management.php是在PHP中通过表获取信息的代码。php是删除信息的代码。我使用mysql_fetch_array来显示所有数据,并且在每个信息旁边都有一个要删除的herf回显数据库中的数据
当我删除时,里面没有错误。但是数据库信息还没有删除。
management.php
$con1 = mysql_connect("127.0.0.1","root","password");
mysql_select_db("babytradeapps");
$sql1 = "Select LoginID , Password , Permission
from loginacc where Permission = 2 ";
$results = mysql_query($sql1,$con1);
echo "<tr><th>會員帳號</th></tr>";
echo "<table border=5 cellpadding=10>";
echo "<tr><th></th><th>帳號</th><th>密碼</th><th>權限</th><th></th><th></th></tr>";
while($row = mysql_fetch_array($results)) {
echo "<tr><td>
<a href='searchtable.php?lid=$row[0]'>get information</a></td><td>$row[0]</td><td><input type=text id='row1' name='row1' value='$row[1]' /></td>
<td>$row[2]</td><td>
<a href='searchtable.php?lid=$row[0]'>Change</a></td><td>
<a href='managementdel.php?lid=$row[0]'>Delete</a></td></tr>";
}
echo "</table>";
managementdel.php
<?php
$ac = $_GET['rowname'];
$con = mysql_connect("127.0.0.1","root","password");
mysql_select_db("babytradeapps");
$sql = "delete from loginacc where LoginID = '$ac'";
if(mysql_query($sql))
{
echo '<meta http-equiv=REFRESH CONTENT=2;url=management.php>';
}
else
{
echo 'fail!';
echo '<meta http-equiv=REFRESH CONTENT=2;url=management.php>';
}
echo mysql_error()
?>
你的脚本有很多问题,我不会全部解决。我要做的是回答你的问题,你问这是:"为什么它不会从数据库中删除。"
你的脚本有什么问题:
- 使用已折旧的
mysql_*
库(参见下面的注释) - 使用
meta refresh
来重定向而不是header('Location: link');
- 未消毒用户输入->
$_GET['lid']
. - 向表中提交用户密码。(希望不存储为明文)
如前所述,您试图得到:
$_GET['rowname']
发送lid
-> managementdel.php?lid=$row[0]
时。你必须把它改成:
$ac = $_GET['lid'];
指出
图书馆贬值,请远离mysql_*
函数
使用以下两个中的任意一个来代替:
- PDO
- mysql预处理语句
如果你不打算这样做,至少试着清理你的用户输入,以防止SQL注入。
使用像intval()
和mysql_real_escape_string()
这样的函数会帮助你,但不会像PDO/mysqli那样全面。
在managementdel.php文件中代替
$ac = $_GET['rowname'];
应该有
$ac = $_GET['lid'];
Try
management.php
<?php
$con1 = mysql_connect("127.0.0.1","root","password");
mysql_select_db("babytradeapps");
$sql1 = "Select LoginID , Password , Permission
from loginacc where Permission = 2 ";
$results = mysql_query($sql1,$con1);
echo "<tr><th>會員帳號</th></tr>";
echo "<table border=5 cellpadding=10>";
echo "<tr><th></th><th>帳號</th><th>密碼</th><th>權限</th><th></th><th></th></tr>";
while($row = mysql_fetch_array($results)) {
echo "<tr><td>
<a href='searchtable.php?lid= " . $row[0] . "'>get information</a></td><td>" . $row[0] . "</td><td><input type=text id='row1' name='row1' value='" . $row[1] . "' /></td>
<td>" . $row[2] . "</td><td>
<a href='searchtable.php?lid=" . $row[0] . "'>Change</a></td><td>
<a href='managementdel.php?lid=" . $row[0] . "'>Delete</a></td></tr>";
}
echo "</table>";
?>
managementdel.php
<?php
$ac = $_GET['lid'];
$con = mysql_connect("127.0.0.1","root","password");
mysql_select_db("babytradeapps");
$sql = "delete from loginacc where LoginID = '$ac'";
if(mysql_query($sql))
{
echo '<meta http-equiv=REFRESH CONTENT=2;url=management.php>';
}
else
{
echo 'fail!';
echo '<meta http-equiv=REFRESH CONTENT=2;url=management.php>';
}
echo mysql_error()
?>