PHP搜索和删除

时间:2018-03-24 23:48:28

标签: php mysql

我已按照人们的建议更改了代码,但我的删除按钮无法正常工作。 empID是VARCHAR,而不是INT 当我搜索一串字母时,我希望它完成的方式我会得到一个包含该字符串的员工列表,然后选择一些复选框,当按下按钮时,他们将从数据库中删除,而不是从列表中删除选择的仍然会留在那个页面上。    在此先感谢您的帮助!!! 

<!DOCTYPE html>
    <html>
    <head>
    <meta charset="utf-8">
    <title>Delete Record</title>
    <link rel="stylesheet" href="style1.css" />
    <style>dialog{margin-left:100px}
    select { font-size:24px;}</style>
    </head>
    <body>
        <div class="header">
            <h2>List of the employees with the name entered</h2>
        </div>
        <form name="action_form" action="" method="post" />
        <div class="input-group">
            <input type="text" name="name" placeholder="Employee name" />
        </div>
        <button type="submit" class="btn" name="submit">SEARCH</button>
        <?php
        require('db.php');
        $errors = array(); 
        if(isset($_POST["name"])&&!empty($_POST["name"]))
            {
        $name=$_POST['name'];
        $sqlResult=mysqli_query($con, "SELECT * FROM Employee WHERE empName LIKE '%$name%'");
        if (mysqli_num_rows($sqlResult) > 0) 
            {
            echo "<table>";
            while($row=mysqli_fetch_assoc($sqlResult))
                {
                echo "<tr>";
                echo "<td>"; ?><input type= 'checkbox' name='num[]' value='<?php echo $row['empID'] ?>'/><?php echo "</td>";
                echo "<td>".$row['empID']."</td>";
                echo "<td>".$row['empName']."</td>";
                echo "<td>".$row['deptNo']."</td>";
                echo "<td>".$row['addCounty']."</td>";
                echo "<td>".$row['salary']."</td>";
                echo "</tr>";
                }
            echo "</table>";     
            }
        if(isset($_POST['delete'])&&(!empty($_POST['num'])))
            {
            $list = array();  
            $list = $_REQUEST['num'];
            foreach($list as $delID)
                {
                $sqlResult = mysqli_query($con,"DELETE FROM employee WHERE empID LIKE '$delID'");
                }
            }
        }
    ?>
        <div class="input-group">
        <label>Please choose the person from the list below</label>
    </div>
        <div class="input-group">
            <button type="submit" class="btn" name="delete">FIRE SELECTED</button><br><br>
            <button type="reset" class="btn" name="reset">RESET</button><br><br>
            <a href = "index.php">Back to the Menu</a>
            </div>
        </form>
    </body>
    </html>

3 个答案:

答案 0 :(得分:1)

试试这个:

 if(isset($_POST["name"])&&!empty($_POST["name"]))
{
$name=$_POST['name'];
$sqlResult=mysqli_query($con, "SELECT * FROM Employee WHERE empName 
LIKE '%$name%'")
}

答案 1 :(得分:0)

看起来你应该将$ delId包装在&#34;%&#34;

所以你的删除查询应如下所示:

$sqlResult = mysqli_query($con,"DELETE FROM employee WHERE empID LIKE '%$delID%'")

另外请记住,like语句将删除id与任何其他id一样的任何行。您可以考虑将其更改为:

$sqlResult = mysqli_query($con,"DELETE FROM employee WHERE empID = '$delID' ")

要记住的另一件事是你应该考虑使用参数化查询来防止sql注入。阅读本文了解更多详情:

What is parameterized query?

答案 2 :(得分:0)

错误的原因(未定义变量$ name)是因为您只在设置ObjectInputStream in; // e.g. get from a socket in.setObjectInputFilter(new ObjectInputFilter() { public Status checkInput(FilterInfo fi) { if (fi.references() > 1000) return Status.REJECTED; return Status.UNDECIDED; } }); 时在“if”语句中设置$name,但是您正在运行该行:

$_POST['name']

每次加载页面。因为您在SQL字符串中使用了$ name,但并不总是声明它,所以会出现错误。

我发现您的代码有点难以阅读,但我想您可能只想将$sqlResult = mysqli_query($con, "SELECT * FROM Employee WHERE empName LIKE '%$name%'"); 行放在“if”语句中。

mysqli_query()
相关问题
最新问题