mysql：用php按钮删除一行

knsnq2tg 于 2021-06-21 发布在 Mysql

关注(0)|答案(1)|浏览(362)

我正在尝试为显示的行创建删除按钮。这些行是mysql数据库中的实际数据。
当我运行代码时，我可以启动会话，查看所有显示的数据。但是当我单击delete按钮时，数据库中的数据不会改变。
我怀疑是删除按钮的“值”。我不知道如何将该值与sql查询相关联。
任何帮助都将不胜感激。谢谢您！

<html>
<head>
<title>Delete Transaction</title>
</head>
<body>
<?php
session_start();
if (isset($_SESSION['Username'])) {
    $Username=$_SESSION['Username'];    
}
?>
<h2><?php echo "USER $Username LOGGED IN"; ?></h2>

<form action ="" method = "post">
<?php 

$dbc=mysqli_connect('localhost','testuser','password','Project')
 or die ("Could not Connect! \n");

$sql_query = "SELECT MemberID FROM Members WHERE Username = '$Username';";
$result1 = mysqli_query($dbc,$sql_query) or die ("error querying database");
if (mysqli_num_rows($result1) > 0 ) {
    $row = mysqli_fetch_assoc($result1);
    $mID = $row['MemberID'];
} // assigning mID as MemberID

$sql = "SELECT * FROM Sales WHERE Members_ID = '$mID' "; // Getting Members_ID in Sales Table
$result=mysqli_query($dbc,$sql) or die ("Error Querying Database");

$sql_getSalesID = "SELECT SalesID FROM Sales WHERE Members_ID ='$mID'"; // Getting SalesID
$result2 = mysqli_query($dbc,$sql_getSalesID) or die ("Error Querying Database 2");
if (mysqli_num_rows($result2) > 0 ) {
    $row = mysqli_fetch_assoc($result2);
    $SalesID = $row['SalesID'];
}

if (isset($_POST['SalesID']) and is_numeric($_POST['SalesID']))
{
    $delete =$_POST['SalesID'];
    $sql_delete="DELETE FROM Sales WHERE SalesID = '$delete'";
    $result3 = mysqli_query($dbc,$sql_delete) or die ("Error Querying Database 3");
}

echo "<table>";
echo "<tr> <th> User </th>  <th> Item </th> <th> Purchase Date </th> <th> Delete Option </th> </tr>";
while($row=mysqli_fetch_array($result)){
    echo "<tr> <td>".$row['Members_ID']."</td>
    <td>".$row['Items_ID']."</td> <td>".$row['PurchaseDate']."</td> 
    <td><button type='submit' name ='deleteTrans' value ='".$sql_delete."'> Delete </button></td>   </tr>";
}
echo "</table>";
 mysqli_close();
?>
</form>
</body>
</html>

sql mysql php Database sql-delete

来源：https://stackoverflow.com/questions/49959856/mysql-delete-a-row-with-a-php-button

1条答案

按热度按时间

kqlmhetl1#

请参阅适合您的解决方案：删除此销售与$\u得到我还添加了一个防火墙的攻击：sql注入和xss
这样地：

<html>
<head>
<title>Delete Transaction</title>
</head>
<body>
<?php
session_start();
if (isset($_SESSION['Username'])) {
    $Username=$_SESSION['Username'];    
}
?>
<h2><?= "USER $Username LOGGED IN"; ?></h2>

<form action ="" method = "post">
<?php 

$db = @new mysqli('localhost','testuser','password','Project') or die ("Could not Connect! \n");

// Protect From SQL injection & XSS
if (isset($_GET)) {
       foreach ($_GET as $key => $value) {
         $_GET[$key] = $db->real_escape_string($value);
         $_GET[$key] = htmlspecialchars(trim($value), ENT_QUOTES, "utf-8");
       }
     }

     if (isset($_POST)) {
       foreach ($_POST as $key => $value) {
         $_POST[$key] = $db->real_escape_string($value);
         $_POST[$key] = htmlspecialchars(trim($value), ENT_QUOTES, "utf-8");
       }
     }

     if (isset($_REQUEST)) {
       foreach ($_REQUEST as $key => $value) {
         $_REQUEST[$key] = $db->real_escape_string($value);
         $_REQUEST[$key] = htmlspecialchars(trim($value), ENT_QUOTES, "utf-8");
       }
     }

//Your Code
$sql_query = "SELECT MemberID FROM Members WHERE Username = '$Username';";
$result1 = $db->query($sql_query) or die ("error querying database");
if (mysqli_num_rows($result1) > 0) {
    $row = $result1->fetch_assoc();
    $mID = $row['MemberID'];
} // assigning mID as MemberID

$sql = "SELECT * FROM Sales WHERE Members_ID = '$mID' "; // Getting Members_ID in Sales Table
$result=mysqli_query($db,$sql) or die ("Error Querying Database");

$sql_getSalesID = "SELECT SalesID FROM Sales WHERE Members_ID ='$mID'"; // Getting SalesID
$result2 = $db->query($sql_getSalesID) or die ("Error Querying Database 2");
if (mysqli_num_rows($result2) > 0 ) {
    $row = $result2->fetch_assoc();
    $SalesID = $row['SalesID'];
}

// Check if click del button
if (isset($_GET['del']) && is_numeric($_GET['del']))
{
    $del = $_GET['del'];
    $sql_delete = "DELETE FROM Sales WHERE SalesID = '$del'";
    $result3 = $db->query($sql_delete) or die ("Error Querying Database 3");
}

echo "<table>";
echo "<tr> <th> User </th>  <th> Item </th> <th> Purchase Date </th> <th> Delete Option </th> </tr>";
while($row = $result->fetch_assoc()){ ?>
    <tr><td><?= $row['Members_ID']; ?></td>
    <td><?= $row['Items_ID']; ?></td> <td><?= $row['PurchaseDate']; ?></td> 
    <td><a href="?del=<?= $row['SalesID']; ?>" class ='btn btn-danger'> Delete </a></td></tr>
}
<?
echo "</table>";

?>

</form>
</body>
</html>

赞(0）回复(0）举报 2021-06-21

我来回答

mysql：用php按钮删除一行

1条答案

相关问题

热门标签

最新问答