如何在php中创建删除行按钮

时间:2019-06-02 16:34:34

标签: php mysql crud

我正在使用管理页面创建一个简单的联系系统。管理员可以删除邮件。我用 module.exports.countVotes = function(req, res) { console.log(req.body._id); VoteModel.find({movie_id: req.body._id}, (err, rate) => { if(err){ console.log('rate not found', err) return res.status(404).json({ message: 'failed to get movie rate' }) } else { res.status(200).json(rate); console.log(rate); } }) } 标记并提交按钮以将其发送到操作文件,但不会删除任何行。

<form>

delete.php:

<?php
while ($row = mysqli_fetch_array($result)) {

    $adminmsgn = $row['name'];
    $adminmsge = $row['email'];
    $adminmsgm = $row['msg'];
    echo("
      <form name='actions' action='delete.php' method='post'>
    <tr>
      <td style='color: white'>$adminmsgn</td>
      <td style='color: white'>$adminmsge</td>
      <td style='color: white'>$adminmsgm</td>
      <td style='color: white'><input style='text-decoration: none;color: white' class='linkButton' type='submit' value='Delete'></td></form>
    </tr>
    ");
}
?>

1 个答案:

答案 0 :(得分:1)

您的表单需要输入值,可能是隐藏值或其他值。您的表单可能看起来像这样

while($row = mysqli_fetch_array($result)){

    $adminmsgn=$row['name'];
    $adminmsge=$row['email'];
    $adminmsgm=$row['msg'];
    echo("
      <form name='actions' action='delete.php' method='post'>

      <input type='hidden' name='adminmsgn' value='$adminmsgn' >
      <input type='hidden' name='adminmsge' value='$adminmsge' >
      <input type='hidden' name='adminmsgm' value='$adminmsgm' >

    <tr>
      <td style='color: white'>$adminmsgn</td>
      <td style='color: white'>$adminmsge</td>
      <td style='color: white'>$adminmsgm</td>
      <td style='color: white'><input style='text-decoration: none;color: white' class='linkButton' type='submit' value='Delete'></td></form>
    </tr>
    ");
}

在您的delete.php中,只需添加$_POST$_REQUEST.中的变量即可 您确实对SQL injection;持开放态度,因此,请尝试在所有post变量上使用mysql_real_escape_string。您的代码现在应该像这样

<?php 
    include("connection.php");

    $adminmsgn = mysql_real_escape_string($_POST['adminmsgn']);
    $adminmsge = mysql_real_escape_string($_POST['adminmsge']);
    $adminmsgm = mysql_real_escape_string($_POST['adminmsgm']);

    mysqli_query($link,"DELETE FROM `msg` WHERE `name` = '$adminmsgn' AND `email`= '$adminmsge' AND `msg`= '$adminmsgm'");
        header("Location: http://localhost:8080/contact/admincp.php");
        ?>

未经测试,但可以正常工作

相关问题
最新问题