[英]Delete row from logged in user details using pdo php
我正在嘗試創建一個刪除選項或按鈕,用戶可以在其中輸入ID並刪除他們的約會,但當前如果他們輸入任何ID,它將被刪除,我想限制用戶,以便他們只能刪除他們的約會,並且沒有其他用戶的約會。 任何幫助都會很棒。 這是我目前擁有的:
<?php foreach($rows as $row): ?>
<tr>
<td><?php echo htmlentities($row['id'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($row['date'], ENT_QUOTES, 'UTF-8');
?></td>
<td><?php echo htmlentities($row['month'], ENT_QUOTES, 'UTF-8');
?></td>
<td><?php echo htmlentities($row['hour'], ENT_QUOTES, 'UTF-8');
?></td>
<td><?php echo htmlentities($row['minute'], ENT_QUOTES, 'UTF-8');
?></td>
<td><?php echo htmlentities($row['illness'], ENT_QUOTES, 'UTF-8');
?></td>
<td><a href="delete_memberapp.php?id=<?php echo $row['id']; ?>">
delete </a></td>
</tr>
<?php endforeach; ?>
</table><br />
這是表格
<form action="delete.php" method="post">
Enter Booking reference to delete appointment : <input type="text"
name="id" required><br><br>
<input type="submit" name="delete" value="Delete appointment">
</form>
這是刪除文件:
if(isset($_POST['delete']))
{
try {
$pdoConnect = new PDO("mysql:host=localhost;dbname=doctor","root","");
} catch (PDOException $exc) {
echo $exc->getMessage();
exit();
}
$id = $_POST['id'];
$pdoQuery = "DELETE FROM `booking` WHERE `id` = :id";
$pdoResult = $pdoConnect->prepare($pdoQuery);
$pdoExec = $pdoResult->execute(array(":id"=>$id));
if($pdoExec)
{
echo 'Data Deleted';
}else
{
echo 'ERROR Data Not Deleted';
}
}
表結構:
--
-- Table structure for table `booking`
--
CREATE TABLE IF NOT EXISTS `booking` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(10) NOT NULL,
`phone` varchar(10) NOT NULL,
`date` varchar(4) NOT NULL,
`month` varchar(10) NOT NULL,
`hour` varchar(5) NOT NULL,
`minute` varchar(5) NOT NULL,
`illness` varchar(10) NOT NULL,
`call_patient` varchar(3) NOT NULL,
`username` varchar(20) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=80 ;
這樣,您可以刪除具有任何ID的任何行。 為了確保該用戶只能刪除他的約會,您需要添加到查詢中:
$username = $_SESSION['user']['username'];
$pdoQuery = "DELETE FROM `booking` WHERE `id` = '$id' AND `username`= '$username' ";
我只是假定了vars和表行的名稱,但總的來說需要這樣
編輯:
試試這個吧:
$id = $_POST['id'];
$username = $_SESSION['user']['username'];
$pdoQuery = "DELETE FROM `booking` WHERE `id` = :id AND `username`= :username";
$pdoResult = $pdoConnect->prepare($pdoQuery);
$pdoExec = $pdoResult->execute(array(":id"=>$id,":username"=>$username));
如果您的booking
表中有一個字段user_id
,你應該添加user_id
到where
:
$pdoQuery = "DELETE FROM `booking` WHERE `id` = :id AND user_id = %USERID%";
如果您的booking
表沒有此字段-您必須添加它,則沒有其他選擇。 除非您有其他表格存儲特定用戶的預訂。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.