1
首先,我很抱歉發佈如此龐大的代碼塊。這可能與問題甚至不相關,但以防萬一......代碼保留了一個簡單的ToDo列表,我希望將其納入現有的PHP網站,該網站爲每個用戶存儲大量信息。換句話說,我想將它添加到mySQL DB中的用戶行信息中。將表或數組添加到每個用戶的行中
我是PHP的新手,但通過提出想法並弄清楚如何使它們工作,已經走過了很長的路。你能否指出我加入這樣一個功能的方向,即通過將刪除信息行添加到分配給用戶的字段列表中來存儲信息?
另一種說法:我想給我的用戶一種維護自己的待辦事項列表的方法。
<?php
$conn = mysql_connect('server, 'db', 'password') or die(mysql_error());
$db = mysql_select_db('db',$conn) or die(mysql_error());
// if an arrow link was clicked...
if ($_GET['dir'] && $_GET['id']) {
// make GET vars easier to handle
$dir = $_GET['dir'];
// cast as int and couple with switch for sql injection prevention for $id
$id = (int) $_GET['id'];
// decide what row we're swapping based on $dir
switch ($dir) {
// if we're going up, swap is 1 less than id
case 'up':
// make sure that there's a row above to swap
$swap = ($id > 1)? $id-- : 1;
break;
// if we're going down, swap is 1 more than id
case 'down':
// find out what the highest row is
$sql = "SELECT count(*) FROM info";
$result = mysql_query($sql, $conn) or die(mysql_error());
$r = mysql_fetch_row($result);
$max = $r[0];
// make sure that there's a row below to swap with
$swap = ($id < $max)? $id++ : $max;
break;
// default value (sql injection prevention for $dir)
default:
$swap = $id;
} // end switch $dir
// swap the rows. Basic idea is to make $id=$swap and $swap=$id
$sql = "UPDATE info SET usort = CASE usort WHEN $id THEN $swap WHEN $swap THEN $id END WHERE usort IN ($id, $swap)";
$result = mysql_query($sql, $conn) or die(mysql_error());
} // end if GET
// set a result order with a default (sql infection prevention for $sortby)
$sortby = ($_GET['sortby'] == 'name')? $_GET['sortby'] : 'usort';
// pull the info from the table
$sql = "SELECT usort, name FROM info ORDER BY $sortby";
$result = mysql_query($sql, $conn) or die(mysql_error());
// display table
echo "<table border = '1'>";
echo "<tr>";
// make column names links, passing sortby
echo "<td><a href='{$_SERVER['PHP_SELF']}?sortby=usort'>usort</a></td>";
echo "<td><a href='{$_SERVER['PHP_SELF']}?sortby=name'>name</a></td>";
echo "</tr>";
// delete from table
if ($_GET['del'] == 'true') {
// cast id as int for security
$id = (int) $_GET['id'];
// delete row from table
$sql = "DELETE FROM info WHERE usort = '$id'";
$result = mysql_query($sql, $conn) or die(mysql_error());
// select the info, ordering by usort
$sql = "SELECT usort, name FROM info ORDER BY usort";
$result = mysql_query($sql, $conn) or die(mysql_error());
// initialize a counter for rewriting usort
$usort = 1;
// while there is info to be fetched...
while ($r = mysql_fetch_assoc($result)) {
$name = $r['name'];
// update the usort number to the one in the next number
$sql = "UPDATE info SET usort = '$usort' WHERE name = '$name'";
$update = mysql_query($sql, $conn) or die(mysql_error());
// inc to next avail number
$usort++;
} // end while
} // end if del
// display data 1 row at a time
while ($r = mysql_fetch_assoc($result)) {
echo "<tr>";
// make the links to change custom order, passing direction and the custom sort id
echo "<td align = 'center'><a href='{$_SERVER['PHP_SELF']}?dir=up&id={$r['usort']}'>/\</a> ";
echo "<a href='{$_SERVER['PHP_SELF']}?dir=down&id={$r['usort']}'>\/</a></td>";
echo "<td>{$r['name']}</td>";
echo "<td><a href='{$_SERVER['PHP_SELF']}?del=true&id={$r['usort']}'>delete</a></td>";
echo "</tr>";
} // end while $r
echo "</table>";
// end display table
?>
我希望這是不是在你的代碼的實際密碼.... – andrewsi 2013-04-30 19:20:50
公頃!它是 - 呃...它只是一個測試數據庫無論如何,將會被刪除,當我想出如何使這項工作。 – LyleCrumbstorm 2013-04-30 19:22:14
您需要停止在新代碼中使用'mysql_query'。它已被棄用,非常危險,並且在將來的PHP版本中將被刪除。在你做其他事情之前,你應該閱讀[SQL轉義](http://bobby-tables.com/),因爲你在這裏做的是讓你的網站和/或企業完全被破壞的好方法。 **總是** [妥善轉義](http://bobby-tables.com/php)你的SQL值。 – tadman 2013-04-30 19:23:29