2

我正在尝试从 sql 中创建一个删除按钮。我启动了一个名为 $del 的函数,但我不知道如何完成它,其形式是在当前回显语句旁边回显一个删除按钮。

$con = mysql_connect("localhost", "user", "pass");
if (!$con) {
    die('Could not connect: ' . mysql_error());
}

mysql_select_db("database", $con);
$sql = "INSERT INTO camps (city, map, park, day, details) 
    VALUES ('$_POST[city]','$_POST[map]','$_POST[park]','$_POST[day]','$_POST[details]')";

if (!mysql_query($sql, $con)) {
    die('Error: ' . mysql_error());
}

$number = 0;
$del = mysql_query("DELETE FROM camps WHERE user_id= '$number'");

$result = mysql_query("SELECT * FROM camps");

while ($row = mysql_fetch_array($result)) {
    echo "<a href=\"'" . $row['map'] . "\">" . $row['city'] . "</a>";
    echo "<br />";
}
4

1 回答 1

2

您需要让您的链接将参数传递给将删除该记录的脚本。您的链接看起来像这样

 echo "<a href=\"'delete.php?id=" . $user_id"\">" . $row['city'] . "</a>";

然后你的删除可以从 $_GET 全局中获取参数,然后像这样将它们传递给你的 sql

  $del = mysql_query("DELETE FROM camps WHERE user_id=" . $_GET['user_id']);

此当前查询将删除该用户的所有营地(根据需要调整参数/sql)。

However, you should NEVER pass user vars into your sql strings. You leave yourself open for sql injection attacks. I would recommend using PDO to escape your sql. I would also recommend using the post method for any destructive db operation so that you don't accidentally alter something.

于 2012-12-21T21:37:24.670 回答