du8794 2013-10-19 23:25
浏览 16

单击时删除mysql行

Here is the link style

<a href='del-user.php?id={$row['username']}'>Delete</a>

{$row['username']} will grab the username field from the Admin-CMS users table

Now..... Here is what it will take you to when you click it:

del-user.php?id=billy

NOW FOR WHAT I AM ATTEMPTING

I want to read the link and delete the row with a username of billy

Here is my del-user.php file

<?php
  if($_GET['id'] != ""){
    $userID = $_GET['id'];
    $sql = "DELETE FROM users WHERE username='".$userID."'";
    $query  = mysql_query($sql);
  }
?>

What am I doing wrong? Btw my database setup is

TABLE   is called :     users
COLUMN  is called :     username
  • 写回答

2条回答 默认 最新

  • dsuoedtom207012191 2013-10-19 23:30
    关注

    First off, ESCAPE YOUR DATA. Or use prepared statements. Your code is vulnerable to SQL injection.

    Second, don't use mysql libraries. They are depreciated. You need to use mysqli instead.

    Third, where is your connection pointer? You need to have created one somewhere and pass it to your query function.

    $con = mysqli_connect(...);
$result = mysqli_query($con, $sql);
    评论

报告相同问题?

悬赏问题

  • ¥15 Oracle中如何从clob类型截取特定字符串后面的字符
  • ¥15 想通过pywinauto自动电机应用程序按钮,但是找不到应用程序按钮信息
  • ¥15 MATLAB中streamslice问题
  • ¥15 如何在炒股软件中,爬到我想看的日k线
  • ¥15 51单片机中C语言怎么做到下面类似的功能的函数(相关搜索:c语言)
  • ¥15 seatunnel 怎么配置Elasticsearch
  • ¥15 PSCAD安装问题 ERROR: Visual Studio 2013, 2015, 2017 or 2019 is not found in the system.
  • ¥15 (标签-MATLAB|关键词-多址)
  • ¥15 关于#MATLAB#的问题,如何解决?(相关搜索:信噪比,系统容量)
  • ¥500 52810做蓝牙接受端