我有记录列表。我有删除每个记录的按钮,我正在删除记录与$.ajax()
函数。但是当我点击删除按钮时,它不会从数据库中删除记录,并且当我提醒数据时,它会输出整个html页面。下面是代码。请帮帮我。
HTML代码
<tbody>
<tr class="gradeX odd">
<td class="sorting_1">2</td>
<td class=" ">test</td>
<td class=" ">test</td>
<td class="center ">0</td>
<td class="center ">Active</td>
<td class=" "><button type="button" class="btn btn-default btn-circle" name="editRecord"><i class="fa fa-pencil-square-o"></i></button>
<button type="button" class="btn btn-danger btn-default btn-circle" id="2" name="deleteRecord"><i class="fa fa-times"></i></button></td>
</tr>
<tr class="gradeX even">
<td class="sorting_1">3</td>
<td class=" ">sarees</td>
<td class=" ">contains sarres</td>
<td cl="center ">1</td>
<td class="center ">Active</td>
<td class=" "><button type="button" class="btn btn-default btn-circle" name="editRecord"><i class="fa fa-pencil-square-o"></i></button>
<button type="button" class="btn btn-danger btn-default btn-circle" id="3" name="deleteRecord"><i class="fa fa-times"></i></button></td>
</tr>
</tbody>
jQuery的
$(document.body).on('click', '[name="deleteRecord"]', function(){
var id= $(this).attr('id');
var parent = $(this).parent().parent();
if (confirm("Are you sure you want to delete this row?"))
{
$.ajax({
type: "GET",
url: "admin_operation.php?mode=delete_category&id="+id,
cache: false,
success: function(data)
{
alert(data);
parent.fadeOut('slow', function() {$(this).remove();});
}
});
}
});
PHP代码
$mode = $_GET['mode'];
if($mode!='add_category' || $_GET['mode']!= "delete_category")
{
header('location:dashboard.php');
die;
}
if($mode=='delete_category')
{
$id=$_GET['id'];
$q=$db->query("DELETE FROM db_category WHERE category_id='".$id."'");
if($q){ echo "yes";}
else{ echo "no";}
}
你在做什么这里是真的* *危险。首先,任何人都可以通过该URL删除的东西,其次,你宽OPE n到SQL注入。 – Marty
@marty但使用post方法,即时获取相同的错误。我该怎么办 ? – user3288891
'POST'不会阻止这两件事中的任何一件。 – Marty