[英]Delete rows with ajax and php
Is this a good way, to delete all the selected rows from sql table? 这是删除sql表中所有选定行的好方法吗?
The code works fine, but maybe there other or better ways to do this. 该代码可以正常工作,但是也许还有其他更好的方法可以做到这一点。 The real_ escape_string function is in the good place, or i should put in in the foreach loop, before the sql query? real_scape_string函数在适当的位置,还是我应该在sql查询之前放入foreach循环中?
$('.deleteRows').click(function(e)
{
e.preventDefault();
var val = [];
if(confirm("Biztos, hogy törölni szeretné a kijelölt sorokat?"))
{
$(':checkbox:checked').each(function(i){
val[i] = $(this).val();
});
$.ajax({
data: { val:val },
type: 'POST',
url: 'files/delete_all_uzenet.php',
success: function(data)
{
var result = $.trim(data);
$('#newsletterResult').html(data);
$('#newsletterModal').modal('show');
},
complete: function()
{
setTimeout(function()
{
location.reload();
}, 4000 );
}
});
}
return false;
});
Php file: php文件:
<?php
include_once("../../files/connect.php");
if(isset($_POST['val']))
{
foreach($_POST['val'] as $v)
{
mysqli_query($kapcs, $sql = "DELETE FROM kapcsolatfelvetel WHERE kapcsolat_id = '".mysqli_real_escape_string($kapcs, $v)."'") or die(mysqli_error($kapcs));
}
echo 'Rows deleted';
}
else
{
exit("No rows selected.");
}
?>
Your code will execute a lot faster if you merge all operations in a single query. 如果将所有操作合并到一个查询中,则代码执行速度将大大提高。 Once you've verified that you have values to delete, do something such as: 确认您有要删除的值后,请执行以下操作:
$p = &$_POST['val']; //$p refers to $_POST['val'];
//clean all inputs
foreach($p as &$v) $v = "'". mysqli_escape_string($kapcs,$v) ."'";
//transform to "('value1', 'value2'...)"
$values = '('.implode(',',$p).')';
//build one sql to delete all rows
$sql = "DELETE FROM kapcsolatfelvetel WHERE kapcsolat_id IN $values";
You can then run the query to delete all rows at once. 然后,您可以运行查询以一次删除所有行。
PS: You use string escaping to clean your strings; PS:您使用转义字符串来清理字符串; that's much better than nothing, but not as good as prepared statements and parameterized queries. 这总比没有好得多,但是不如准备好的语句和参数化查询好。
PPS: You should also check that your query executed successfully. PPS:您还应该检查查询是否成功执行。 It's a mistake to assume that just because you called mysqli_query
, the rows were deleted. 仅仅因为您调用了mysqli_query
,就认为行被删除是一个错误。
@BeetleJuice @甲虫汁
So, this is the right way? 那么,这是正确的方法吗?
<?php
include_once("../../files/connect.php");
if(isset($_POST['val']))
{
$p = &$_POST['val'];
foreach($p as &$v)
{
$v = "'". mysqli_escape_string($kapcs, $v) ."'";
}
$values = '('.implode(',',$p).')';
mysqli_query($kapcs, $sql = "DELETE FROM kapcsolatfelvetel WHERE kapcsolat_id IN $values") or die(mysqli_error($kapcs));
echo 'Rows deleted ok.';
}
else
{
exit("No rows selected.");
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.