php - 仅删除选项不起作用 PHP CRUD

Question

我一直在研究基本的 PHP CRUD。我正在使用基于 PHP、AJAX、MySQL 的 CRUD。

我有添加/更新/删除/获取结果/搜索等功能。除了 Delete 选项之外，一切工作正常。我已经尝试了很多方法来解决这个问题，但似乎无法找到代码中的确切错误或错误。这是我用于 CRUD 操作的代码。

exam_packages.php

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Add / Update / Delete Exam Packages</title>
<link rel="stylesheet" href="css/bootstrap.min.css" type="text/css" media="all">
<link href="css/jquery.bootgrid.css" rel="stylesheet" />
<script src="js/jquery-1.11.1.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/jquery.bootgrid.min.js"></script>
</head>
<body>
    <div class="container">
      <div class="">
        <h1 style="text-align: center;">Add / Update / Delete Exam Packages</h1>
        <div class="col-sm-12">
        <div class="well clearfix">
            <div class="pull-right"><button type="button" class="btn btn-xs btn-primary" id="command-add" data-row-id="0">
            <span class="glyphicon glyphicon-plus"></span> Add New Exam Package</button></div></div>
        <table id="exam_package_grid" class="table table-condensed table-hover table-striped" width="60%" cellspacing="0" data-toggle="bootgrid">
            <thead>
                <tr>
                    <th data-column-id="pkg_id" data-type="numeric" data-identifier="true">Package ID</th>
                    <th data-column-id="test_quantity">Test Quantity</th>
                    <th data-column-id="price">Price</th>
                    <th data-column-id="commands" data-formatter="commands" data-sortable="false">Commands</th>
                </tr>
            </thead>
        </table>
    </div>
      </div>
    </div>

<div id="add_model" class="modal fade">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
                <h4 class="modal-title">Add New Exam Package</h4>
            </div>
            <div class="modal-body">
                <form method="post" id="frm_add">
                          <input type="hidden" value="add" name="action" id="action">
                  <div class="form-group">
                    <label for="test_quantity" class="control-label">Test Quantity:</label>
                    <input type="text" class="form-control" id="test_quantity" name="test_quantity"/>
                  </div>
                  <div class="form-group">
                    <label for="price" class="control-label">Price:</label>
                    <input type="text" class="form-control" id="price" name="price"/>
                  </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
                <button type="button" id="btn_add" class="btn btn-primary">Save</button>
            </div>
            </form>
        </div>
    </div>
</div>
<div id="edit_model" class="modal fade">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
                <h4 class="modal-title">Edit Exam Package</h4>
            </div>
            <div class="modal-body">
                <form method="post" id="frm_edit">
                          <input type="hidden" value="edit" name="action" id="action">
                          <input type="hidden" value="0" name="edit_pkg_id" id="edit_pkg_id">
                  <div class="form-group">
                    <label for="test_quantity" class="control-label">Test Quantity:</label>
                    <input type="text" class="form-control" id="edit_test_quantity" name="edit_test_quantity"/>
                  </div>
                  <div class="form-group">
                    <label for="price" class="control-label">Price:</label>
                    <input type="text" class="form-control" id="edit_price" name="edit_price"/>
                  </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
                <button type="button" id="btn_edit" class="btn btn-primary">Save</button>
            </div>
            </form>
        </div>
    </div>
</div>
</body>
</html>
<script type="text/javascript">
$( document ).ready(function() {
    var grid = $("#exam_package_grid").bootgrid({
        ajax: true,
        rowSelect: true,
        post: function ()
        {
            /* To accumulate custom parameter with the request object */
            return {
                id: "b0df282a-0d67-40e5-8558-c9e93b7befed"
            };
        },

        url: "exam_package_response.php",
        formatters: {
                "commands": function(column, row)
                {
                    return "<button type=\"button\" class=\"btn btn-xs btn-default command-edit\" data-row-id=\"" + row.pkg_id + "\"><span class=\"glyphicon glyphicon-edit\"></span></button> " + 
                        "<button type=\"button\" class=\"btn btn-xs btn-default command-delete\" data-row-id=\"" + row.pkg_id + "\"><span class=\"glyphicon glyphicon-trash\"></span></button>";
                }
            }
   }).on("loaded.rs.jquery.bootgrid", function()
{
    /* Executes after data is loaded and rendered */
    grid.find(".command-edit").on("click", function(e)
    {
        //alert("You pressed edit on row: " + $(this).data("row-id"));
            var ele =$(this).parent();
            var g_pkg_id = $(this).parent().siblings(':first').html();

        //console.log(grid.data());//
        $('#edit_model').modal('show');
                    if($(this).data("row-id") >0) {

                                // collect the data
                                $('#edit_pkg_id').val(ele.siblings(':first').html()); // in case we're changing the key
                                $('#edit_test_quantity').val(ele.siblings(':nth-of-type(2)').html());
                                $('#edit_price').val(ele.siblings(':nth-of-type(3)').html());
                    } else {
                     alert('No row selected! First select row, then click edit button');
                    }
    }).end().find(".command-delete").on("click", function(e)
    {

        var conf = confirm('Delete No.' + $(this).data("row-id") + ' package?');
        alert(conf);
    if(conf==true){
      // console.log($(this).data("row-id"));
      $.post('exam_package_response.php', { id: $(this).data("row-id"), action:'delete'}, function()
      {
        $("#exam_package_grid").bootgrid('reload');
      }); 
            $(this).parent('tr').remove();
            $("#exam_package_grid").bootgrid('remove', $(this).data("row-id"))
                    }
    });
});

function ajaxAction(action) {
                data = $("#frm_"+action).serializeArray();
                $.ajax({
                  type: "POST",  
                  url: "exam_package_response.php",  
                  data: data,
                  dataType: "json",       
                  success: function(response)  
                  {
                    $('#'+action+'_model').modal('hide');
                    $("#exam_package_grid").bootgrid('reload');
                  }   
                });
            }

            $( "#command-add" ).click(function() {
              $('#add_model').modal('show');
            });
            $( "#btn_add" ).click(function() {
              ajaxAction('add');
            });
            $( "#btn_edit" ).click(function() {
              ajaxAction('edit');
            });
});
</script>

exam_package_resposnse.php

<?php
    //include connection file 
    include_once("db_connection_mysqli.php");

    $db = new dbObj();
    $connString =  $db->getConnstring();

    $params = $_REQUEST;

    // console.log($params);
    // echo '<script>alert("aaaaaaaaaa");</script>';
    $action = isset($params['action']) != '' ? $params['action'] : '';
    $empCls = new ExamPackage($connString);

    switch($action) {
     case 'add':
        $empCls->insertExamPackage($params);
     break;
     case 'edit':
        $empCls->updateExamPackage($params);
     break;
     case 'delete':
        $empCls->deleteExamPackage($params);
     break;
     default:
     $empCls->getExamPackages($params);
     return;
    }

    class ExamPackage {
    protected $conn;
    protected $data = array();
    function __construct($connString) {
        $this->conn = $connString;
    }

    public function getExamPackages($params) {

        $this->data = $this->getRecords($params);

        echo json_encode($this->data);
    }

    function insertExamPackage($params) {
        $data = array();;
        $sql = "INSERT INTO `tblExamPackages` (test_quantity, price) VALUES('" . $params["test_quantity"] . "', '" . $params["price"] . "');  ";

        echo $result = mysqli_query($this->conn, $sql) or die("error to insert package data");

    }

    function getRecords($params) {
        $rp = isset($params['rowCount']) ? $params['rowCount'] : 10;

        if (isset($params['current'])) { $page  = $params['current']; } else { $page=1; };  
        $start_from = ($page-1) * $rp;

        $sql = $sqlRec = $sqlTot = $where = '';

        if( !empty($params['searchPhrase']) ) {   
            $where .=" WHERE ";
            $where .=" (test_quantity LIKE '%".$params['searchPhrase']."%' ";
            $where .=" OR price = '".$params['searchPhrase']."' )";
       }
       if( !empty($params['sort']) ) {  
            $where .=" ORDER By ".key($params['sort']) .' '.current($params['sort'])." ";
        }
       // getting total number records without any search
        $sql = "SELECT * FROM `tblExamPackages` ";
        $sqlTot .= $sql;
        $sqlRec .= $sql;

        //concatenate search sql if value exist
        if(isset($where) && $where != '') {
            $sqlTot .= $where;
            $sqlRec .= $where;
        }
        if ($rp!=-1)
        $sqlRec .= " LIMIT ". $start_from .",".$rp;


        $qtot = mysqli_query($this->conn, $sqlTot) or die("error to fetch tot package  data");
        $queryRecords = mysqli_query($this->conn, $sqlRec) or die("error to fetch package data");

        while( $row = mysqli_fetch_assoc($queryRecords) ) { 
            $data[] = $row;
        }

        $json_data = array(
            "current"            => intval($params['current']), 
            "rowCount"            => 10,            
            "total"    => intval($qtot->num_rows),
            "rows"            => $data   // total data array
            );

        return $json_data;
    }

    function updateExamPackage($params) {
        $data = array();
        //print_R($_POST);die;
        $sql = "Update `tblExamPackages` set test_quantity = '" . $params["edit_test_quantity"] . "', price='" . $params["edit_price"]."' WHERE pkg_id='".$_POST["edit_pkg_id"]."'";

        echo $result = mysqli_query($this->conn, $sql) or die("error to update package data");
    }

    function deleteExamPackage($params) {
        $data = array();
        echo "<script>
        var conf = confirm('Delete No.' + $(this).data('row-id') + ' package?');
        alert(conf);</script>";

        $sql = "delete from `tblExamPackages` WHERE pkg_id'" . $_REQUEST["edit_pkg_id"] . "'";

        echo $result = mysqli_query($this->conn, $sql) or die("error to delete package data");
    }
}
?>

如果我在这里遗漏了什么，请告诉我。除了删除

之外，一切正常

Answer 1

简短回答:

您的删除查询有语法错误。评论中暗示了这一点......

您还通过尝试在 php 类中使用 JavaScript 来混合服务器端和客户端。这是一个重大错误，需要回顾一下基础知识。

长答案:

我认为您正在尝试转向 OOP 编程，并且您正在做一些正确的事情；值得注意的是，将数据库连接注入(inject)到您的 CRUD 对象中。

但是有些事情可以做得更好。这里有一些想法——

1. Use PDO而不是 mysqli，并且使用准备好的语句。这很可能会消除查询中的语法错误。
2. 始终从 Ajax 请求返回 json 编码数据。我个人总是让 php 脚本响应类似 return json_encode( ['message'=>$message, 'data'=>$data] ); 的内容。 。然后，浏览器中的 JavaScript 就可以决定向用户传达什么内容。
3. 方法应该只做一件事。如果方法变得大于屏幕上适合的大小，您可能需要重构。例如，getRecords()检查页码、创建查询、获取总数并获取所有记录。这可能应该分解为单独的方法，或者更好的是，创建一个可以注入(inject)到查询创建方法中的分页对象。

顺便说一句，为了说明准备好的陈述有多么重要:如果有人去hxxp://yourdomain/exam_package_response.php?action=delete&edit_pkg_id=1+or+1%3D1怎么办？ ？

答案:您刚刚丢失了此表中的所有数据。准备好的语句将防止这种情况发生。