isset function 提交 while 循环内的所有按钮 PHP
[英]isset function submits all buttons inside the while loop PHP
问题描述
im having this problem where the submit button inside the while loop re-execute the while loop.
我遇到这个问题,while 循环内的提交按钮重新执行 while 循环。
PHP: PHP:
$query1 = $con->query("SELECT * FROM room");
if($query1->num_rows > 0) {
while($row1 = $query1->fetch_array()) {
$idroom = $row1['idroom'];
echo "<tr>";
echo "<td> $idroom </td>";
echo "<td> <form method='POST'> <input type='submit' name='delete' value='DELETE'> </form></td>";
echo "</tr>";
if(isset($_POST['delete'])) {
$query2 = $con->query("DELETE FROM room WHERE idroom='$idroom'");
}
}
}
the table: [1]: https://i.stack.imgur.com/dujps.png表格:[1]: https://i.stack.imgur.com/dujps.png
the problem is, when i click the delete button, it just deletes all of the room INSTEAD OF the room that i want to delete.问题是,当我单击删除按钮时,它只会删除所有房间,而不是我要删除的房间。 i believe the program thinks that i presses all of the delete button at once because of the 'isset' function.我相信该程序认为我是因为“isset”function 而一次按下所有删除按钮。
things that ive tried:我尝试过的事情:
- replacing the $query2 line inside isset with
echo $idroom;将 isset 中的 $query2 行替换为echo $idroom;and the output isroom1room2room3.output 是room1room2room3。 which means the program thinks that i presses all of the buttons at once.这意味着程序认为我一次按下了所有按钮。
2 个解决方案
解决方案1
1 已采纳 2020-08-04 10:00:31
There are lots of things wrong with this code, not least that it is incredibly insecure and vulnerable to injection.这段代码有很多问题,尤其是它非常不安全并且容易受到注入攻击。 You should read about prepared statements before you go any further.在您 go 之前,您应该阅读准备好的陈述。 There are no end of tutorials and SO answers for this so I won't cover them here.教程和答案都没有尽头,所以我不会在这里介绍它们。 In the interests of helping out a new programmer (I was new not that long ago) I will point out what I believe is going wrong here:为了帮助新程序员(不久前我还是新程序员),我会指出我认为这里出了什么问题:
-
$query1 = $con->query("SELECT * FROM room");
This is run every time the script runs.每次脚本运行时都会运行。 This is a key thing to realise.这是需要意识到的关键。 If you load the page, or if you submit a post delete this always happens.如果您加载页面,或者如果您提交帖子删除,这总是会发生。 Which leads to:这导致:
-
if($query1->num_rows > 0) { while($row1 = $query1->fetch_array()) {...
You start your loop, looping through every record.您开始循环,遍历every记录。 Notice the every .注意every 。
So for every single record, you then check:因此,对于每条记录,您然后检查:
-
if(isset($_POST['delete'])) {...
This is where your records are removed and what CBroe was pointing towards in his comment.这是您的记录被删除的地方,也是 CBroe 在他的评论中所指的地方。 You believe (I think) that you check for the deletion of this individual record however you only check isset($_POST['delete']) and you do this for EVERY record.你相信(我认为)你检查了这个个人记录的删除但是你只检查isset($_POST['delete'])并且你对EVERY记录都这样做。 Remember, the POST variable exists until the end of the script or until removed.请记住, POST变量一直存在到脚本结束或被删除。 So by clicking delete, and submitting that _POST value you pass this condition for every record in your loop.因此,通过单击删除并提交该_POST值,您可以为循环中的每条记录传递此条件。
- You should digest this for a little while before going further, as it's a common mistake with new programmers.在继续之前,您应该稍微消化一下,因为这是新程序员常犯的错误。 Remember that the computer reads and actions the script in order, remember it also does
EXACTLYwhat you ask it, and nothing more or less.请记住,计算机按顺序读取和执行脚本,记住它也EXACTLY按照您的要求执行,仅此而已。 The classic example is to describe making a cup of coffee.经典的例子是描述制作一杯咖啡。 If i say to you 'put the kettle on, put coffee in the cup, fill up with water, add milk' you will make a coffee, but if you say that to a computer you will end up, at best with a computer wearing a kettle looking for a cup to put coffee in and telling you milk is not a number.如果我对你说“打开水壶,往杯子里放咖啡,加水,加牛奶”,你就会煮咖啡,但如果你对电脑说,你最多只能让电脑戴上一个水壶在寻找一个杯子来装咖啡并告诉你牛奶不是一个数字。
So the solution.于是解决。 Well I'm not going to write it for you, there are different options.好吧,我不会为你写,有不同的选择。 You should be passing some kind of identifier to the the post that is specific to the record you want, and then you need to check that eg isset POST[delete] && isset(POST['room_id']) .您应该将某种标识符传递给特定于您想要的记录的帖子,然后您需要检查例如isset POST[delete] && isset(POST['room_id']) 。 Then you need to decide the best place to be doing it, at the start of the script, in a different script, probably not inside a loop (that's rarely a sign of great programming).然后您需要决定执行此操作的最佳位置,在脚本的开头,在不同的脚本中,可能不在循环内(这很少是优秀编程的标志)。 If you are going to remove a record you should probably be doing it before you create output for it.如果您要删除记录,您应该在为它创建 output 之前执行此操作。 (why collect a record just to then delete it, is that efficient?). (为什么收集一条记录然后删除它,这样效率高吗?)。
If you really must do it inside a loop then you need some kind of check that the id of the room is the same as the id of the post value before you run the delete.如果您真的必须在循环内执行此操作,那么在运行删除之前,您需要某种检查房间的 ID 是否与发布值的 ID 相同。
Hopefully that is helpful, but ensure you look into and start using prepared statements as a matter of urgency - there's really no excuse not to do so in 2020希望这对您有所帮助,但请确保您作为紧急事项研究并开始使用准备好的语句——在 2020 年确实没有理由不这样做
解决方案2
-1 2020-08-04 07:08:55
In your code, you didn't follow the basic structure.在您的代码中,您没有遵循基本结构。 Use JS for the click event of edit/delete and use ajax call for actions to perform.使用JS编辑/删除的点击事件,并使用ajax调用执行操作。
Here is one solution for your code based on your paste, It's not standard code but helps you to solve the issue.这是基于您粘贴的代码的一种解决方案,它不是标准代码,但可以帮助您解决问题。
$query1 = $con->query("SELECT * FROM room");
if($query1->num_rows > 0) {
while($row1 = $query1->fetch_array()) {
$idroom = $row1['idroom'];
$tr = "<tr>";
$tr .= "<td> $idroom </td>";
$tr .= "<td><form method='POST'>";
$tr .= "<input type='hidden' name='room_id' value='".$idroom."'>";
$tr .= "<input type='submit' name='delete' value='DELETE'> </form></td>";
$tr .= "</tr>";
echo $tr;
}
}
if(isset($_POST['delete'])) {
$roomId = $_POST['room_id'];
$query2 = $con->query("DELETE FROM room WHERE idroom='$roomId'");
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.