删除页面PHP MYSQL

Question

嗨，我已经创建了一个删除页面，当我刚刚提交表单并且URL为http://localhost/delete-session.php时无法工作，但是一旦我将URL更改为http://localhost/delete-session.php?id=1它可行，我缺少什么在我的代码中让它起作用？

<h1>Delete Page</h1> 

<h3>Enter the booking number of the session you would like to delete!</h3> 
<form action ="delete-session.php" method="post"> 

Booking ID:(Refer To Database):<input type="text" name="booking"> 

这是PHP

if(isset($_GET['booking'])){ 
    $id=$_GET['booking'];  
    if(!is_numeric($id)){ 
     echo "sorry, there appears to have been an error."; 
     exit; 
    } 
} else { 
    echo "sorry, there appears to have been an error."; 
    exit; 
} 

$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "olympics"; 

$conn = mysqli_connect($servername, $username, $password, $dbname); 

$id=$_GET['id']; 
if(!is_numeric($id)){ 
    echo "Sorry, there is an error"; 
    exit; 
} 

if (!$conn) { 
    die("Connection failed: " . mysqli_connect_error()); 
} 

$sql="DELETE from olympiics where booking='$id'"; 
echo $sql; 

if (mysqli_query($conn, $sql)) { 
    echo "Record deleted successfully"; 
} else { 
    echo "Error deleting record: " . mysqli_error($conn); 
} 

mysqli_close($conn); 

Answer 1

变化形式方法来获得，或使用$ _REQUEST而不是$ _GET

Answer 2

我会采取裂缝在这个。

我猜这是因为当你去http://localhost/delete-session.php?id=1您通过GET传递id=1，所以当你在你的代码检索获取输入它$id=1成功，但在你的HTML表单是通过POST发送。

作为使用修复尝试$id=$_POST['booking'];

Answer 3

看来你要发送的值由POST的ID，而是通过GET获得：

$id=$_GET['booking']; 

它应该是：

$id=$_POST['booking']; 

检查一下。

编辑

我写的价值观错了，固定

更多信息

GET VS POST：http://www.w3schools.com/tags/ref_httpmethods.asp

Answer 4

台架试验你的代码。

它开始得到$id=$_GET['booking'];，它不存在，因为您已在<form>标记中设置了method="post"。

所以使用$id=$_POST['booking'];

再后来就它$id=$_GET['id'];覆盖值你已经尝试从上面得到。

这可以解释为什么它需要http://localhost/delete-session.php?id=1额外的ID放慢参数为使用查询字符串来发送数据将在$_GET['id']阵列发送id参数，我不明白你为什么会想无论如何要做到这一点，因为它已经完成在你的代码通过获取值这个ID从$id=$_POST['booking']

顶这也使得代码，以便更容易阅读和更重要的是调试如果采用缩进标准在脚本中像下面。

试试这个尺寸，不添加id=1的查询字符串

if(isset($_POST['booking'])){ 
    $id=$_POST['booking'];  
    if(!is_numeric($id)){ 
     echo "sorry, there appears to have been an error. Booking must be numeric"; 
     exit; 
    } 
} else { 
    echo "sorry, there appears to have been an error."; 
    exit; 
} 

$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "olympics"; 

$conn = mysqli_connect($servername, $username, $password, $dbname); 
if (!$conn) { 
    die("Connection failed: " . mysqli_connect_error()); 
} 

$sql="DELETE from olympiics where booking='$id'"; 

$res = mysqli_query($conn, $sql); 
if ($res !== FALSE) { 
    echo "Record deleted successfully"; 
} else { 
    echo "Error deleting record: " . mysqli_error($conn); 
} 

mysqli_close($conn); 
?> 

当您使用mysqli扩展，你也应该使用参数化查询防止SQL注入。

if(isset($_POST['booking'])){ 
    $id=$_POST['booking'];  
    if(!is_numeric($id)){ 
     echo "sorry, there appears to have been an error. Booking must be numeric"; 
     exit; 
    } 
} else { 
    echo "sorry, there appears to have been an error."; 
    exit; 
} 

$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "olympics"; 

$conn = mysqli_connect($servername, $username, $password, $dbname); 
if (!$conn) { 
    die("Connection failed: " . mysqli_connect_error()); 
} 

$sql="DELETE from olympiics where booking=?"; 

$stmt = mysqli_prepare($conn, $sql); 
if ($stmt === FALSE) { 
    echo mysqli_error($conn); 
    exit; 
} 
mysqli_stmt_bind_param($stmt, 'i', $id); 


$res = mysqli_stmt_execute($stmt); 
if ($res !== FALSE) { 
    echo "Record deleted successfully"; 
} else { 
    echo "Error deleting record: " . mysqli_error($conn); 
} 

mysqli_close($conn); 
?>