<?php include "conn.php"; $name = $_GET['name']; echo $name; $strQuery = "DELETE FROM stu WHERE stu.user='{$name}'"; $stmt= $conn->query($strQuery); if ($stmt > 0){ echo ("<script>alert('删除成功')</script>"); echo ("<script>window.location.href='zhuYe.php'</script>"); }else { echo ("<script>alert('删除失败')</script>"); echo ("<script>window.location.href='zhuYe.php'</script>"); } $conn->close();
时间: 2024-03-07 20:52:10 浏览: 37
这是一段PHP代码,看起来是从数据库中删除一个名为$name的学生记录。代码中使用了GET请求获取$name,并将其用于SQL查询中的WHERE语句中。如果该操作成功,则会在页面中弹出一个提示框,提示删除成功,并跳转到主页。否则,会提示删除失败,并跳转到主页。值得注意的是,该代码中存在SQL注入的风险,建议使用预处理语句来避免。
相关问题
<?php $code=0; $data=[]; $msg=["注册成功","注册失败"]; include('conn.php'); include('function.php'); $userName = $_GET["userName"]; $userPwd = $_GET["userPwd"]; if($userName==""||$userPwd==""){ die(0); } $sql = "select * from users where user_name = ?"; $rs=mysqli_query($conn,$sql); $num = mysqli_num_rows($rs); if($num>0){ echo "用户名已存在"; } else{ $sql1 = "insert into users (user_name,user_pwd) values(?,?)"; $rs1=mysqli_query($conn,$sql1); if($rs){ $code = 1; } } echo getApiResult($code,$data,$msg); ?>该段代码是否有问题
这段代码存在一些问题,具体如下:
1. `$rs=mysqli_query($conn,$sql);` 这一行代码执行的时候并没有将 `$userName` 绑定到 SQL 语句中,应该使用预处理语句。应该将此行代码修改为 `$stmt = mysqli_prepare($conn, $sql)`,然后使用 `mysqli_stmt_bind_param` 绑定参数。
2. `$rs=mysqli_query($conn,$sql);` 返回的是执行结果,而不是查询结果。应该使用 `$rs = mysqli_stmt_execute($stmt)` 执行预处理语句,然后使用 `mysqli_stmt_store_result` 存储结果集。
3. `if($rs){ $code = 1; }` 这一行代码中的 `$rs` 应该修改为 `$rs1`,因为 `$rs` 是查询结果,而 `$rs1` 是插入操作的结果。同时,因为 `$rs1` 返回的是布尔值,应该修改为 `if($rs1){ $code = 1; }`。
以下是修改后的代码:
```php
<?php
$code = 0;
$data = [];
$msg = ["注册成功", "注册失败"];
include('conn.php');
include('function.php');
$userName = $_GET["userName"];
$userPwd = $_GET["userPwd"];
if ($userName == "" || $userPwd == "") {
die(0);
}
$sql = "SELECT * FROM users WHERE user_name = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $userName);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$num = mysqli_stmt_num_rows($stmt);
if ($num > 0) {
echo "用户名已存在";
} else {
$sql1 = "INSERT INTO users (user_name,user_pwd) VALUES (?,?)";
$stmt1 = mysqli_prepare($conn, $sql1);
mysqli_stmt_bind_param($stmt1, "ss", $userName, $userPwd);
$rs1 = mysqli_stmt_execute($stmt1);
if ($rs1) {
$code = 1;
}
}
echo getApiResult($code, $data, $msg);
?>
```
请注意,上述代码仅仅是一个简单的示例,如果需要用于实际项目中,还需要进行更多的安全和错误处理。
<?php $a=_____; $b=_____; $sql="insert into sj(姓名,班级名称) values('".$a."','".$b. ____; $result=____($conn,$sql); if(){ echo "学生添加出错"; }else{ echo "<br>学生{____}信息添加成功"; } ?>
<?php $a=$_POST['name']; $b=$_POST['class']; $sql="insert into sj(姓名,班级名称) values('".$a."','".$b."')"; $result=mysqli_query($conn,$sql); if(!$result){ echo "学生添加出错"; }else{ echo "<br>学生".$a."信息添加成功"; } ?>
这是一个PHP代码片段,用于将用户输入的姓名和班级名称插入到数据库表中。其中,$a和$b分别为接收到的姓名和班级名称,$sql为插入语句,将$a和$b插入到sj表中的姓名和班级名称字段中。$result为执行插入语句的结果,如果有错误则输出“学生添加出错”,否则输出“学生XXX信息添加成功”,其中XXX为插入的姓名。注:需要在代码中连接数据库$conn。
相关推荐
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![ppt](https://img-home.csdnimg.cn/images/20210720083527.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
检查这段代码的错误并修改实现与bookshelf.php的跳转<?php //连接数据库 $servername = "127.0.0.12"; $username = "roots"; $password = "1234root"; $dbname = "zkw"; $conn = mysqli_connect($servername, $username, $password, $dbname); if (!$conn) { die("连接失败: " . mysqli_connect_error()); } //查询图书分类 $sql = "SELECT * FROM categories"; $result = mysqli_query($conn, $sql); mysqli_close($conn); //跳转到bookshelf.php页面 header("Location: bookshelf.php"); ?> <!DOCTYPE html> <html> <head> <title>图书分类</title> </head> <body> 图书分类 <?php while ($row = mysqli_fetch_assoc($result)) { ?> "><?php echo $row["name"]; ?> <?php } ?> </body> </html>
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
检查这段代码的错误并修改实现与book.php的跳转<?php header("Location: book.php"); //连接数据库 $servername = "127.0.0.12"; $username = "roots"; $password = "1234root"; $dbname = "zkw"; $conn = mysqli_connect($servername, $username, $password, $dbname); if (!$conn) { die("连接失败: " . mysqli_connect_error()); } //查询图书 $id = $_GET["id"]; $sql = "SELECT * FROM books WHERE id=$id"; $result = mysqli_query($conn, $sql); $row = mysqli_fetch_assoc($result); //检查用户是否登录 session_start(); if (!isset($_SESSION["username"])) { $bookshelf_text = "登录后可以添加到书架"; } else { $username = $_SESSION["username"]; $sql = "SELECT * FROM bookshelf WHERE username='$username' AND book_id=$id"; $result = mysqli_query($conn, $sql); if (mysqli_num_rows($result) > 0) { $bookshelf_text = "从书架中移除"; } else { $bookshelf_text = "添加到书架"; } } mysqli_close($conn); ?> <!DOCTYPE html> <html> <head> <title><?php echo $row["name"]; ?></title> </head> <body> <?php echo $row["name"]; ?> <?php echo $row["description"]; ?> <?php echo $bookshelf_text; ?> </body> </html>
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
<?php // 连接数据库 $conn = new mysqli("localhost", "root", "123456", "wyya"); // 检查连接是否成功 if ($conn->connect_error) { die("连接失败: " . $conn->connect_error); } // 查询五个歌单的表 $tables = array(); $result = mysqli_query($conn, "SHOW TABLES LIKE '%_list'"); if ($result->num_rows > 0) { while ($row = mysqli_fetch_array($result)) { $tables[] = $row[0]; } } // 获取选中的歌单表 $tableName = isset($_GET["table"]) ? $_GET["table"] : ""; $data = array(); if (!empty($tableName)) { $result = mysqli_query($conn, "SELECT * FROM $tableName"); if ($result->num_rows > 0) { while ($row = $result->fetch_assoc()) { $data[] = $row; } } } ?> <!DOCTYPE html> <html> <head> <title>网易云音乐歌单</title> <style> table { border-collapse: collapse; width: 100%; } th, td { text-align: left; padding: 8px; } tr:nth-child(even) { background-color: #f2f2f2; } th { background-color: #4CAF50; color: white; } .dropdown { position: relative; display: inline-block; } .dropdown-content { display: none; position: absolute; z-index: 1; } .dropdown:hover .dropdown-content { display: block; } </style> </head> <body> 网易云音乐歌单 分类 <?php foreach ($tables as $table) { ?> <?php echo str_replace("_list", "", $table); ?> <?php } ?> <?php if (!empty($tableName)) { ?> <?php $columns = mysqli_query($conn, "SHOW COLUMNS FROM $tableName"); if ($columns->num_rows > 0) { while ($column = mysqli_fetch_array($columns)) { ?> <?php echo $column["Field"]; ?> <?php } } ?> <?php foreach ($data as $row) { ?> <?php foreach ($row as $value) { ?> <?php echo $value; ?> <?php } ?> <?php } ?> <?php } ?> </body> </html> <?php // 关闭连接 $conn->close(); ?>修改代码,将one修改成华语,two修改成欧美,three修改成日语,four修改成韩语,five修改成粤语
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
<?php // 连接数据库 $conn = new mysqli("localhost", "root", "123456", "wyya"); // 检查连接是否成功 if ($conn->connect_error) { die("连接失败: " . $conn->connect_error); } // 查询五个歌单的表 $tables = array(); $result = mysqli_query($conn, "SHOW TABLES LIKE '%_list'"); if ($result->num_rows > 0) { while ($row = mysqli_fetch_array($result)) { $tables[] = $row[0]; } } // 获取选中的歌单表 $tableName = isset($_GET["table"]) ? $_GET["table"] : ""; $data = array(); if (!empty($tableName)) { $result = mysqli_query($conn, "SELECT * FROM $tableName"); if ($result->num_rows > 0) { while ($row = $result->fetch_assoc()) { $data[] = $row; } } } ?> <!DOCTYPE html> <html> <head> <title>网易云音乐歌单</title> <style> table { border-collapse: collapse; width: 100%; } th, td { text-align: left; padding: 8px; } tr:nth-child(even) { background-color: #f2f2f2; } th { background-color: #4CAF50; color: white; } </style> </head> <body> 网易云音乐歌单 华语 欧美 日语 韩语 粤语 <?php if (!empty($tableName)) { ?> <?php $columns = mysqli_query($conn, "SHOW COLUMNS FROM $tableName"); if ($columns->num_rows > 0) { while ($column = mysqli_fetch_array($columns)) { ?> <?php echo $column["Field"]; ?> <?php } } ?> <?php foreach ($data as $row) { ?> <?php foreach ($row as $value) { ?> <?php echo $value; ?> <?php } ?> <?php } ?> <?php } ?> </body> </html> <?php // 关闭连接 $conn->close(); ?>修改代码,将华语,欧美,日语,韩语,粤语放入一个命名为分类的菜单中,实现点击菜单后点击华语,欧美,日语,韩语,粤语再跳转
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)
<?php // 连接数据库 $conn = new mysqli("localhost", "root", "123456", "wyya"); // 检查连接是否成功 if ($conn->connect_error) { die("连接失败: " . $conn->connect_error); } // 查询数据 $tables = array("one_list", "two_list", "three_list", "four_list", "five_list"); $data = array(); foreach ($tables as $table) { $sql = "SELECT * FROM " . $table; $result = mysqli_query($conn, $sql); if ($result->num_rows > 0) { while ($row = $result->fetch_assoc()) { $row['语种'] = substr($table, 0, -5); // 获取语种名称 $data[] = $row; } } } // 渲染 HTML 模板 ?> <!DOCTYPE html> <html> <head> <title>网易云音乐歌单</title> <style> table { border-collapse: collapse; width: 100%; } th, td { text-align: left; padding: 8px; } tr:nth-child(even) { background-color: #f2f2f2; } th { background-color: #4CAF50; color: white; } .language-button { background-color: #f2f2f2; padding: 8px 16px; border: none; cursor: pointer; display: inline-block; margin-right: 10px; } .chinese { color: #e60000; } .english { color: #0066cc; } .japanese { color: #ff9900; } .korean { color: #3385ff; } .cantonese { color: #009933; } </style> </head> <body> 网易云音乐歌单 <form method="get" action=""> <input type="hidden" name="table" value="<?php echo $tables[0]; ?>"> <button type="submit" class="language-button chinese">华语</button> </form> <form method="get" action=""> <input type="hidden" name="table" value="<?php echo $tables[1]; ?>"> <button type="submit" class="language-button english">英语</button> </form> <form method="get" action=""> <input type="hidden" name="table" value="<?php echo $tables[2]; ?>"> <button type="submit" class="language-button japanese">日语</button> </form> <form method="get" action=""> <input type="hidden" name="table" value="<?php echo $tables[3]; ?>"> <button type="submit" class="language-button korean">韩语</button> </form> <form method="get" action=""> <input type="hidden" name="table" value="<?php echo $tables[4]; ?>"> <button type="submit" class="language-button cantonese">粤语</button> </form> <?php if (!empty($data)) { ?> 歌单名 歌单地址 歌曲量 播放量 收藏量 评论量 分享量 创建者 创建时间 <?php foreach ($data as $row) { ?> <?php echo $row['歌单名']; ?> <?php echo $row['歌单地址']; ?> <?php echo $row['歌曲量']; ?> <?php echo $row['播放量']; ?> <?php echo $row['收藏量']; ?> <?php echo $row['评论量']; ?> <?php echo $row['分享量']; ?> <?php echo $row['创建者']; ?> <?php echo $row['创建时间']; ?> <?php } ?> <?php } else { ?> 暂无数据 <?php } ?> </body> </html> <?php // 关闭连接 $conn->close()0>修改代码,通过点击按钮展示出对应的单个歌单
![](https://csdnimg.cn/download_wenku/file_type_ask_c1.png)