通过 Codeigniter 使用 $_POST 删除数据库记录
我一直都做错了,我曾经从 URI 段中获取值,但没有意识到这不是理想的方式。所以我改变了我的方法,现在一切都通过 $_POST 来完成。我不确定我这样做是否正确,有人可以透露一些信息吗?我的视图包含列出从数据库中提取的项目的表格数据。每个项目都有两个链接:“查看”和“删除”。该代码似乎可以工作,但想知道是否可以编码得更好。我忘记了表单名称不是唯一的,所以当我去删除记录时,它总是会删除最新的记录(设置了最后一个隐藏字段)。
myview.php(片段)
<?php foreach($records as $record): ?>
<form method="POST" name="myform<?php echo $location->id;?>" action="/location/delete">
<a href="/location/view/<?php echo $location->id;?>">View</a> <a href="#" onclick="document.myform<?php echo $location->id;?>.submit();">Delete</a>
<br />
<input type="hidden" name="location_id" value="<?php echo $location->id;?>">
</form>
<?php endforeach ?>
I've been doing it all wrong, I used to take the value from the URI segment and didn't realize it wasn't the ideal way. So I changed my approach and now have everything via a $_POST. I'm not sure if I'm doing this correctly, could someone shed some light? My view contains tabular data listing items pulled from the DB. Each item has two links, "View" and "Delete." The code seems to work but was wondering if it could be coded better. I forgot that the form name wasn't unique, so when I went to go delete a record, it would always delete the newest record (the last hidden field was set).
myview.php (snippet)
<?php foreach($records as $record): ?>
<form method="POST" name="myform<?php echo $location->id;?>" action="/location/delete">
<a href="/location/view/<?php echo $location->id;?>">View</a> <a href="#" onclick="document.myform<?php echo $location->id;?>.submit();">Delete</a>
<br />
<input type="hidden" name="location_id" value="<?php echo $location->id;?>">
</form>
<?php endforeach ?>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
通过 uri id 查看/删除是完全没问题的,我不敢说使用
$_POST
是错误的,但是为每个删除元素创建一个新的唯一表单非常混乱,并且权衡您的内容正在获得(我猜没有暴露的 id?),我相信使用 uri 进行删除功能更“正确”。如果您只希望某些人能够删除某些记录,请在删除函数本身中以编程方式处理该记录,不要依赖于请求仅通过
$_POST
发送的事实。这是不可靠的,任何人都可以生成发布请求。Viewing/Deleting via uri id is perfectly fine, I wouldn't venture to say that using
$_POST
is wrong, but creating a new unique form for every delete element is terribly messy, and weighed against what you are gaining (no exposed id i guess?), I believe it is more 'correct' to use the uri for delete functions.If you only want certain people to be able to delete certain records, handle that programmatically in the delete function itself, don't depend on the fact that the request is only sent via
$_POST
. This is not dependable, anyone can generate a post request.对于后来遇到此问题的任何人,以下是我解决问题的方法。
在我的控制器中,我有一个名为
delete
的方法,用于检查表单字段是否通过$_POST
提交。如果没有变量,请将它们重定向到带有错误消息的位置。如果该字段通过,则进行正常检查以确保可以删除该记录。For anyone who comes across this later, here's how I solved my issue.
In my controller I have a method called
delete
that checks to see if the form field was submitted via a$_POST
. If there's no variable, redirect them somewhere with an error message. If the field was passed, then go through the normal checks to make sure the record can be deleted.您的语法错误在于这一行:
您不能对表单进行循环。相反,请使用以下代码:
Your syntax error is with this line:
You can not do looping for a form. Instead, use the following code: