];

if(!empty($userId)){

var_dump($userId);
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_id=$userId";

$result=mysqli_query($conn,$sql);
if(! $result )
{
  die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";

}

else if(!empty($userName)){

ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_name='$userName'";

$result=mysqli_query($conn,$sql);
if(! $result )
{
  die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";


}

else if(!empty($studentName)and !empty($studentSurname)){

ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE name='$studentName' AND surname='$studentSurname'";

$result=mysqli_query($conn,$sql);
if(! $result )
{
  die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/


}

else{

echo "You have not completed any field!";
}

?>

Faruk启发

相关问题
最新问题