我刚刚将页面从mysql迁移到msqli。现在,删除数据令人困惑。这是我在Admin_Delete.php 中的代码
require 'Connect.php';
$id = intval($_GET['id']);
$query = "DELETE * FROM student_information WHERE student_id='$_GET[id]'";
// not using return value, and add some debug info
mysqli_query($query) or die(mysql_error().PHP_EOL.$query);
// let's see if anything actually happened...
$rowsDeleted = mysqli_affected_rows();
if($rowsDeleted == 0) {
error_log("Nothing deleted for this query:".PHP_EOL.$query);
}
echo "<script language='javascript' type='text/javascript'>alert('$rowsDeleted row(s) deleted!')</script>";
echo "<script language='javascript' type='text/javascript'>window.open('Admin_Home.php','_self')</script>";
?>
这是我修复这些问题的配置。Connect.php
<?php
$host = "localhost";
$dbusername = "root";
$dbpassword = "123456";
$dbname = "student";
$link_id = mysqli_connect($host,$dbusername,$dbpassword,$dbname) or die("Error " . mysqli_error($link_id));
?>
几个问题。
对mysql_error的引用应为mysqli_error($link_id)。
对mysqli_query的引用应为mysqli_query($link_id, $query)。
对mysqli_affected_rows的引用应为mysqli_affected_rows($link_id)
此外,您使用了intval从$_get中获取整数值,但在SQL文本中使用了对$_get的引用。如果您不打算使用准备好的语句,那么您应该使用mysqli_real_escape_string函数使潜在的"不安全"值"安全"地包含在SQL文本中。
$sql = " ... WHERE id='" . mysqli_real_escape_string($link_id, $id) . "'";
DELETE语句的语法不正确。要么省略*
DELETE FROM student_information WHERE ...
或者用表引用或表别名限定*
DELETE s.* FROM student_information s WHERE ...