PHP/SQL语句输出错误

Question

我仍在使用电影数据库的网站上工作。我有的问题是，我的SQL语句从数据库中删除电影没有执行。我有两页，一页是用户可以看到电影的页面，另一页是点击删除按钮时执行的代码。

以下是从概述电影之一的信息的代码，因为对于其他电影的代码都差不多：

<div><tr><td><div style="width: 200px; height:296px; margin-top: 50px"> 
    <div class="image-hover"> 
    <img src="img/deadpool.jpg" width="200px" height="296px"/> 
    <span class="desc"><div class="filmtitle"><?php 
    $sql1a = "SELECT title FROM films WHERE film_id = '1'"; 
    $result = $mysqli->query($sql1a); 
    if (mysqli_num_rows($result) > 0) { 
    // output data of each row 
    while($row = mysqli_fetch_assoc($result)) { 
    echo $row["title"] ;}}?></div> 
    <div style="font-size:8px; text-transform:uppercase; color:#000;"> 
    <div class="black"><div class="filmdiscription"><b>Samenvatting: </b> <? 
    php 
    $sql1b = "SELECT description FROM films WHERE film_id = '1'"; 
    $result = $mysqli->query($sql1b); 
    if (mysqli_num_rows($result) > 0) { 
     // output data of each row 
     while($row = mysqli_fetch_assoc($result)) { 
    echo $row["description"];} 
    } 

    ?> 
    <div style="font-size:8px; text-transform:uppercase; color:#000;"> 
    <div class="black2"><div class="yearrating"><b>Jaar: </b> <?php 
    $sql1c = "SELECT release_year FROM films WHERE film_id = '1'"; 
    $result = $mysqli->query($sql1c); 
    if (mysqli_num_rows($result) > 0) { 
    // output data of each row 
    while($row = mysqli_fetch_assoc($result)) { 
    echo $row["release_year"];} 
    }?> 
    <div style="font-size:8px; text-transform:uppercase; color:#000;"> 
    <div class="black2"><div class="yearrating" ><b>Rating (0-5): </b> <?php 
    $sql1d = "SELECT rating FROM films WHERE film_id = '1'"; 
    $result = $mysqli->query($sql1d); 
    if (mysqli_num_rows($result) > 0) { 
    // output data of each row 
    while($row = mysqli_fetch_assoc($result)) { 
    echo $row["rating"];} 
    }?> 
    </div> 
    <div class="black2"><div class="yearrating"> 
    <a class="alert" href="deletemovie.php?id='.$row['film_id'].'" ></i> 
    Delete <?php '</a>'?> <center> 
     </span> 
    </div></div> 
    </div></div> 

为“deletemovie.php”代码：

<!doctype html> 
<html> 
<head> 
<meta charset="UTF-8"> 
<link rel="stylesheet" type="text/css" href="style.css"/> 
</head> 

<?php 
session_start(); //De sessie wordt gestart. 
function is_logged() { 
if (isset($_SESSION['username'])) return true; 
return false; //Er wordt gekeken of de gebruikersnaam correct is. 
} 
if(!is_logged()){ 
header("Location: sign-in.php"); //Als de gebruiker naar overzichtlogin.php 
gaat, zonder dat hij of zij is ingelogd, worden ze doorgestuurd naar de 
login pagina. 
} 

require_once('db_const.php'); //De gegevens voor de database verbinding 
worden in 1 centraal bestand opgehaald. 
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME); 
if (!$mysqli){ 
die("Connection failed: ".mysqli_connect_error()); //Als de verbinding niet 
lukt zal deze niet werken. 
} 

?> 

<?php $current = 'delete'; ?> <!-- Om aan te geven dat men zich op de 
beveiligde overzichtspagina bevindt, wordt gebruik gemaakt van deze 
variabele. Current krijgt nu de waarde 'secured', waardoor de button waar 
'secured' staat een kleur krijgt. --> 

<body> 

<div class="header"> 
<?php 
if(isset($_SESSION['username'])){ 
require_once("headersecured.php"); //Indien de gebruiker ingelogd is, wordt 
'headersecured.php' gebruikt als header. 
}else{ 
require_once("header.php"); //Indien de gebruiker niet is ingelogd, wordt 
header.php gebruikt als header. 
} 
?> 
</div> 

<?php 
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME); 


$id = $_GET["id"]; //Het ID van de film wordt opgehaald. 

$sql = "DELETE FROM films WHERE film_id = $id"; //De film waarbij het ID 
hoort wordt verwijderd uit de database. 

?> 

<?php 

    if (mysqli_query($mysqli, $sql)) { //Zorgt ervoor dat de film wordt 
verwijderd. 
    echo "Succesvol verwijderd!"; //Laat zien dat de film verwijderd is uit de 
database. 
    echo "<br>"; // Witruimte 
    echo "<a href='overzichtlogin.php'>Terug naar de vorige pagina.</a>"; 
//Door op deze link te klikken gaat de gebruiker terug naar de 
overzichtspagina. 
    } else { 
    echo "Error: " . $sql . "<br>" . mysqli_error($mysqli); //Indien het 
verwijderen niet goed is gegaan, wordt er een foutmelding getoond. 
    } 
?> 


<div class="footer"> 
<?php include 'footer.php';?> <!-- de footer wordt opgehaald --> 
</div> 

</body> 
</html> 

当某人在概览中单击“删除”时，应该从数据库中删除该电影。点击时出现错误：

Error: DELETE FROM films WHERE film_id = '.$row['film_id'].' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'film_id'].'' at line 1"

我应该在我的代码中更改哪些内容？

Answer 1

您缺少php打开/关闭标记。尝试改变该行：

<a class="alert" href="deletemovie.php?id='.$row['film_id'].'" ></i> 

要

<a class="alert" href="deletemovie.php?id=<?php echo $row['film_id']; ?>" ></i> 

或更短方式：

<a class="alert" href="deletemovie.php?id=<?= $row['film_id']; ?>" ></i> 

并使用参数的查询，以避免SQL注入。

Answer 2

错误消息告诉您问题的开始，这是在这里：特别

<a class="alert" href="deletemovie.php?id='.$row['film_id'].'" ></i> 
    Delete <?php '</a>'?> 

在：

'.$row['film_id'].' 

你是一个纯文本文档，PHP是不会与互动它。你需要做的事：

<a class="alert" href="deletemovie.php?id=<?php echo $row['film_id']; ?>" ></i> 

为什么你想PHP在那里产生闭合元件我也是不太清楚，但你需要一个echo为PHP输出任何东西（或print）。

Delete <?php echo '</a>';?> 

一旦你正在运行的，因为你从来没有在您的select选择film_id你会得到一个错误undefined index。

SELECT rating, film_id FROM films WHERE film_id = '1' 

您还应该使用参数化查询并合并您的查询。

对于选择：

SELECT description, release_year, rating FROM films WHERE film_id = '1' 

或

SELECT description, release_year, rating, film_id FROM films WHERE film_id = '1' 

如果你想使用 film_id指数回报

，好像对我来说你已经知道这一点，或者你不应该没有where条款。

你删除应该是：

$sql = "DELETE FROM films WHERE film_id = ?"; 

然后绑定$id。

在这里阅读更多，http://php.net/manual/en/mysqli.quickstart.prepared-statements.php