HY,
我有一个表单,从中将数据传递给php脚本,并结合用户选择,php处理查询。但是,不是根据输入验证查询,而是在第一个条件下停止,而不是评估其余条件。
贝娄是我的剧本
$userName=$_POST['user'];
$userId=$_POST['id'];
$studentName=$_POST['studentName'];
$studentSurname=$_POST['studentSurname'];
if(count($_POST)>0){
if(isset($userId)){
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_id=$userId";
$result=mysqli_query($conn,$sql);
if(! $result )
{
die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/
}
else if(isset($userName)){
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_name='$userName'";
$result=mysqli_query($conn,$sql);
if(! $result )
{
die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/
}
else(isset($studentName)and isset($studentSurname)){
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE name='$studentName' AND surname='$studentSurname'";
$result=mysqli_query($conn,$sql);
if(! $result )
{
die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/
}
}
else{
echo "You have not completed any fild!";
}
和html表单:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Delete course</title>
<script src="validateUser.js"></script>
</head>
<body>
<form action="removeuser.php" method ="post">
<table>
<tr><td>
<label for="user">User name:</label>
</td>
<td>
<input type="text" id="user" name="user"></input>
</td></tr>
<tr><td>
<label for="id">User id:</label>
</td>
<td>
<input type="text" id="id" name="id"></input>
</td></tr>
<tr><td>
<label for="studentName">Student name:</label>
</td>
<td>
<input type="text" id="studentName" name="studentName"></input>
</td></tr>
<tr><td>
<label for="studentSurname">
Student surname:</label></td><td>
<input type="text" id="studentSurname" name="studentSurname"></input>
</td></tr>
<tr><td>
<tr><td>
<tr colspan="2"><td>
<input type="submit" value="Add"/></td></tr>
</form>
</body>
</html>
我做错了什么?
我修改了查询以反映受以下内容启发的字符串输入变量:Fred-ii,Faruk,Iolka和Pankaj
问题仍然存在。我如何在seqvential顺序中评估条件,因为评估在if(isset($ userId)之后停止if if和I receive the mesage:
VAR NUM 警告:mysqli_error()只需要1个参数,0给出... 无法删除数据:
此致
答案 0 :(得分:1)
在varchar
变量附近添加引号。
$sql = "DELETE FROM user"
. " WHERE name='" . mysqli_real_escape_string($conn, $studentName) . "'"
. " AND surname='" . mysqli_real_escape_string($conn, $studentSurname) . "'";
注意:通过转义变量或使用预准备语句来避免sql注入。
答案 1 :(得分:1)
您的第一个查询没问题,因为$ userId是一个整数
$sql="DELETE FROM user WHERE user_id=$userId";
其余的quires是字符串,所以改为
$sql="DELETE FROM user WHERE user_name='$userName'";
$sql="DELETE FROM user WHERE name='$studentName' AND surname='$studentSurname'";
根据用户输入运行对应的删除查询
if (!empty($_POST['id'])) {
$sql = "DELETE FROM user WHERE user_id={$_POST['id']}";
$result = mysqli_query($conn, $sql);
if (!$result) {
die('Could not delete data: ' . mysqli_error());
}
}
if (!empty($_POST['user'])) {
$sql = "DELETE FROM user WHERE user_name='{$_POST['user']}'";
$result = mysqli_query($conn, $sql);
if (!$result) {
die('Could not delete data: ' . mysqli_error());
}
}
if (!empty($_POST['studentName']) AND ! empty($_POST['studentSurname'])) {
$sql = "DELETE FROM user WHERE name='{$_POST['studentName']}' AND surname='{$_POST['studentSurname']}'";
$result = mysqli_query($conn, $sql);
if (!$result) {
die('Could not delete data: ' . mysqli_error());
}
}
答案 2 :(得分:1)
您在SQL查询中犯了错误。请写下面的查询。
DELETE FROM user WHERE user_name ='“。$ userName。”';以适当的报价格式。您必须在匹配条件值中传递引号。在整数中,您可以作为计划文本值传递。
实施例
DELETE FROM user WHERE user_name ='pankaj';
以这种方式尝试..祝你好运
答案 3 :(得分:0)
<?php
$conn = mysqli_connect('localhost', 'root', '', 'student');
$userName=$_POST['user'];
$userId=$_POST['id'];
$studentName=$_POST['studentName'];
$studentSurname=$_POST['studentSurname'];
if(!empty($userId)){
var_dump($userId);
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_id=$userId";
$result=mysqli_query($conn,$sql);
if(! $result )
{
die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
}
else if(!empty($userName)){
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE user_name='$userName'";
$result=mysqli_query($conn,$sql);
if(! $result )
{
die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
}
else if(!empty($studentName)and !empty($studentSurname)){
ECHO 'VAR NUM'.$userId;
$sql="DELETE FROM user WHERE name='$studentName' AND surname='$studentSurname'";
$result=mysqli_query($conn,$sql);
if(! $result )
{
die('Could not delete data: '.mysqli_error());
}
echo "Deleted data successfully\n";
/*or die('Error'.mysqli_error);
echo 'Student deleted';*/
}
else{
echo "You have not completed any field!";
}
?>
受Faruk启发