1

我想扩展我的 PHP 技能,所以我通读了关于 tutorialzine 的教程。我理解教程中的说明。但是当谈到扩展它时,我似乎缺乏联系。我的主要目标是在单击标签时简单地删除选定的笔记。但是我不知道如何选择分配给便笺的 id 以便能够将其传递给我的删除功能。

来源:http ://tutorialzine.com/2010/01/sticky-notes-ajax-php-jquery/

谢谢您的帮助。

<?php
error_reporting(E_ALL^E_NOTICE);
require 'connect.php';
mysql_query("DELETE FROM notes WHERE id>3 AND dt<SUBTIME(NOW(),'0 1:0:0')");
$query = mysql_query("SELECT * FROM notes ORDER BY id DESC");

$notes = '';
$left='';
$top='';
$zindex='';

while($row=mysql_fetch_assoc($query)){
    list($left,$top,$zindex) = explode('x',$row['xyz']);
    $notes.= '
        <div class="note '.$row['color'].'" style="left:'.$left.'px;top:'.$top.'px;z-index:'.$zindex.'">
            '.htmlspecialchars($row['text']).'
            <div class="author">'.htmlspecialchars($row['name']).'</div>
            <span class="data">'.$row['id'].'</span>
            <a id="remove_note" href="javascript:;" onclick="deleteNote('<? echo $row['id']; ?>');">&nbsp;</a>
        </div>';
}
function deleteNote(id){
    $sql="DELETE FROM notes WHERE id='$rows['id']'";
    $result=mysql_query($sql) or die("Error when tryin to delete note.");
}
?>

更新:

我一直在玩这个以及 Andrew 和 sachleen 提供的答案。由于您提到了整个 SQL 注入问题,因此不打算研究 AJAX 替代方案。但是我仍然在将 id 传递给 remove.php 文件时遇到问题。我相信这与 $notes 如何从数据库创建信息有关。

我这样说是因为我得到: Parse error: syntax error, unexpected T_STRING in /home/avonamyd/public_html/projects_php/sticky_notes/demo.php on line 24

只有当我包含来自 sachleen 的代码时。但是当我更新它以考虑单引号时,我有以下代码。id 存在并传递给 remove.php 文件,但我仍然收到错误消息。这是我使用我的代码或您提供的代码的时候。

        $notes.= '
        <div class="note '.$row['color'].'" style="left:'.$left.'px;top:'.$top.'px;z-index:'.$zindex.'">
            '.htmlspecialchars($row['text']).'
            <div class="author">'.htmlspecialchars($row['name']).'</div>
            <span class="data">'.$row['id'].'</span>
            <a id="remove_note" target="_blank" href="remove.php?id='.$row['id'].'">&nbsp;</a>
        </div>';

以下是我目前在 remove.php 文件中的内容:

<?php
include 'connect.php';
$_GET['id'];
function deleteNote($id){
    $sql="DELETE FROM notes WHERE id='$id'";
}
    $result=mysql_query($sql) or die("Error when tryin to delete note.");

?>

更新

我在整个 remove.php 中添加了额外的 echo 行,这就是我想出的。

<?php
include 'connect.php';
$_GET['id'];
echo  $id; --doesnt show
function deleteNote($id){
    echo "hello"; --doesnt show
    $sql="SELECT FROM notes WHERE id='$id'";
}
echo  'hello2'; --shows
$result=mysql_query($sql) or die("Error when tryin to delete note.");

?>

更新: 感谢大家对这个项目的帮助,经过一些修补后,我终于得到了可以在脑海中点击的概念。我将为偶然发现此代码的其他人发布下面的功能代码。=D 谢谢大家!

演示.php

    error_reporting(E_ALL^E_NOTICE);
require 'connect.php';
mysql_query("DELETE FROM notes WHERE id>3 AND dt<SUBTIME(NOW(),'0 1:0:0')");
$query = mysql_query("SELECT * FROM notes ORDER BY id DESC");

$notes = '';
$left='';
$top='';
$zindex='';

while($row=mysql_fetch_assoc($query)){
    list($left,$top,$zindex) = explode('x',$row['xyz']);
    $id = $row['id'];
    $notes.= '
        <div class="note '.$row['color'].'" style="left:'.$left.'px;top:'.$top.'px;z-index:'.$zindex.'">
            '.htmlspecialchars($row['text']).'
            <div class="author">'.htmlspecialchars($row['name']).'</div>
            <span class="data">'.$row['id'].'</span>
            <a id="remove_note" target="_blank" href="remove.php?id='.$row['id'].'">&nbsp;</a>
        </div>';
}

删除.php

<?php
include 'connect.php';
$id = intval($_GET['id']);
$sql="DELETE FROM notes WHERE id=$id";
$result = mysql_query($sql) or die("Unable to delete database entry.");

?>

4

3 回答 3

3

你不能onclick使用 PHP 函数。您正在将 JavaScript 与 PHP 混合。我会这样做:

<a id="remove_note" href="remove.php?id=<?php echo $row['id']; ?>">Remove</a>

然后使用remove.php获取 ID$_GET['id']并将其传递到DELETE查询中。

于 2012-07-03T04:12:04.807 回答
3

看起来您正在尝试混合使用 JavaScript 和 PHP。单击链接时不能调用 deleteNote() 函数,因为它是 PHP 函数。有几种方法可以调用 PHP 脚本来删除注释:

Use something like the following:

<?php
// ...
$id_to_delete = $_GET['id'];
if( isset($id_to_delete) ) {
    $sql="DELETE FROM notes WHERE id='$id_to_delete'";
    $result=mysql_query($sql) or die("Error when tryin to delete note.");
}
$query = mysql_query("SELECT * FROM notes ORDER BY id DESC");

//...

while($row=mysql_fetch_assoc($query)){
   //...
   echo '<a id="remove_note" href="CURRENT_SCRIPT_URL?id=' . $id_to_delete . '">X</a>';
   //...
}
?>

Or you could create a second script that deletes a row from the database based on the data that you pass to it and use ajax (I would recommend using jQuery for ajax functionality) to call that script with the id of the item to delete.

Remember that anyone could call your script with a GET parameter and delete a record from the database (or worse, perform an SQL injection attack), so make sure that you have some sort of safeguard in place unless you want all of your records wiped out!

于 2012-07-03T04:20:04.287 回答
1

you have 2 options.

1) make an <a href="another_php_script.php?delete=true"> (or similar), then run the delete script. (then header back to the same page you were on).

This is because you cannot run an onClick php function, you have to redirect to the other page.

2) You can use the onclick function to call an AJAX script, and execute the deleting PHP script from the page you're on - without redirecting.

Option 1 is the easy option, Option 2 is the better option to learn from.

于 2012-07-03T04:59:47.937 回答