Trying to delete multiple rows using check-boxes. At first i'm generating table of contents with checkbox column. Then posting data to php side. The problem is, php side returning back to the current page. It means that all done successfully and page returned user back. But no success. There is no error in php logs, and MySQL problem. I tried print_r ($_POST['checkbox']); die(); after $delete=$_POST['delete'];. It gave me result something like that Array ( [0] => on [1] => on ) what's wrong with my code?
My HTML markup looks like that
<?php
$result = $db->query("SELECT id, name, showinmenu FROM menu") ;
$num=$result->num_rows;
if ($num>0) {
?>
<form method="post" action="processor/dbdel.php">
<div style="overflow-y: auto; overflow-x: hidden; height:500px">
<table id="list" class="features-table">
<thead>
<tr>
<th>#</th>
<th style="min-width:80px;" class="name">Ad (menyuda işlənən)</th>
<th>Sil</th>
</tr>
</thead>
<tbody>
<?
while ($row = $result->fetch_object()) {
echo '<tr>
<td>'.$row->id.'</td>
<td><a href="'.$wsurl.'admin/?page=edit&id='.$row->id.'">'.$row->name.'</a></td>
<td><input type="checkbox" name="checkbox[]" method="post" value"'.$row->id.'" id="checkbox[]" "/></td>
</tr>';
}
// when the loop is complete, close off the list.
echo "</tbody> <tr id='noresults'>
<td style='text-align:center' colspan='9'>Nəticə yoxdur</td>
</tr></table>
</div>
<p style='text-align:center;'>
<input id='delete' type='submit' name='delete' value='Seçilənləri sil'/> </p>
</form&g开发者_运维知识库t;";
}
?>
And here is my PHP code
<?php
require '../../core/includes/common.php';
$delete=$_POST['delete'];
if($delete) // from button name="delete"
{
if (is_array($_POST['checkbox']))
foreach($_POST['checkbox'] as $del_id) {
$del_id = (int)$del_id;
$result=$db->query ("DELETE FROM menu WHERE id = '$del_id'") or die($db->error);
$result2=$db->query ("DELETE FROM pages WHERE id = '$del_id'") or die($db->error);
}
if($result2)
{
header("location:".$wsurl."admin/?page=db");
}
else
{
echo "Error: ".$db->error;
}
}
?>
Your code is an absolute disaster.
1) Using echo with repeated string concatenation to output html. Look up HEREDOCs, double-quoted strings, or simply breaking out of PHP-mode (?>) to output html.
2) Checking for POST by looking for form fields. If you want to make sure you're in a POST situation, then do if ($_SERVER['REQUEST_METHOD'] === 'POST') { ... } instead. This is 100% reliable, and does not depend on the presence (or absence) of particular form fields. If the data was submitted via post, this statement will evaluate to true, ALWAYS.
3) You are blindly embedding user-provided data into SQL query strings. Read up about SQL injection attacks, then consider what happens if someone hacks your form and submits a checkbox value of ' or 1' - say goodbye to the contents of your checkbox table.
4) You appear to have a stray " in your checkbox output line:
[...snip...] method="post" value"'.$row->id.'" id="checkbox[]" "/></td>
^--here
which is almost certainly "breaking" your form and causing subsequent tag attributes to be misinterpreted.
5) on the plus side, I'll have to give you this much - you are at least checking for query errors on your two delete queries, which is always nice to see. However, that's a minor plus in a huge field of negatives.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论