dongxuanyi3406 2012-07-03 04:06
浏览 34
已采纳

如何在单击链接时删除数据库条目

I wanted to expand my PHP skills so I read through a tutorial on tutorialzine. I understand the instructions presented in the tutorial. But when it comes to expanding on it I seem to be lacking a connection. My main goal was to simply delete a selected note when an a tag is clicked. However I don't know how to select the id assigned to the note to be able to pass it to my delete function.

Source: http://tutorialzine.com/2010/01/sticky-notes-ajax-php-jquery/

Thanks for the help. 

<?php
error_reporting(E_ALL^E_NOTICE);
require 'connect.php';
mysql_query("DELETE FROM notes WHERE id>3 AND dt<SUBTIME(NOW(),'0 1:0:0')");
$query = mysql_query("SELECT * FROM notes ORDER BY id DESC");

$notes = '';
$left='';
$top='';
$zindex='';

while($row=mysql_fetch_assoc($query)){
    list($left,$top,$zindex) = explode('x',$row['xyz']);
    $notes.= '
        <div class="note '.$row['color'].'" style="left:'.$left.'px;top:'.$top.'px;z-index:'.$zindex.'">
            '.htmlspecialchars($row['text']).'
            <div class="author">'.htmlspecialchars($row['name']).'</div>
            <span class="data">'.$row['id'].'</span>
            <a id="remove_note" href="javascript:;" onclick="deleteNote('<? echo $row['id']; ?>');">&nbsp;</a>
        </div>';
}
function deleteNote(id){
    $sql="DELETE FROM notes WHERE id='$rows['id']'";
    $result=mysql_query($sql) or die("Error when tryin to delete note.");
}
?>

Update:

I've been playing around with this and the answers that both Andrew and sachleen have provided. And ill plan to work on an AJAX alternative since you've mentioned the whole SQL Injection issue. But I am still having issues with passing the id to the remove.php file. I believe is has to do with how $notes is creating the information from the DB.

I say this because I get: Parse error: syntax error, unexpected T_STRING in /home/avonamyd/public_html/projects_php/sticky_notes/demo.php on line 24

And that is only when I include the code as is from sachleen. But when I update it to account for the single quotes I have the following code. The id is present and is passed to the remove.php file but I am still getting an error. This is when I use my code or what you've provided. 

        $notes.= '
        <div class="note '.$row['color'].'" style="left:'.$left.'px;top:'.$top.'px;z-index:'.$zindex.'">
            '.htmlspecialchars($row['text']).'
            <div class="author">'.htmlspecialchars($row['name']).'</div>
            <span class="data">'.$row['id'].'</span>
            <a id="remove_note" target="_blank" href="remove.php?id='.$row['id'].'">&nbsp;</a>
        </div>';

Below is what I currently have in my remove.php file:

<?php
include 'connect.php';
$_GET['id'];
function deleteNote($id){
    $sql="DELETE FROM notes WHERE id='$id'";
}
    $result=mysql_query($sql) or die("Error when tryin to delete note.");

?>

Update

I've added in additional echo lines throughout the remove.php and this is what I am coming up with. 

<?php
include 'connect.php';
$_GET['id'];
echo  $id; --doesnt show
function deleteNote($id){
    echo "hello"; --doesnt show
    $sql="SELECT FROM notes WHERE id='$id'";
}
echo  'hello2'; --shows
$result=mysql_query($sql) or die("Error when tryin to delete note.");

?>

Update: Thank you for everyone's help with this project I've finally gotten the concepts to click in my head after some tinkering around. I will post the functional code below for anyone else that stumbles upon this code. =D Thx Everyone!

demo.php

    error_reporting(E_ALL^E_NOTICE);
require 'connect.php';
mysql_query("DELETE FROM notes WHERE id>3 AND dt<SUBTIME(NOW(),'0 1:0:0')");
$query = mysql_query("SELECT * FROM notes ORDER BY id DESC");

$notes = '';
$left='';
$top='';
$zindex='';

while($row=mysql_fetch_assoc($query)){
    list($left,$top,$zindex) = explode('x',$row['xyz']);
    $id = $row['id'];
    $notes.= '
        <div class="note '.$row['color'].'" style="left:'.$left.'px;top:'.$top.'px;z-index:'.$zindex.'">
            '.htmlspecialchars($row['text']).'
            <div class="author">'.htmlspecialchars($row['name']).'</div>
            <span class="data">'.$row['id'].'</span>
            <a id="remove_note" target="_blank" href="remove.php?id='.$row['id'].'">&nbsp;</a>
        </div>';
}

remove.php

<?php
include 'connect.php';
$id = intval($_GET['id']);
$sql="DELETE FROM notes WHERE id=$id";
$result = mysql_query($sql) or die("Unable to delete database entry.");

?>

  • 写回答

3条回答 默认 最新

  • dragon87836215 2012-07-03 04:20
    关注

    It looks like you are trying to mix JavaScript and PHP. You cannot call the deleteNote() function when your link is clicked because it is a PHP function. There are a couple of ways to go about calling the PHP script to delete the note:

    Use something like the following:

    <?php
// ...
$id_to_delete = $_GET['id'];
if( isset($id_to_delete) ) {
    $sql="DELETE FROM notes WHERE id='$id_to_delete'";
    $result=mysql_query($sql) or die("Error when tryin to delete note.");
}
$query = mysql_query("SELECT * FROM notes ORDER BY id DESC");

//...

while($row=mysql_fetch_assoc($query)){
   //...
   echo '<a id="remove_note" href="CURRENT_SCRIPT_URL?id=' . $id_to_delete . '">X</a>';
   //...
}
?>

    Or you could create a second script that deletes a row from the database based on the data that you pass to it and use ajax (I would recommend using jQuery for ajax functionality) to call that script with the id of the item to delete.

    Remember that anyone could call your script with a GET parameter and delete a record from the database (or worse, perform an SQL injection attack), so make sure that you have some sort of safeguard in place unless you want all of your records wiped out!

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥30 关于#opencv#的问题:使用大疆无人机拍摄水稻田间图像,拼接成tif图片,用什么方法可以识别并框选出水稻作物行
  • ¥15 Python卡尔曼滤波融合
  • ¥20 iOS绕地区网络检测
  • ¥15 python验证码滑块图像识别
  • ¥15 根据背景及设计要求撰写设计报告
  • ¥20 能提供一下思路或者代码吗
  • ¥15 用twincat控制!
  • ¥15 请问一下这个运行结果是怎么来的
  • ¥15 单通道放大电路的工作原理
  • ¥30 YOLO检测微调结果p为1