我是 ZF2 的新手,我正在尝试将数据删除到数据库中,但数据无法删除,错误 无法执行语句(42S22 - 1054 - ‘字段列表’中的未知列’’ )
我的看法
<?php foreach ($this->list as $data): ?>
<tr>
<td>
<?php echo $data->id ?>
</td>
<a href="<?php echo $this->url('mif',array('action'=>'delete', 'id' => $data->id));?>">Delete</a>
我的 Controller
public function deleteAction()
{
$request = $this->getRequest();
$post = (int) $this->params()->fromRoute('id', null);
$storage = MiffModel\Storage::factory($this->getDb(), $this->getConfig());
$user = new MiffModel($storage);
$del = $user->del($post);
if($del){
$success = true;
$msg = 'Data sudah dihapus.';
}else{
$success = false;
$msg = 'gagal.';
}
$view = new ViewModel();
$view->setTemplate('mif/index');
我的模型
public function del($post){
$delete = "DELETE from test where id = $post";
$db = $this->_db;
$result = $this->_db->query($delete, $db::QUERY_MODE_EXECUTE);
return $result;
}
}
最佳答案
由于接受的答案是安全漏洞,我建议:
此解决方案基于使用 PDO。
public function del($post){
$stmt = $this->_db->prepare('DELETE from test where id = :id');
// Check if there is a post exists, if not throw exception
if(empty($post)) {
throw new \Exception('wrong or empty data provided');
}
$stmt->bindParam(':id', $post);
return $stmt->execute();
}
-
From this link
-
Quote The parameters to prepared statements don't need to be quoted; the driver automatically handles this. If an application exclusively uses prepared statements, the developer can be sure that no SQL injection will occur (however, if other portions of the query are being built up with unescaped input, SQL injection is still possible).
关于php - 无法执行语句(42S22 - 1054 - '' 中的未知列 'field list')zf2,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45427634/