php 删除数据库行的删除按钮
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5878201/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Delete button which deletes database row
提问by Simon
I just made a php function
我刚刚做了一个php函数
function deletebooking($orderID){
$sql="DELETE FROM bs_reservations WHERE id='".$orderID."'";
$result=mysql_query($sql) or die("oopsy, error when tryin to delete events 2");
}
I have a .php file which process a submitted form and then displays a HTML page. How do i add a delete booking button which calls the above function to the HTML page. The $orderID variable is already set.
我有一个 .php 文件,它处理提交的表单,然后显示一个 HTML 页面。我如何添加一个删除预订按钮,该按钮将上述函数调用到 HTML 页面。$orderID 变量已经设置。
Suggestions Welcome
欢迎提出建议
回答by Varada
You can use a javascript code on the button which you click to delete the record as
您可以在单击的按钮上使用 javascript 代码删除记录
<input type="button" name-"abc" id="abc" onclick="return Deleteqry(<?php echo $orderID ?>);"/>
Now you can write the javascript function inside the <head></head>as
现在您可以在<head></head>as 中编写 javascript 函数
function Deleteqry(id)
{
if(confirm("Are you sure you want to delete this row?")==true)
window.location="yourpagename.php?del="+id;
return false;
}
Now you can write on the top of your page as
现在你可以在页面顶部写成
if($_GET['del'])
{
deletebooking($orderID);
}
Here we are using a message alert for the conformation of the deletion using the javascript alert box...
在这里,我们使用 javascript 警报框对删除的构造使用消息警报...
回答by Explosion Pills
Two things. First, look up "SQL injection." Sanitize the input of your query.
两件事情。首先,查找“SQL 注入”。清理您的查询输入。
Second: don't do this. It's not a good idea. If the orderIDis already set on the page, then presumably it can be changed by the user to anything they want and then deleted. Instead, you should associate the orderID deleting with authentication, or have a status for order IDs instead ("Deleted," for instance) that prevents loss of any data.
第二:不要这样做。这不是一个好主意。如果orderID页面上已经设置了 ,那么用户可以将其更改为他们想要的任何内容然后删除。相反,您应该将删除订单 ID 与身份验证相关联,或者为订单 ID 设置一个状态(例如“已删除”),以防止丢失任何数据。
Other than that, the other answer will do what you need. This is not complicated.
除此之外,另一个答案将满足您的需求。这并不复杂。
回答by Cal
Here's an example page, let's call it page.php:
这是一个示例页面,我们称之为page.php:
<?
include "includes/dbconnect.php";
include "includes/functions.php";
if ($_POST['delete']){
deletebooking(intval($_POST['delete']));
echo "deleted!";
exit;
}
?>
<form action="page.php" method="post">
<input type="hidden" name="delete" value="<?=intval($orderID)?>" />
<input type="submit" value="Delete order #<?=intval($orderID)?>" />
</form>
The one file is both the form that you present to the user and the code that performs the actual deletion. We pass the ID of the record to be deleted as a hidden form value.
一个文件既是您呈现给用户的表单,也是执行实际删除操作的代码。我们将要删除的记录的 ID 作为隐藏表单值传递。
回答by Geo
I would also suggest adding a reload in your function this way the id doesn't stay in the url after the delete action.
我还建议在您的函数中添加重新加载,这样删除操作后 id 就不会保留在 url 中。
$page = 'current.php';
if($_GET['del'])
{
deletebooking($orderID,$page);
}
function deletebooking($orderID,$page){
$sql="DELETE FROM bs_reservations WHERE id='".$orderID."'";
$result=mysql_query($sql) or die("oopsy, error when tryin to delete events 2");
header('Location: '.$page, true, 303);
}
