0

希望有人可以在这里帮助我,我想我的函数调用不正确。我正在尝试从我的数据库中检索一些数据,并在每个要检索的项目上附加一个删除链接,这样当我点击删除时,它将删除具有删除功能的特定项目。

我从数据库中检索项目的代码如下。

<?php
$con = mysql_connect("localhost","root","");
mysql_select_db("uloaku", $con);
$count = 1;
$y = mysql_query("SELECT * FROM transaction");
if(mysql_num_rows($y) != 0){

echo "<table bgcolor=\"white\" width=\"1000\" bordercolor=\"grey\" border=\"5\" >";
echo "<tr>
<td align=\"center\">No</td>
<td align=\"center\">Date</td>
<td align=\"center\">Current Balance</td>
<td align=\"center\">Avaliable Balance</td>
<td align=\"center\">Account Status</td>
<td align=\"center\">Delete Account</td>

</tr>";

while ($z = mysql_fetch_array($y, MYSQL_BOTH)){
        echo "<tr>
        <td align=\"center\">".$count++."</td>
        <td align=\"center\">".$z[1]."</td>
        <td align=\"center\">".$z[2]."</td>
        <td align=\"center\">".$z[3]."</td>
        <td align=\"left\" width=\"300\">".$z[4]."</td>
        <td><a href=\"delete.php\">delete</a></td>
        </tr>";
    }
    echo "</table>";
    }
?>

还有我要删除的代码

<?php
session_start();
$con = mysql_connect("localhost","root","");
mysql_select_db("uloaku", $con);
$id = $_GET['id'];
$sql = mysql_query("DELETE FROM transaction WHERE id='$id' LIMIT 1") or die   (mysql_error());
header("Location: vacct.php");
?>

我知道我错过了这里的逻辑,希望有人可以指导我或向我展示简单的出路。目前我可以成功地从数据库中检索我的项目,我唯一的问题是每次点击删除按钮时都能够应用删除功能。

4

4 回答 4

1

id当您点击删除链接时,您必须通过:

<a href=\"delete.php?id=$z[theIdKey]\">
于 2012-09-09T14:10:19.140 回答
0 
<td><a href=\"delete.php\">delete</a></td>

您如何将要删除的 id 传递给您的 delete.php 脚本?

于 2012-09-09T14:10:16.443 回答
0

改变:

<td><a href=\"delete.php\">delete</a></td>

到:

<td><a href=\"delete.php?id=".$z[0]."\">delete</a></td>

如果 $z[0] 是 ID。

在您的 delete.php 中,确保您还使用反引号对“事务”一词进行转义:

DELETE FROM `transaction` WHERE id=123

这是因为“事务”是一个保留的 mysql 关键字。

另请阅读SQL 注入

于 2012-09-09T14:12:18.940 回答
0

使用下面的代码。我添加了验证和加密

<?php
$con = mysql_connect("localhost","root","");
mysql_select_db("uloaku", $con);
$count = 1;
$y = mysql_query("SELECT * FROM transaction");
if(mysql_num_rows($y) != 0){

echo "<table bgcolor=\"white\" width=\"1000\" bordercolor=\"grey\" border=\"5\" >";
echo "<tr>
<td align=\"center\">No</td>
<td align=\"center\">Date</td>
<td align=\"center\">Current Balance</td>
<td align=\"center\">Avaliable Balance</td>
<td align=\"center\">Account Status</td>
<td align=\"center\">Delete Account</td>

</tr>";

while ($z = mysql_fetch_array($y, MYSQL_BOTH)){
        echo "<tr>
        <td align=\"center\">".$count++."</td>
        <td align=\"center\">".$z[1]."</td>
        <td align=\"center\">".$z[2]."</td>
        <td align=\"center\">".$z[3]."</td>
        <td align=\"left\" width=\"300\">".$z[4]."</td>
        <td><a href=\"delete.php?id=".base64_encode($z[0])."\">delete</a></td>
        </tr>";
    }
    echo "</table>";
    }
?>

code to delete

<?php
session_start();
$con = mysql_connect("localhost","root","");
mysql_select_db("uloaku", $con);
$id = base64_decode($_GET['id']);
if(!empty($id)){
$sql = mysql_query("DELETE FROM transaction WHERE id='$id' LIMIT 1") or die   (mysql_error());
}
header("Location: vacct.php");
?>
于 2012-09-09T14:15:57.763 回答