我试图从有复选框的HTML表单中获取输入。复选框使用数据库中的student_id创建。像这样:
<td><input type="checkbox" name="{$row['STUDENT_ID']}" />
我要做的是遍历Students表并检查所有条目,其中哪个复选框被选中。然后,我想从数据库中删除已用复选框选中的条目。
8 $query = "SELECT STUDENT_ID From Students";
9 $result = mysql_query($query) or die(mysql_error());
10 while($row=mysql_fetch_array($result)){
11 $checkname=$row['STUDENT_ID'];
12 foreach($_POST[$checkname] as $student_id =>val)
13 {
14 if($val == 'YES'
15 {
16 echo $_POST['STUDENT_ID'];
17 $query = "DELETE FROM Students WHERE STUDENT_ID" . mysql_real_escape_string($STUDENT_ID);
18 }
19 echo $query;
20 $result = mysql_query($query) or die(mysql_error());
21 //echo $POST['STUDENT_ID'];
22 }
23 }
创建一个复选框数组:
<input type="checkbox" name="studentID[]" value="{$row['STUDENT_ID']}" />
From PHP:
$studentID = $_POST['studentID'];
foreach($studentID as $ID){
echo $ID.'<br />'."n";
}
编辑:不确定,但我认为这是正确的方法:
$studentID = $_POST['studentID'];
$i=0;
foreach($studentID as $ID){
$i++;
echo $_POST['studentID'][$i].'<br />'."n";
}
在您的表单中试试:
<input type="checkbox" name="STUDENT_ID[<?php echo $row['STUDENT_ID'] ?>]" value="YES" />
和下面的PHP循环:
foreach ($_POST['STUDENT_ID'] as $student_id => $val) {
if ($val == 'YES') {
$query = "DELETE FROM Students WHERE STUDENT_ID=" . mysql_real_escape_string($student_id);
$result = mysql_query($query) or die(mysql_error());
}
}
更好的方法是从提交的复选框中获取Student id,然后对其进行删除。
HTML<input type="checkbox" name="students_to_delete[]" value="{$row['STUDENT_ID']}" />
PHP $students_to_delete = $_POST['students_to_delete'];
if(is_array($students_to_delete) && count($students_to_delete) > 0) {
$query = "DELETE FROM Students WHERE STUDENT_ID IN (" . implode(",", $students_to_delete) . ")";
$result = mysql_query($query) or die(mysql_error());
}
以上代码容易受到SQL注入的攻击。如果有人向服务器发回一个值0 OR STUDENT_ID!=0
,那么Students表中的所有行都将被删除。
你的代码也是低效的——你返回所有的学生,然后遍历每个学生,看看这是否需要删除。
你最好在你的标记中使用:
<input type="checkbox" name="STUDENT_TO_DELETE" value="$row['STUDENT_ID']" />
然后在php中:
foreach ($_POST['STUDENT_TO_DELETE'] as $student_id => $val) {
$sql = "DELETE FROM Students WHERE STUDENT_ID=" . mysql_real_escape_string($student_id);
mysql_query($sql);
}
}