我有一个表,我需要使用php编辑/删除sql数据库的行。问题(与时间一样古老的故事)是删除/编辑功能都不能正确工作。我没有得到任何错误消息,所以我花了几个小时梳理代码,在谷歌上搜索和搜索其他类似的问题,但没有任何问题真正解决我的具体问题。
我可能少了一个引号或类似的东西,但如果能给点提示就太好了。
这是我的编辑代码:
//if the 'id' variable is set in the URL, we know that we need to edit a record
if (isset($_GET['GroomingID']))
{
//if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
//make sure the 'id' in the URL is valid
if (is_numeric($_POST['GroomingID']))
{
//get variables from the URL/form
$GroomingID = $_POST['GroomingID'];
$firstName = htmlentities($_POST['FirstName'], ENT_QUOTES);
$lastName = htmlentities($_POST['LastName'], ENT_QUOTES);
//check that firstname and lastname are both not empty
if ($firstName == '' || $lastName == '')
{
//if they are empty, show an error message and display the form
$error = 'ERROR: Please fill in all required fields';
renderForm($firstName, $lastName, $error, $GroomingID);
}
else
{
//if everything is fine, update the record
if($stmt = $link->prepare("UPDATE grooming SET FirstName = ?, LastName = ? WHERE GroomingID=?"))
{
$stmt->bind_param("ssi", $firstName, $lastName, $GroomingID);
$stmt->execute();
$stmt->close();
}
//show an error message if the query encounters an error
else
{
echo "Error: could not preapre sql statement.";
}
//redirect the user once the form is updated
header("Location: PS_Manage_Appnts.php");
exit();
}
}
//if the 'id' variable isn't valid, show error message
else
{
echo "Error";
}
}
//if the form hasn't been submitted yet, get the info from the database and show the form
else
{
//make sure the 'id' value is valid
if (is_numeric($_GET['GroomingID']) && $_GET['GroomingID'] > 0)
{
//get 'id' from URL
$id = $_GET['GroomingID'];
//get the record from the database
if($stmt = $link->prepare("SELECT * FROM grooming WHERE GroomingID=?"))
{
$stmt->bind_param("i", $GroomingID);
$stmt->execute();
$stmt->bind_result($GroomingID, $firstName, $lastName);
$stmt->fetch();
//show the form
renderForm($firstName, $lastName, NULL, $GroomingID);
$stmt->close();
}
//show an error if the query has an error
else
{
echo "Error: could not prepare SQL statement.";
}
}
//if the 'id' value is not valid, redirect the user back to the PS_Manage_Appnts.php page
else {
header("location:PS_Manage_Appnts.php");
exit();
}
}
}
我的删除代码(与编辑代码分开):
<?php
//connect to the database
include ("newDBconn.php");
//confirm that the 'id'(in this case, 'GroomingID') variable has been set
if (isset($_GET['GroomingID']) && is_numeric($_GET['GroomingID']))
{
//get the 'id' variable from the URL
$GroomingID = $_GET['GroomingID'];
//delete record from the database
if ($stmt = $link->prepare("DELETE FROM grooming WHERE GroomingID = '?' LIMIT 1"))
{
$stmt->bind_param("i", $GroomingID);
$stmt->execute();
$stmt->close();
}
else
{
echo "ERROR: could not prepare sql statement.";
}
$link->close();
// redirect user after delete is successful
header ("location:PS_Manage_Appnts.php");
exit();
}
else
//if the 'id' variable isn't set, redirect the user
{
header("location:PS_Manage_Appnts.php");
exit();
}
?>
<?php
//connect to db
$link = mysqli_connect('localhost', 'root', 'pwdpwd', 'pet_shop');
//check connection
if (!$link) {
printf("Connection failed: %s'n", mysqli_connect_error());
exit();
}
?>
注意:我知道msql注入,但是a)这是在我的机器上的测试,b)我想先解决这个问题。谢谢你的帮助!
编辑:我通过FireFox的Firebug运行了这个,也没有出现错误。但是,我注意到,当单击表上的'delete'链接时,firebug显示如下:
https://i.stack.imgur.com/8HlIk.png没有代码链接上面带下划线的css文件到我的删除文件(PS_delete_post.php),所以我不知道为什么它试图抓取css文件。PS_delete_post.php开头不应该有任何css链接。
EDIT2:根据Neo的建议,我已经将$firstName/$lastName变量更改为所有小写。现在,当单击"edit"时,用户将(正确地)被引导到一个空表单中输入值,但是点击submit 将添加一个新行,而不是编辑一个现有行。
您是否从Post和Get发送GroomingID ?
在更新文件中,您使用此$GroomingID = $_POST['GroomingID'];检索ID,但我不确定您是从Post发送还是仅从Get发送。