douweng3564 2015-02-19 05:57
浏览 45
已采纳

我的代码有什么问题,mysql,PDO准备删除语句?

Why my code is not working. Help, I don't see any wrong. If I use user_id=$current_user instead of user_id=:current_id, it works. But I need to prepare for security reason. Help please.

<?php
$hostname = 'localhost';
$username = '**';
$password = '**';
$dbname = '**';
try {
    $db = new PDO("mysql:host=$hostname;dbname=$dbname", "$username" ,"$password" , 
        array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));

} catch (PDOException $e) {
    echo" There was an error with the connection";
}

$current_user=$_POST['users_id'];//get user id

include 'db_tag.php';
$stmt=$db->prepare("DELETE FROM object_sign WHERE user_id=:current_id");

$stmt->bindParam(":current_id",$current_user,PDO::PARAM_INT);
$stmt->execute(); 

?>
  • 写回答

2条回答 默认 最新

  • doudao2407 2015-02-19 06:14
    关注

    @conan, Use below code that I have mentioned & you need to check below points with this code.

    1) Print $current_user id to make sure id correctly appeared or not,Also I have put condition if post contain user id then only query being executed.

    2) I have put exception so you can check errors through exception message.

    <?php
include 'db_tag.php';

$hostname = 'localhost';
$username = '**';
$password = '**';
$dbname = '**';

try {
     $db = new PDO("mysql:host=$hostname;dbname=$dbname", "$username" ,"$password" , 
        array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));

    if(isset($_POST['users_id'])) {
        $current_user=$_POST['users_id'];//get user id

        $stmt=$db->prepare("DELETE FROM object_sign WHERE user_id=:user_id");

        $stmt->bindParam(":user_id",$current_user);
        $stmt->execute(); 
    } 
} catch(PDOException $e) {
    echo "Error: " . $e->getMessage();
}
?>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 phython如何实现以下功能?查找同一用户名的消费金额合并—
  • ¥15 孟德尔随机化怎样画共定位分析图
  • ¥18 模拟电路问题解答有偿速度
  • ¥15 CST仿真别人的模型结果仿真结果S参数完全不对
  • ¥15 误删注册表文件致win10无法开启
  • ¥15 请问在阿里云服务器中怎么利用数据库制作网站
  • ¥60 ESP32怎么烧录自启动程序
  • ¥50 html2canvas超出滚动条不显示
  • ¥15 java业务性能问题求解(sql,业务设计相关)
  • ¥15 52810 尾椎c三个a 写蓝牙地址