删除记录(如果存在),否则插入
[英]Delete the record if its exist , else insert
问题描述
I have a click favorite star , i want to check in data base if the record is exist it will delete the record , if it not exist it will insert the record ,what is the problem the record not inserted 
我有一个单击喜欢的星星,我想在数据库中检查记录是否存在,它将删除记录,如果不存在,它将插入记录,记录未插入是什么问题
<?php
include "config.php";
header('Content-Type: application/json');
$landmarkid = $_GET['landmarkid'];
$userid = $_GET['userid'];
try {
$query = mysqli_query($con,"SELECT * from favourite WHERE userid =$userid AND L_ID = $landmarkid");
if(mysqli_num_rows($query) > 0)
{
$q1 = mysqli_query($con,"DELETE from favourite WHERE userid =$userid AND L_ID = $landmarkid");
if($q1){
echo '{"Deleted":"true"}';
}
else {
echo '{"Deleted":"false"}';
}
}
else {
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID) VALUES ( $userid, $landmarkid) ");
if($q2){
echo '{"inserted":"true"}';
}
else {
echo '{"inserted":"false"}';
}
}
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
?>
2 个解决方案
解决方案1
0 2017-05-06 08:40:36
Try to add single quotation marks to your insert statement and see if it works. 尝试在您的插入语句中添加单引号,然后查看是否可行。 Change this statement; 更改此语句;
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID) VALUES ( $userid, $landmarkid) ");
To this; 对此
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID) VALUES ( '$userid', '$landmarkid') ");
Let me know if it helps or if you find a problem. 让我知道是否有帮助,或者您发现问题了。
解决方案2
0 2017-05-06 10:49:51
I have rewritten your code below. 我在下面重写了您的代码。
Some points: 一些要点:
Your code was vulerable to SQL injection so assuming id is a numeric value I forced the input vars (
$useridand$landmarkid) to be integers using(int)casting.您的代码很容易受到SQL注入的影响,因此假设id是一个数字值,我使用(int)强制转换将输入变量($userid和$landmarkid)强制为整数。Your first checking query can return a
COUNTvalue, it's better than returning a*and then you can check a specific value for your if statements,$result['numb'].您的第一个检查查询可以返回COUNT值,比返回*更好,然后您可以为if语句$result['numb']检查特定值。I have properly escaped your php variables in the SQL, but you really should be trying to use Prepared Statements for this.
我已经在SQL中正确转义了您的php变量,但是您确实应该尝试为此使用Prepared Statements 。 I dont think you need the
try{} catch {}here as your current code will never throw exceptions (as far as I'm aware)我认为您不需要在这里try{} catch {},因为您的当前代码永远不会抛出异常(据我所知)Add a
LIMITto your delete statements so you can never delete more than an intended number of row.在您的delete语句中添加LIMIT,这样您就永远不能删除超出预期数目的行。 This acts as a failsafe so you don't inadvertantly manage to delete the whole table.这起到了故障保护的作用,因此您不会无意间删除整个表。
<?php
include "config.php";
header('Content-Type: application/json');
$landmarkid = (int)$_GET['landmarkid'];
$userid = (int)$_GET['userid'];
try {
$query = mysqli_query($con,"SELECT COUNT(*) as numb FROM
favourite WHERE userid = ".$userid." AND
L_ID = ".$landmarkid);
$result = mysqli_fetch_aray($query);
if($result['numb'] > 0)
{
$q1 = mysqli_query($con,"DELETE FROM favourite
WHERE userid = ".$userid." AND L_ID = ".$landmarkid."
LIMIT 1");
print "deleted";
}
else {
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID)
VALUES ( ".$userid", ".$landmarkid.") ");
print "inserted";
}
}
catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.