有人可以帮助下面的代码吗?我有表数据,可以让用户点击按钮删除该行。我得到错误说"未定义的索引:tenant_id" ,未定义的变量:行。以下是delete.php和pg-t-payment-view.php脚本:
<?php
$db = pg_connect("host=10.0.32.204 port=5432 dbname=postgres user=postgres password=postgres");
$id = $_POST['tenant_id'];
$sql2 ="DELETE FROM payment_ref_tenancy WHERE tenant_name = '$id'";
$result = pg_query($sql2);
$cmdtuples = pg_affected_rows($result);
echo $cmdtuples . " record affected.\n";
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
}
pg_close();
header('location:pg-t-payment-view.php');
?>
------------- pg-t-payment-view.php脚本
<div class="box-body table-responsive no-padding">
<?php
$db = pg_connect("host=10.0.32.204 port=5432 dbname=postgres user=postgres password=postgres");
$sql2 ="select tenant_id,to_char(last_update_time, 'MM-dd-yyyy HH24:MI') as last_update_time , tenant_name, tenant_cost_category, invoice_no,tenant_agreed_cost,
to_char(submission_date, 'MM-dd-yyyy') as submission_date,to_char(cpr_submission_to_finance, 'MM-dd-yyyy') as cpr_submission_to_finance,io,cheque_no
FROM payment_ref_tenancy order by insert_datetime desc limit 10";
$result = pg_query($db,$sql2);
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
}
pg_close();
echo "<table class='table table-hover table-striped'>";
echo "<th align='center' >Date</th>";
echo "<th align='center' >Payee</th>";
echo "<th align='center' >Category</th>";
echo "<th align='center' >Cost (RM)</th>";
echo "<th align='center' >Invoice No</th>";
echo "<th align='center' >Payment Submission Date</th>";
echo "<th align='center'>CPR Submission to Finance</th>";
echo "<th align='center'>IO</th>";
echo "<th align='center'>Cheque No</th>";
echo "<th align='center' div style ='color:#ff0000'>Action</th>";
echo "<th align='center'></th>";
echo "<th align='center'></th>";
while($row=pg_fetch_assoc($result))
{ $id = $row['tenant_id'];
echo "<tr>";
echo "<td>" . $row['last_update_time'] . "</td>";
echo "<td>" . $row['tenant_name'] . "</td>";
echo "<td>" . $row['tenant_cost_category'] . "</td>";
echo "<td>" . $row['tenant_agreed_cost'] . "</td>";
echo "<td>" . $row['invoice_no'] . "</td>";
echo "<td>" . $row['submission_date'] . "</td>";
echo "<td>" . $row['cpr_submission_to_finance'] . "</td>";
echo "<td>" . $row['io'] . "</td>";
echo "<td>" . $row['cheque_no'] . "</td>";
echo "<td><a href='pg-t-payment-edit.php'>Edit</a></td>";
echo "<td><a href='delete.php?id=$id'><input type='hidden' name='id' value=$id>Delete</a></td>";
echo "</tr>";}
echo "</table>";
&GT?;
答案 0 :(得分:0)
尝试在使用从数据库获取的数据后,在pg_close();中移动pg-t-payment-view.php。
所以基本上在这个循环执行之后:while($row=pg_fetch_assoc($result))
更改您在删除按钮中传递的参数名称,以反映列名称或更改delete.php您如何获得ID。
<div class="box-body table-responsive no-padding">
<?php
$db = pg_connect("host=10.0.32.204 port=5432 dbname=postgres user=postgres password=postgres");
$sql2 ="select tenant_id,to_char(last_update_time, 'MM-dd-yyyy HH24:MI') as last_update_time , tenant_name, tenant_cost_category, invoice_no,tenant_agreed_cost,
to_char(submission_date, 'MM-dd-yyyy') as submission_date,to_char(cpr_submission_to_finance, 'MM-dd-yyyy') as cpr_submission_to_finance,io,cheque_no
FROM payment_ref_tenancy order by insert_datetime desc limit 10";
$result = pg_query($db,$sql2);
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
pg_close();
exit();
}
echo "<table class='table table-hover table-striped'>";
echo "<th align='center' >Date</th>";
echo "<th align='center' >Payee</th>";
echo "<th align='center' >Category</th>";
echo "<th align='center' >Cost (RM)</th>";
echo "<th align='center' >Invoice No</th>";
echo "<th align='center' >Payment Submission Date</th>";
echo "<th align='center'>CPR Submission to Finance</th>";
echo "<th align='center'>IO</th>";
echo "<th align='center'>Cheque No</th>";
echo "<th align='center' div style ='color:#ff0000'>Action</th>";
echo "<th align='center'></th>";
echo "<th align='center'></th>";
while($row=pg_fetch_assoc($result))
{ $id = $row['tenant_id'];
echo "<tr>";
echo "<td>" . $row['last_update_time'] . "</td>";
echo "<td>" . $row['tenant_name'] . "</td>";
echo "<td>" . $row['tenant_cost_category'] . "</td>";
echo "<td>" . $row['tenant_agreed_cost'] . "</td>";
echo "<td>" . $row['invoice_no'] . "</td>";
echo "<td>" . $row['submission_date'] . "</td>";
echo "<td>" . $row['cpr_submission_to_finance'] . "</td>";
echo "<td>" . $row['io'] . "</td>";
echo "<td>" . $row['cheque_no'] . "</td>";
echo "<td><a href='pg-t-payment-edit.php'>Edit</a></td>";
echo "<td><a href='delete.php?tenant_id=$id'><input type='hidden' name='id' value=$id>Delete</a></td>";
echo "</tr>";}
pg_close();
echo "</table>";
?>
更改delete.php如何获取和使用ID。如果您的tenant_id是整数,则可以省略DELETE查询中的引号。
<?php
$db = pg_connect("host=10.0.32.204 port=5432 dbname=postgres user=postgres password=postgres");
$id = $_GET['tenant_id'];
$sql2 ="DELETE FROM payment_ref_tenancy WHERE tenant_id = '$id'";
$result = pg_query($sql2);
$cmdtuples = pg_affected_rows($result);
echo $cmdtuples . " record affected.\n";
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
}
pg_close();
header('location:pg-t-payment-view.php');
?>
您知道,这段代码可能是SQL Injected,如果不受信任的人会使用它,这就是安全问题。