向通过 php/html 脚本生成的按钮添加功能
Posted
技术标签:
【中文标题】向通过 php/html 脚本生成的按钮添加功能【英文标题】:Adding functionality to buttons generated via a php/html script 【发布时间】:2019-02-27 06:44:44 【问题描述】:我对 php/html/CSS 编程非常陌生,在下面附上的代码中,我尝试为网站创建管理面板的基本功能。
我想要做的是打印出包含所有行和列的表格,并添加一个带有控件的附加列,允许我从数据库中删除所述行。最终,我希望能够更改每个用户的名称、密码和管理员权限。
此外,我真的不知道如何让每个按钮保存一个将其连接到相应行的值。
也许由于我是一个非常缺乏经验的程序员,我的所有尝试要么失败,要么删除了最后一行(也许是$email 变量名下的最后一个值)。一位朋友建议使用 javascript 或迁移到不同的平台(Angular JS 是他的建议)以实现我的目标,但现在我真的很想用 PHP 保持简单(如果这真的是这个词的话)和 CSS。
这是管理面板的外观图片:
这是我的表格生成器(或尽我所能获得):
<?php
include "connection.php";
$sql = "SELECT * FROM users;";
$result = $conn->query($sql);
if ($result->num_rows > 0)
echo "<table class='sqltable'>
<tr class='sqltable'>
<th class='sqltable'>ID</th>
<th class='sqltable'>EMAIL</th>
<th class='sqltable'>NAME</th>
<th class='sqltable'>IS ADMIN</th>
<th class='sqltable'>PASSWORD</th>
<th class='sqltable'>CONTROLS</th>
</tr>";
// output data of each row
while($row = $result->fetch_assoc())
echo "<tr class='sqltable'>
<td class='sqlcell'>".$row["ID"]."</td>
<td class='sqlcell'>".$row["EMAIL"]."</td>
<td class='sqlcell'>".$row["FIRST_NAME"]." ".$row["MID_NAME"]." ".$row["LAST_NAME"]."</td>
<td class='sqlcell'>".$row["IS_ADMIN"]."</td>
<td class='sqlcell'>".$row["PASSWORD"]."</td>
<td class='sqlcell'>
<center>
<div style='border: 1px solid lightgray;' method='POST'>
<input type='hidden' name='ID' value='".$row['ID']." '/>
<input type='button' name='delete' value='DEL ".$row['ID']." '/>
</div>
</center>
</td>
</tr>";
echo "</table>";
else
echo "DATABASE IS EMPTY!";
$conn->close();
if (isset($_POST['delete']))
//if a delete request received
$id = $_POST['id']; //primary key of this row
/////// Connectivity /////////
$servername = "127.0.0.1";
$username = "root";
$password = "";
$db = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $db);
//check connection
if ($conn)
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
//compose sql statement
$stmt = mysqli_prepare($conn, "DELETE FROM users WHERE ID=?");
mysqli_stmt_bind_param($stmt,'i',$id); //now add the $id to the statement 'i' stands for integer
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
mysqli_close($conn); //connection closed
?>
这就是我开始做的事情,我已经很确定我走错了路。
function delete()
$del = "DELETE FROM '".$table."' WHERE EMAIL='".$email."';";
$conn->query($del);
【问题讨论】:
【参考方案1】:现在,当我实现您在问题中发布的代码时,我已经更改了几处以使其正常工作,所有小问题,我将在 cmets 详细说明中将它们发布在这里。
<?php
if (isset($_POST['delete'])) //first: test if any delete request, delete and then render the table
//if a delete request received
$id = $_POST['id']; //primary key of this row, where 'id' index must be case-sensitively equal to the hidden input name 'id'
/////// Connectivity /////////
$servername = "localhost";
$username = "root";
$password = "root";
$db = "user_delete";
// Create connection (procedural style)
$conn = mysqli_connect($servername, $username, $password, $db);
//check connection
if (!$conn) //if NOT connected
printf("Connect failed: %s\n", mysqli_connect_error()); //print error
exit(); //exit the program 'in this case you wouldn't see the table either'
//compose sql statement
$stmt = mysqli_prepare($conn, "DELETE FROM users WHERE ID=?"); //notice that sql statements are NOT case sensitive
mysqli_stmt_bind_param($stmt,'i',$id); //now add the $id to the statement 'i' stands for integer
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
mysqli_close($conn); //connection closed, row deleted
include "connection.php";
$sql = "SELECT * FROM users;";
$result = $conn->query($sql);
if ($result->num_rows > 0)
echo "<table class='sqltable'>
<tr class='sqltable'>
<th class='sqltable'>ID</th>
<th class='sqltable'>EMAIL</th>
<th class='sqltable'>NAME</th>
<th class='sqltable'>IS ADMIN</th>
<th class='sqltable'>PASSWORD</th>
<th class='sqltable'>CONTROLS</th>
</tr>";
// output data of each row
while($row = $result->fetch_assoc())
echo "<tr class='sqltable'>";
echo "<td class='sqlcell'>".$row["id"]."</td>"; //php is case-sensitive so you should use $row['ID'] according to your scheme
echo "<td class='sqlcell'>".$row["email"]."</td>";//php is case-sensitive so you should use $row['EMAIL'] according to your scheme
echo "<td class='sqlcell'>".$row["name"]."</td>";//for simplicity, I made one field, change it according to your scheme
echo "<td class='sqlcell'>".$row["is_Admin"]."</td>";//php is case-sensitive so you should use $row['IS_ADMIN'] according to your scheme
echo "<td class='sqlcell'>".$row["password"]."</td>";//same as above
echo "<td class='sqlcell'>
<center>
<div style='border: 1px solid lightgray;'>";
echo "<form method='POST'>"; //must be added in a form with method=post
echo "<input type='hidden' name='id' value='".$row['id']." '/>"; //differntiate between input name `id` and mysql field name you have `ID`, input field name is the index you will fetch in line 4: $_POST['id']
echo "<input type='submit' name='delete' value='DEL ".$row['id']." '/>"; //type: submit, not button
echo "</form>
</div>
</center>
</td>
</tr>";
echo "</table>";
else
echo "DATABASE IS EMPTY!";
//all done
$conn->close();
?>
更新:现在这是相同的代码,都是 OOP 风格和重用连接:
<?php
include "connection.php";
if (isset($_POST['delete'])) //first: test if any delete request, delete and then render the table
//if a delete request received
$id = $_POST['id']; //primary key of this row, where 'id' index must be case-sensitivly equal to the hidden input name 'id'
//check connection
if (mysqli_connect_errno()) //if connection error existed
printf("Connect failed: %s\n", mysqli_connect_error()); //print error
exit(); //exit the program 'in this case you wouldn't see the table either'
//compose sql statement
$stmt = $conn->prepare("DELETE FROM users WHERE ID=?"); //notice that sql statements are NOT case sensitive
$stmt->bind_param('i',$id); //now add the $id to the statement 'i' stands for integer
$stmt->execute();
$stmt->close();
$sql = "SELECT * FROM users;";
$result = $conn->query($sql);
if ($result->num_rows > 0)
echo "<table class='sqltable'>
<tr class='sqltable'>
<th class='sqltable'>ID</th>
<th class='sqltable'>EMAIL</th>
<th class='sqltable'>NAME</th>
<th class='sqltable'>IS ADMIN</th>
<th class='sqltable'>PASSWORD</th>
<th class='sqltable'>CONTROLS</th>
</tr>";
// output data of each row
while($row = $result->fetch_assoc())
echo "<tr class='sqltable'>";
echo "<td class='sqlcell'>".$row["id"]."</td>"; //php is case-sensitive so you should use $row['ID'] according to your scheme
echo "<td class='sqlcell'>".$row["email"]."</td>";//php is case-sensitive so you should use $row['EMAIL'] according to your scheme
echo "<td class='sqlcell'>".$row["name"]."</td>";//for simplicity, I made one field, change it according to your scheme
echo "<td class='sqlcell'>".$row["is_Admin"]."</td>";//php is case-sensitive so you should use $row['IS_ADMIN'] according to your scheme
echo "<td class='sqlcell'>".$row["password"]."</td>";//same as above
echo "<td class='sqlcell'>
<center>
<div style='border: 1px solid lightgray;'>";
echo "<form method='POST'>"; //must be added in a form with method=post
echo "<input type='hidden' name='id' value='".$row['id']." '/>"; //differntiate between input name `id` and mysql field name you have `ID`, input field name is the index you will fetch in line 4: $_POST['id']
echo "<input type='submit' name='delete' value='DEL ".$row['id']." '/>"; //type: submit, not button
echo "</form>
</div>
</center>
</td>
</tr>";
echo "</table>";
else
echo "DATABASE IS EMPTY!";
//all done
$conn->close();
?>
提示:在现实世界中,切勿将密码存储为纯文本,搜索和阅读更多about hashing
【讨论】:
【参考方案2】:嗯,首先,php 脚本是服务器端脚本,这意味着您的按钮不会触发删除功能,而是会向存在删除操作的服务器发送请求。
怎么做?只需在要显示删除按钮的表格单元格内呈现一个表单(即 html 元素),然后将方法定义为 post(阅读有关 http 请求方法的更多信息),您可以包含 id 值(或该表的主键等等)。
<form method="post">
<input type='submit' name='delete' />
<input type='hidden' name="id" value="$row['id']" />
</form>
所以这个表单告诉浏览器:每当用户点击“删除”按钮时,提交这个包含一个隐藏输入的表单,其中包含要删除的元素的 id。
现在我们转到服务器端,在文件的开头:
<?php
if (isset($_POST['delete'])) //if a delete request received
$id = $_POST['id']; //primary key of this row
//establish connection to mysql
$mysqli = new mysqli('localhost', 'my_user', 'my_password', 'world');
//check connection
if (mysqli_connect_errno())
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
//compose sql statement
$stmt = $mysqli->prepare("DELETE FROM users WHERE ID=?");
$stmt->bind_param('i',$id); //now add the $id to the statement 'i' stands for integer
$stmt->execute();
$stmt->close();
$mysqli->close() //connection closed
?>
上面的代码是用 OOP 写的,或者你可以用 Procedural 风格写它..
<?php
if (isset($_POST['delete'])) //if a delete request received
$id = $_POST['id']; //primary key of this row
//establish connection to mysql
$mysqli = mysqli_connect('localhost', 'my_user', 'my_password', 'world');
//check connection
if (!$mysqli)
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
//compose sql statement
$stmt = mysqli_prepare($mysqli, "DELETE FROM users WHERE ID=?");
mysqli_stmt_bind_param($stmt,'i',$id); //now add the $id to the statement 'i' stands for integer
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
mysqli_close($mysqli) //connection closed
?>
-
more about binding parameters
HTTP methods
【讨论】:
对不起,这行有一个错误:$stmt->bind_param('i',$id);,'i' 参数代表整数。这是$id 数据类型。如果您要比较字符串,请改用 's'。
等一下,我应该将$stmt = $mysqli_prepare("DELETE FROM users WHERE EMAIL=?;"); 编辑为$stmt = $mysqli->prepare("DELETE FROM users WHERE EMAIL='".$id."';");?正确的? :紧张:
如果$mysqli->prepare返回false,则表示准备此SQL语句时出错。打印 $mysqli->error 以检查此错误。
顺便说一句:我已经更新了帖子,使用mysqli_prepare,而不是$mysqli_prepare。
显然mysqli_prepare() expects exactly 2 parameters, 1 given in,我应该添加什么其他参数? $stmt?以上是关于向通过 php/html 脚本生成的按钮添加功能的主要内容,如果未能解决你的问题,请参考以下文章