[英]Delete the record if its exist , else insert
I have a click favorite star , i want to check in data base if the record is exist it will delete the record , if it not exist it will insert the record ,what is the problem the record not inserted 我有一个单击喜欢的星星,我想在数据库中检查记录是否存在,它将删除记录,如果不存在,它将插入记录,记录未插入是什么问题
<?php
include "config.php";
header('Content-Type: application/json');
$landmarkid = $_GET['landmarkid'];
$userid = $_GET['userid'];
try {
$query = mysqli_query($con,"SELECT * from favourite WHERE userid =$userid AND L_ID = $landmarkid");
if(mysqli_num_rows($query) > 0)
{
$q1 = mysqli_query($con,"DELETE from favourite WHERE userid =$userid AND L_ID = $landmarkid");
if($q1){
echo '{"Deleted":"true"}';
}
else {
echo '{"Deleted":"false"}';
}
}
else {
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID) VALUES ( $userid, $landmarkid) ");
if($q2){
echo '{"inserted":"true"}';
}
else {
echo '{"inserted":"false"}';
}
}
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
?>
Try to add single quotation marks to your insert statement and see if it works. 尝试在您的插入语句中添加单引号,然后查看是否可行。 Change this statement;
更改此语句;
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID) VALUES ( $userid, $landmarkid) ");
To this; 对此
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID) VALUES ( '$userid', '$landmarkid') ");
Let me know if it helps or if you find a problem. 让我知道是否有帮助,或者您发现问题了。
I have rewritten your code below. 我在下面重写了您的代码。
Some points: 一些要点:
Your code was vulerable to SQL injection so assuming id is a numeric value I forced the input vars ( $userid
and $landmarkid
) to be integers using (int)
casting. 您的代码很容易受到SQL注入的影响,因此假设id是一个数字值,我使用
(int)
强制转换将输入变量( $userid
和$landmarkid
)强制为整数。
Your first checking query can return a COUNT
value, it's better than returning a *
and then you can check a specific value for your if statements, $result['numb']
. 您的第一个检查查询可以返回
COUNT
值,比返回*
更好,然后您可以为if语句$result['numb']
检查特定值。
I have properly escaped your php variables in the SQL, but you really should be trying to use Prepared Statements for this. 我已经在SQL中正确转义了您的php变量,但是您确实应该尝试为此使用Prepared Statements 。
I dont think you need the try{} catch {}
here as your current code will never throw exceptions (as far as I'm aware) 我认为您不需要在这里
try{} catch {}
,因为您的当前代码永远不会抛出异常(据我所知)
Add a LIMIT
to your delete statements so you can never delete more than an intended number of row. 在您的delete语句中添加
LIMIT
,这样您就永远不能删除超出预期数目的行。 This acts as a failsafe so you don't inadvertantly manage to delete the whole table. 这起到了故障保护的作用,因此您不会无意间删除整个表。
<?php
include "config.php";
header('Content-Type: application/json');
$landmarkid = (int)$_GET['landmarkid'];
$userid = (int)$_GET['userid'];
try {
$query = mysqli_query($con,"SELECT COUNT(*) as numb FROM
favourite WHERE userid = ".$userid." AND
L_ID = ".$landmarkid);
$result = mysqli_fetch_aray($query);
if($result['numb'] > 0)
{
$q1 = mysqli_query($con,"DELETE FROM favourite
WHERE userid = ".$userid." AND L_ID = ".$landmarkid."
LIMIT 1");
print "deleted";
}
else {
$q2 = mysqli_query($con,"INSERT INTO favourite (userid,L_ID)
VALUES ( ".$userid", ".$landmarkid.") ");
print "inserted";
}
}
catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.