我正在尝试制作邮政系统。 一切都很完美,但有一点我无法弄明白...... 我在数据库中有一些行,我用准备好的mysqli取出了。好吧,当我回显行的值时,它会显示正确的回声,并显示所有列(这应该是显而易见的),这很好。 SQL:
SELECT id,postby,downvotes,upvotes FROM posts
和这样的绑定结果:
bind_result($postid,$postby,$downvotes,$upvotes);
所以它正在发挥作用。他们全都退出了回声。那很好。
BUT!当我试图从准备好的mysqli中删除该表中的任何行(只有一行)时,它会删除所有行... 我删除行的代码:
DELETE FROM posts WHERE id = ?
和绑定参数如
bind_param('i',$postid);
但这会删除数据库中的所有行。我希望它只删除分配给id的那个。因此,如果从DB中提取20行,它将删除DB中的所有行...如何只删除分配给它的id的一行? 谢谢!
我必须提到我已经尝试了类似<input name='deletesomething' type='hidden' value='<php? echo $postid ?>'>的东西,然后尝试了类似
bind_param('s',$_POST['deletesomething']);
但它仍然会删除所有行。如何解决这个问题?
修改
抱歉!实际上隐藏输入的方法有效,但它非常不安全,因为用户可以更改值,它会删除不同的行......
编辑2
我的完整代码,以了解我真正想要做的事情。
<?php
$selectposts = "SELECT postby,posttxt,time,upvotes,downvotes,id FROM posts ORDER BY id DESC";
$stmt = $mysqli->prepare($selectposts);
$stmt->execute();
$stmt->bind_result($postby,$posttxt,$posttime,$upvotesdb,$downvotesdb,$postid);
$stmt->store_result();
while($stmt->fetch()){
$picturestmt = $mysqli->prepare("SELECT picture FROM members WHERE username = ?");
$picturestmt->bind_param('s', $postby);
$picturestmt->execute();
$picturestmt->bind_result($picture);
while($picturestmt->fetch()){
if(empty($picture)){
$profpicturefromdb = " <img src='profile_pictures/public_icon.png' width='25' height='25' class='fxdmimg'>";
} else {
$profpicturefromdb = " <img width='25' class='fxdmimg' height='25' src='profile_pictures/".$picture."' alt='Profile Picture'>";
}
}
echo
"<p><center><div class='postdv'>
<b>".$profpicturefromdb."
<a href='http://www.fregbind.16mb.com/".$postby.".php'><h3>".$postby."</h3></a></b><font color='#000'>
[ ".$posttime." ] </font>";
if($_SESSION['username'] == $postby){
echo"<label for='pedform'><img src='pictures/ped.png' rel='icon' width='15' height='15' class='icnimg'></label>
<label for='xdelform'><img src='pictures/xdel.png' rel='icon' width='15' height='15' class='icnimg'></label>
<div class='hidden'><form method='POST'><input id='pedform' type='submit'></form>
<form method='POST'><input type='submit' id='xdelform'></form></div>";
}
echo "<hr class='hrgray'><br>
<font color='#000'>".$posttxt."</font><p>";
$votestmt = $mysqli->prepare("SELECT upvotes, downvotes FROM posts WHERE id = ?");
$votestmt->bind_param('i',$postid);
$votestmt->execute();
$votestmt->bind_result($upvotes,$downvotes);
$votestmt->store_result();
while($votestmt->fetch()){
if(isset($_POST['voteup'])){
echo $postid;
$onevalue = "1";
$makeitplusone = $upvotes + $onevalue;
$addvote = $mysqli->prepare("UPDATE posts SET upvotes = ? WHERE id = ?");
$addvote->bind_param('si',$makeitplusone,$postid);
$addvote->execute();
}
echo"<form method='POST'><input type='submit' name='voteup' class='voteup' value='Up'><font color='#00CC00'> ".$upvotes." </font>
<input type='submit' name='votedown' class='votedown' value='Down'> <font color='#FF4747'>".$downvotes." </font>
</form>
</center>
</div>";
}
}
?>
这是一个略有不同的代码。没有太大的不同,但这只需要在点击时将upvote的值更改为+1,但是它会将所有行更新为+1 ...
编辑3
我们正在谈论这一部分:
$votestmt = $mysqli->prepare("SELECT upvotes, downvotes FROM posts WHERE id = ?");
$votestmt->bind_param('i',$postid);
$votestmt->execute();
$votestmt->bind_result($upvotes,$downvotes);
$votestmt->store_result();
while($votestmt->fetch()){
if(isset($_POST['voteup'])){
echo $postid;
$onevalue = "1";
$makeitplusone = $upvotes + $onevalue;
$addvote = $mysqli->prepare("UPDATE posts SET upvotes = ? WHERE id = ?");
$addvote->bind_param('si',$makeitplusone,$postid);
$addvote->execute();
}
echo"<form method='POST'><input type='submit' name='voteup' class='voteup' value='Up'><font color='#00CC00'> ".$upvotes." </font>
<input type='submit' name='votedown' class='votedown' value='Down'> <font color='#FF4747'>".$downvotes." </font>
</form>
答案 0 :(得分:0)
我不确定这段代码究竟是做什么的,但尝试这一点(第38和49行是修改)......
<?php
$selectposts = "SELECT postby,posttxt,time,upvotes,downvotes,id FROM posts ORDER BY id DESC";
$stmt = $mysqli->prepare($selectposts);
$stmt->execute();
$stmt->bind_result($postby,$posttxt,$posttime,$upvotesdb,$downvotesdb,$postid);
$stmt->store_result();
while($stmt->fetch()){
$picturestmt = $mysqli->prepare("SELECT picture FROM members WHERE username = ?");
$picturestmt->bind_param('s', $postby);
$picturestmt->execute();
$picturestmt->bind_result($picture);
while($picturestmt->fetch()){
if(empty($picture)){
$profpicturefromdb = " <img src='profile_pictures/public_icon.png' width='25' height='25' class='fxdmimg'>";
} else {
$profpicturefromdb = " <img width='25' class='fxdmimg' height='25' src='profile_pictures/".$picture."' alt='Profile Picture'>";
}
}
echo
"<p><center><div class='postdv'>
<b>".$profpicturefromdb."
<a href='http://www.fregbind.16mb.com/".$postby.".php'><h3>".$postby."</h3></a></b><font color='#000'>
[ ".$posttime." ] </font>";
if($_SESSION['username'] == $postby){
echo"<label for='pedform'><img src='pictures/ped.png' rel='icon' width='15' height='15' class='icnimg'></label>
<label for='xdelform'><img src='pictures/xdel.png' rel='icon' width='15' height='15' class='icnimg'></label>
<div class='hidden'><form method='POST'><input id='pedform' type='submit'></form>
<form method='POST'><input type='submit' id='xdelform'></form></div>";
}
echo "<hr class='hrgray'><br>
<font color='#000'>".$posttxt."</font><p>";
if($_POST['upvoteid'] == $postid && isset($_POST['voteup'])){
echo 'This:' . $_POST['upvoteid'] . ':equals:' . $postid . '.';
$addvote = $mysqli->prepare("UPDATE posts SET upvotes = upvotes + 1 WHERE id = ?");
$addvote->bind_param('i',$postid);
$addvote->execute();
}
echo"<form method='POST'>
<input type='submit' name='voteup' class='voteup' value='Up'><font color='#00CC00'> ".$upvotes." </font>
<input type='submit' name='votedown' class='votedown' value='Down'> <font color='#FF4747'>".$downvotes." </font>
<input name='upvoteid' type='hidden' value='$postid'>
</form>
</center>
</div>";
}
}
?>
这样您只能运行已提交的更新。以前您正在检查是否设置了为每条记录设置的字段。