0

基本上正如我的问题所述,它适用于 phpmyadmin 但不适用于 php 本身。当我运行脚本时,它返回 true,并且不会死。帮助!

这是查询:

DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$ID'

这是php脚本:

<?php

include_once "connect_to_mysql.php";

$errorB = false;

$error = '';
$id = '';
$userID = '';
if (empty($_GET['ID']) || empty($_GET['userID'])) {
$errorB = true;

if (empty($_GET['ID'])) {
    $error = $error.'-No selected ID was sent';

}

if (empty($_GET['userID'])) {
    $error = $error.'-No selector ID was sent';

}


} else {
$id = $_GET['ID'];
$userID = $_GET['userID'];
echo $id.$userID;
$sqlInsert = mysql_query("DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$ID'") or die (mysql_error());
echo 'shz';
}

if ($errorB) {
echo $error;

}



?>

我的数据库如下所示:

 id|selectorID|selectedID
 3  1          4
 4  1          5
4

1 回答 1

2

您的第一个但较小的麻烦是PHP 变量的区分大小写的性质

这里

$sqlInsert = mysql_query("DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$ID'") or die (mysql_error());

你指的是$ID,但只有$id

$id = $_GET['ID'];

正确:

$sqlInsert = mysql_query("DELETE FROM selections WHERE selectorID = '$userID' AND selectedID = '$id'") or die (mysql_error());

重要的提示

虽然这很可能会起作用,但这很容易发生SQL 注入!改用 PDO,或者至少,逃避你的价值观!!!

于 2013-02-20T15:09:29.607 回答