您好我正在尝试使用 where 子句从 MYSQL 数据库中的表中删除记录。这是我到目前为止所拥有的,但它不起作用,我不知道该怎么做。有没有办法使这项工作?我已经包含了我的删除方法和 php 文件代码。我的网址 - deleteCompletedGoal=("http://10.0.2.2/deleteCompletedGoalAddress.php?user_goal_id="+completed_goalID);我的代码 - private void deleteNonActiveGoal(){ try { URL url = new URL(deleteCompletedGoal); HttpURLConnection http = (HttpURLConnection) url.openConnection(); http.setRequestMethod("POST"); http.setRequestProperty("X-HTTP-Method-Override", "DELETE"); http.setDoInput(true); http.setDoOutput(true); OutputStream ops = http.getOutputStream(); BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(ops, "UTF-8")); String data = URLEncoder.encode("user_goal_id", "UTF-8") + "=" + URLEncoder.encode(completed_goalID, "UTF-8") + "&&"; writer.write(data); writer.flush(); writer.close(); ops.close(); InputStream ips = http.getInputStream(); BufferedReader reader = new BufferedReader(new InputStreamReader(ips, "ISO-8859-1")); String line; while ((line = reader.readLine()) != null) { result += line; } reader.close(); ips.close(); http.disconnect(); } catch (MalformedURLException e) { result = e.getMessage(); } catch (IOException e) { result = e.getMessage(); } }PHP 文件:<?phprequire "connection.php";$completed_goalID=$_POST["user_goal_id"];$mysql_qry = "DELETE from user_goals WHERE user_goal_id ='$completed_goalID'";if($conn->query($mysql_qry) === TRUE) {echo "delete successful";}else{echo "delete failed";}$conn->close();?>
2 回答

阿波罗的战车
TA贡献1862条经验 获得超6个赞
由于您在查询字符串中发送变量,因此您将使用 GET 而不是 POST。改变:
$completed_goalID=$_POST["user_goal_id"];
至
$completed_goalID=$_GET["user_goal_id"];
警告
Little Bobby说您的脚本面临 SQL 注入攻击的风险。了解MySQLi的预处理语句。即使转义字符串也不安全!

慕森王
TA贡献1777条经验 获得超3个赞
使用 $_GET 获取来自 url 的变量,例如:
$completed_goalID=$_GET["user_goal_id"];
更改查询以防止 sql 攻击(参考),例如:
<?php
require "connection.php";
$completed_goalID=$_POST["user_goal_id"];
$mysql_qry = $conn->prepare("DELETE from user_goals WHERE user_goal_id=?");
$mysql_qry->bind_param('i',$completed_goalID);
if($mysql_qry->execute() === TRUE){
echo "delete successful";
}
else{
echo "delete failed";
}
$mysql_qry->close();
$conn->close();
?>
- 2 回答
- 0 关注
- 91 浏览
添加回答
举报
0/150
提交
取消