PHP / SQL语句输出错误

时间:2017-05-29 13:37:44

标签: php mysql database

我仍然在一个有电影数据库的网站上工作。我遇到的问题是,我从数据库中删除电影的SQL语句没有被执行。我有两个页面,一个页面用户可以看到电影,另一个页面有一个单击删除按钮时执行的代码。

以下是概述中其中一部电影的信息代码,因为其他电影的代码大致相同:

    <div><tr><td><div style="width: 200px; height:296px; margin-top: 50px">
    <div class="image-hover">
    <img src="img/deadpool.jpg" width="200px" height="296px"/>
    <span class="desc"><div class="filmtitle"><?php
    $sql1a = "SELECT title FROM films WHERE film_id = '1'";
    $result = $mysqli->query($sql1a);
    if (mysqli_num_rows($result) > 0) {
    // output data of each row
    while($row = mysqli_fetch_assoc($result)) {
    echo $row["title"] ;}}?></div>
   <div style="font-size:8px; text-transform:uppercase; color:#000;">
    <div class="black"><div class="filmdiscription"><b>Samenvatting: </b> <?
    php
    $sql1b = "SELECT description FROM films WHERE film_id = '1'";
    $result = $mysqli->query($sql1b);
    if (mysqli_num_rows($result) > 0) {
      // output data of each row
      while($row = mysqli_fetch_assoc($result)) {
     echo $row["description"];}
    }

    ?>
    <div style="font-size:8px; text-transform:uppercase; color:#000;">
    <div class="black2"><div class="yearrating"><b>Jaar: </b> <?php
    $sql1c = "SELECT release_year FROM films WHERE film_id = '1'";
    $result = $mysqli->query($sql1c);
    if (mysqli_num_rows($result) > 0) {
    // output data of each row
    while($row = mysqli_fetch_assoc($result)) {
     echo $row["release_year"];}
    }?>
    <div style="font-size:8px; text-transform:uppercase; color:#000;">
    <div class="black2"><div class="yearrating" ><b>Rating (0-5): </b> <?php
    $sql1d = "SELECT rating FROM films WHERE film_id = '1'";
    $result = $mysqli->query($sql1d);
    if (mysqli_num_rows($result) > 0) {
    // output data of each row
    while($row = mysqli_fetch_assoc($result)) {
     echo $row["rating"];}
    }?>
    </div>
    <div class="black2"><div class="yearrating">
    <a class="alert" href="deletemovie.php?id='.$row['film_id'].'" ></i> 
    Delete <?php '</a>'?> <center>
        </span>
    </div></div>
    </div></div>

&#39; deletemovie.php&#39;的代码:

<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="style.css"/>
</head>

<?php
session_start(); //De sessie wordt gestart.
function is_logged() {
if (isset($_SESSION['username'])) return true;
return false; //Er wordt gekeken of de gebruikersnaam correct is.
}
if(!is_logged()){
header("Location: sign-in.php"); //Als de gebruiker naar overzichtlogin.php 
gaat, zonder dat hij of zij is ingelogd, worden ze doorgestuurd naar de 
login pagina.
}

require_once('db_const.php'); //De gegevens voor de database verbinding 
worden in 1 centraal bestand opgehaald.
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if  (!$mysqli){
die("Connection failed: ".mysqli_connect_error()); //Als de verbinding niet 
lukt zal deze niet werken.
}

?>

<?php $current = 'delete'; ?> <!-- Om aan te geven dat men zich op de 
beveiligde overzichtspagina bevindt, wordt gebruik gemaakt van deze 
variabele. Current krijgt nu de waarde 'secured', waardoor de button waar 
'secured' staat een kleur krijgt. -->

<body>

<div class="header">
<?php
if(isset($_SESSION['username'])){
require_once("headersecured.php"); //Indien de gebruiker ingelogd is, wordt 
'headersecured.php' gebruikt als header.
}else{
require_once("header.php"); //Indien de gebruiker niet is ingelogd, wordt 
header.php gebruikt als header.
}
?>
</div>

 <?php
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);


$id = $_GET["id"]; //Het ID van de film wordt opgehaald.

$sql = "DELETE FROM films WHERE film_id = $id"; //De film waarbij het ID 
hoort wordt verwijderd uit de database.

?>

<?php

   if (mysqli_query($mysqli, $sql)) { //Zorgt ervoor dat de film wordt 
verwijderd.
  echo "Succesvol verwijderd!"; //Laat zien dat de film verwijderd is uit de 
database.
  echo "<br>"; // Witruimte
  echo "<a href='overzichtlogin.php'>Terug naar de vorige pagina.</a>"; 
//Door op deze link te klikken gaat de gebruiker terug naar de 
overzichtspagina.
  } else {
  echo "Error: " . $sql . "<br>" . mysqli_error($mysqli); //Indien het 
verwijderen niet goed is gegaan, wordt er een foutmelding getoond.
  }
?>


<div class="footer">
<?php include 'footer.php';?> <!-- de footer wordt opgehaald -->
</div>

</body>
</html>

当有人点击&#39;删除&#39;在概述中,电影应该从数据库中删除。单击时会出现错误:

  

错误:DELETE FROM films WHERE film_id =&#39;。$ row [&#39; film_id&#39;]。&#39;   您的SQL语法有错误;查看与您的MySQL服务器版本相对应的手册,以便在&#39; film_id&#39;]附近使用正确的语法。&#39;&#39;在第1行&#34;

我的代码应该更改什么?

2 个答案:

答案 0 :(得分:0)

你缺少php打开/关闭标签。尝试更改此行:

<a class="alert" href="deletemovie.php?id='.$row['film_id'].'" ></i> 


<a class="alert" href="deletemovie.php?id=<?php echo $row['film_id']; ?>" ></i>

或更短的方式:

<a class="alert" href="deletemovie.php?id=<?= $row['film_id']; ?>" ></i>

在查询中使用参数以避免SQL注入。

答案 1 :(得分:0)

错误消息告诉您问题的起始位置,即:

<a class="alert" href="deletemovie.php?id='.$row['film_id'].'" ></i> 
    Delete <?php '</a>'?>

具体在:

'.$row['film_id'].'

您使用纯文本文档,因此PHP不会与之交互。你需要这样做:

<a class="alert" href="deletemovie.php?id=<?php echo $row['film_id']; ?>" ></i>

我也不清楚为什么你希望PHP在那里生成关闭元素,但你需要一个echo来输出任何东西(或print)。

    Delete <?php echo '</a>';?>

运行后,您会收到undefined index错误,因为您从未在film_id中选择select

SELECT rating, film_id FROM films WHERE film_id = '1'

您还应该使用参数化查询并合并您的查询。

选择:

SELECT description, release_year, rating FROM films WHERE film_id = '1'


SELECT description, release_year, rating, film_id FROM films WHERE film_id = '1'

如果你想在返回时使用film_id索引,我觉得你已经知道了,或者你不应该有where条款。

您的删除应该是:

$sql = "DELETE FROM films WHERE film_id = ?";

然后绑定$id

在此处阅读更多内容,http://php.net/manual/en/mysqli.quickstart.prepared-statements.php

相关问题
最新问题