大家好,我对PHP开发很陌生。
我正在编写一个 smiple 脚本来从 url 获取和发送电子邮件,循环浏览数据库表中的某些行,并在找到该行时将其删除。
除了删除该行之外,我得到了所有内容。我真的很感激有人告诉我我的错误,以帮助我理解。我认为错误在于 WHERE 条件。
我收到的错误消息是:错误:无法从 alaofolasade@yahoo.com==alaofolasade@yahoo.com wp_email_address_db执行删除。
<?php
$path = $_SERVER['DOCUMENT_ROOT'];
include_once $path . '/wp-load.php';
global $wpdb;
//sanatise and lowercase email addy from URL
$emailToRemove = filter_var ( strtolower($_GET["usermail"]), FILTER_SANITIZE_EMAIL);
//get DB table
$data = $wpdb->get_results("SELECT * FROM wp_email_address_db`");
foreach ($data as $d) {
//sanatise and lowercase email addy from DB
$email = filter_var ( strtolower($d->email_address), FILTER_SANITIZE_EMAIL);
//check if the email addy is in this row
if($email == $emailToRemove){
//get info
echo 'true <br/>';
echo 'id: '.$d->id.'<br/>';
//I need to delete this row
$sql = "DELETE FROM wp_email_address_db WHERE $email = $emailToRemove";
if(mysqli_query($link, $sql)){
echo "Records were deleted successfully.";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
}
}
// $columnTitles = ['id','email_address','imported_via'];
?>
您在email中有一个拼写错误,并且 where 子句中的值应该在单引号内:
将其更改为:
$sql = "DELETE FROM wp_email_address_db WHERE email = '$emailToRemove'";
您的查询应该是这样的:
$sql ="从电子邮件='$emailToRemove'wp_email_address_db中删除";
最好
使用引号(单引号',双引号"(也用反引号定义列。
查询:
$sql = "DELETE FROM wp_email_address_db WHERE `email` = '".$emailToRemove."'";
您的主要错误是$email哪个应该是此处带有反引号的列名WHERE $email = $emailToRemove
不应该是这样的查询
DELETE FROM wp_email_address_db WHERE email_field_name = '$emailToRemove'
而不是
DELETE FROM wp_email_address_db WHERE $email = $emailToRemove
在您的查询中,您将$email的值作为字段名称传递,我假设字段alaofolasade@yahoo.com不存在
尝试替换
$sql = "DELETE FROM wp_email_address_db WHERE $email = $emailToRemove";
跟
$sql = "DELETE FROM wp_email_address_db WHERE '$email' = '$emailToRemove'";
我删除了foreach,您不需要从数据库中检索所有邮件。此外,我使用准备好的语句来避免SQL注入
这种对数据库执行删除查询的脚本必须受到所有用户的保护。只允许管理员使用此脚本
<?php
$path = $_SERVER['DOCUMENT_ROOT'];
include_once $path . '/wp-load.php';
// WARNING: You should check the identity of the user performing this action, MySql DELETE action is dangerous
global $wpdb;
//sanatise and lowercase email addy from URL
$emailToRemove = filter_var ( strtolower($_GET["usermail"]), FILTER_SANITIZE_EMAIL);
$sqlDeleteQuery = '
DELETE
FROM wp_email_address_db
WHERE email = ?
';
$statement = mysqli_prepare($link, $sqlDeleteQuery);
// Bind the email to your query (the ? ), this avoid the SQL injection attack
$statement->bind_param('s', $emailToRemove);
if (false !== mysqli_stmt_execute($statement)) {
die('The MySql query failed ! Error : ' . mysqli_error($link));
}
$emailsDeleted = mysqli_stmt_affected_rows($statement);
echo sprintf('"%d" emails deleted', $emailsDeleted);
我无法尝试上面的代码,所以如果有什么问题,请告诉我:)
通过以下方式解决:
<?php
require_once($_SERVER["DOCUMENT_ROOT"]."/wp-load.php");
if (isset($_GET["usermail"])) {
global $wpdb;
$remove = filter_var(strtolower($_GET["usermail"]), FILTER_SANITIZE_EMAIL);
$wpdb->query("DELETE FROM wp_email_address_db WHERE email_address='$remove'");
echo "You have successfully been unsubscribed.";
}
?>