我的第一个删除用户query.php
选择的查询的页面,它运行得非常好:
<form method=post action="delete.php">
List of queries<br/>
<?php
$ebits = ini_get('error_reporting');
error_reporting($ebits ^ E_NOTICE);
mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("testdb") or die(mysql_error());
echo "<br />";
$query = "select * from queries ";
$result = mysql_query($query) or die(mysql_error());
$count=mysql_num_rows($result);
while($row = mysql_fetch_array($result))
{
print "<input type='checkbox' name='Query[]' value='"".$row['queryId']."'"> ";
echo " ". $row['name']." ". $row["address"]." ". $row["contactNo"]."
". $row["query"];
echo "<br />";
}
?>
<input type="submit" value="Delete" name="Delete">
<br/>
</form>
我已经为第二页delete.php
尝试了以下代码,但似乎什么都不起作用
代码1:
<?php
if($_POST['Delete'])
{
if(count($_POST['checkbox']) > 0) {
foreach($_POST['checkbox'] as $checkbox)
{
$del_id=$checkbox;
$sql = "DELETE * FROM queries WHERE `queryId`= '$del_id'";
$result = mysql_query($sql);
mysql_error();
}
echo "Selected Rows deleted";
} else {
$NEW="Nothing to Delete";
}
}
?>
代码2:
<?php
if(($_POST['Delete']))
{
$count=array();
$count=$_POST['checkbox'];
for($i=0;$i<count($count);$i++){
$del_id = $checkbox[$i];
$sql = "DELETE FROM queries WHERE queryId='$del_id' ";
$result = mysql_query($sql);
}
$NEW="Selected records Deleted";
}
var_dump($_POST['checkbox']);
var_dump($count);
?>
您的复选框名称是"Query",但您以$_POST['checkbox']
的身份访问它。这应该是$_POST['Query']
。
编辑根据更新的代码进行检查:
if($_POST['Delete']) {
if(count($_POST['Query']) > 0) {
foreach($_POST['Query'] as $checkbox) {
$del_id=$checkbox;
$sql = "DELETE * FROM queries WHERE queryId= '$del_id'";
$result = mysql_query($sql);
mysql_error();
}
echo "Selected Rows deleted";
}
else {
$NEW="Nothing to Delete";
}
}
取而代之的是:
$del_id=$checkbox;
这样做:
// if queryId is numeric
$del_id=intval($checkbox);
这样可以确保您使用的值是数字,而不是来自用户的潜在恶意输入。我假设queryId
是数字。如果不是,那么你需要这样做:
// if queryId is not numeric:
$del_id = mysql_real_escape_string($checkbox);
您的DELETE
语法不正确:
$sql = "DELETE * FROM queries WHERE queryId= '$del_id'";
你只想要DELETE FROM
。此外,如果queryId的值是数字,则不需要在其周围加引号:
$sql = "DELETE FROM `queries` WHERE `queryId` = $del_id";
最后,您的MySQL错误调用并没有做任何有用的事情:
mysql_error();
以下是您应该如何做到这一点,以及代码的其余部分:
if($_POST['Delete']) {
if(count($_POST['Query']) > 0) {
foreach($_POST['Query'] as $checkbox) {
$del_id= intval($checkbox);
$sql = "DELETE FROM `queries` WHERE `queryId` = $del_id";
$result = mysql_query($sql);
if(!$result) {
echo "There was an error in the query: " . mysql_error();
}
}
echo "Selected Rows deleted";
}
else {
$NEW="Nothing to Delete";
}
}