doucitan2544 2017-07-25 20:16
浏览 9
已采纳

如何将mysql'id'链接到html元素

I have a database with some rows of data that display on a webpage. Now, I am looking for a way to link each 'ID' field in mysql to a button so that when the button is clicked, a php script will run that deletes the row of mysql information associated with that ID.

I know this is incorrect but I think its close. Just don't know about the php portion inside the id tag. Help?

<form action="remove.php" method="post">
   <input type="submit" value="Remove Entry" id="<?php $row['id'] ?>" />
</form>

Am I even on the right path? Would remove.php look like...

<?php

$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if($conn === false){
   die("ERROR: Could not connect. " . mysqli_connect_error());
}

$sql = "DELETE from newcars (stock, year, make, model, trim)
        WHERE ('$_POST[id] = $row[id]');

if(mysqli_query($conn, $sql)){
    echo "Records deleted successfully.";
} 

else {
    echo "ERROR: Could not execute $sql. " . mysqli_error($link);
}

mysql_close($conn)
?>

Any help would be greatly appreciated. Thank you!

  • 写回答

2条回答 默认 最新

  • doumeng9188 2017-07-25 20:27
    关注

    HTML:

    <form action="remove.php" method="post">
   <input type="hidden" name="id" value="<?php echo (int)$row['id']; ?>">
   <input type="submit" value="Remove Entry" />
</form>

    You want to pass the ID in a form element, NOT with the submit button.

    The PHP would look like this - and this is more secure than your original code as it uses prepared statements.

    <?php

$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if($conn === false) {
    die("ERROR: Could not connect. " . mysqli_connect_error());
}

$stmt = $conn->prepare("DELETE FROM newcars WHERE id = ?");
// prepare() can fail because of syntax errors, missing privileges, ....
if(false === $stmt) {
    // and since all the following operations need a valid/ready statement object
    // it doesn't make sense to go on
    // you might want to use a more sophisticated mechanism than die()
    // but's it's only an example
    die('prepare() failed: ' . htmlspecialchars($mysqli->error));
}

$rc = $stmt->bind_param('i', $_POST['id']);
// bind_param() can fail because the number of parameter doesn't match the placeholders in the statement
// or there's a type conflict(?), or ....
if(false === $rc) {
    // again execute() is useless if you can't bind the parameters. Bail out somehow.
    die('bind_param() failed: ' . htmlspecialchars($stmt->error));
}

$rc = $stmt->execute();
// execute() can fail for various reasons. And may it be as stupid as someone tripping over the network cable
// 2006 "server gone away" is always an option
if(false === $rc) {
    die('execute() failed: ' . htmlspecialchars($stmt->error));
}

$stmt->close();

//redirect page back to view page
?>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 wireshark抓不到vlan
  • ¥20 关于#stm32#的问题:需要指导自动酸碱滴定仪的原理图程序代码及仿真
  • ¥20 设计一款异域新娘的视频相亲软件需要哪些技术支持
  • ¥15 stata安慰剂检验作图但是真实值不出现在图上
  • ¥15 c程序不知道为什么得不到结果
  • ¥40 复杂的限制性的商函数处理
  • ¥15 程序不包含适用于入口点的静态Main方法
  • ¥15 素材场景中光线烘焙后灯光失效
  • ¥15 请教一下各位,为什么我这个没有实现模拟点击
  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来