MYSQL delete where value = multiple POST values_问答_开发者

MYSQL delete where value = multiple POST values

开发者 https://www.devze.com 2023-01-09 22:24 出处：网络

I\'m trying to put thi开发者_开发问答s, check_box=147&check_box=148&check_box=146 etc..

相关专题：php

check_box=147&check_box=148&check_box=146 etc..

into

$delete_selected = $connection->real_escape_string($_POST['check_box'])

$sql = "DELETE FROM categories WHERE cat_id = '$delete_selected'";

but it only deletes the first check_box value. Is there a way to loop through all the values?

You need to change your post vars to have [], i.e. checkbox[]=. Once that's fixed, on to the backend...

Considering you neeed to escape every value, do something like this:

$clean_values = array();
foreach($_POST['check_box'] as $value){
    $clean_values[] = $connection->real_escape_string($value);
}

$sql = 'DELETE FROM categories WHERE cat_id in ('.implode(',',$clean_values).')';

BONUS PHP5.3 ANSWER:

array_walk($_POST['check_box'],function(&item) use($connection){
    $item = $connection->real_escape_string($item);
});
$sql = 'DELETE FROM categories WHERE cat_id in ('.implode(',',$_POST['check_box']).')';

try

$sql = "DELETE FROM categories WHERE cat_id in '($delete_selected)'";

I may have screwed up the php. the resulting query should liik like

DELETE FROM categories WHERE cat_id in ('cat1', 'cat2', ...)

Self-contained example to play with...

<html>
  <head><title>...</title></head>
  <body>
    <form method="post" action="?">
      <p>
        <!-- php will parse post fields like check_box[]=xyz as an array, appending new elements to $_POST['check_box'] -->
        <input type="checkbox" name="check_box[]" id="c1" value="140" /><label for="c1">140</label><br />
        <input type="checkbox" name="check_box[]" id="c2" value="141" /><label for="c2">141</label><br />
        <input type="checkbox" name="check_box[]" id="c3" value="142" /><label for="c3">142</label><br />
        <input type="checkbox" name="check_box[]" id="c4" value="143" /><label for="c4">143</label><br />
        <input type="checkbox" name="check_box[]" id="c5" value="144" /><label for="c5">144</label><br />
        <input type="submit" />
      </p>
    </form>
<?php
if ( isset($_POST['check_box']) && is_array($_POST['check_box']) ) {
  echo '<pre> _POST='; var_dump($_POST); echo '<pre>';

  // approach #1: treat ids as numbers. Keep the value range of php's integers and MySQL numeric fields in mind
  // make sure the elements really are integers
  $params = array_map('intval', $_POST['check_box']);
  // join the elements to one string like "1,2,3"
  $params = join(', ', $params);
  // use the IN operator in your WHERE-clause
  $sql = "DELETE FROM xyz WHERE cat_id IN ($params)";
  echo 'sql1 = ', $sql, "<br />";
  // mysql_query($sql, $mysql) or die(mysql_error());

  // approach #2: treat ids as strings.
  // you need a database connection for mysql_real_escape_string()
  $mysql = mysql_connect('localhost', 'localonly', 'localonly') or die(mysql_error());
  mysql_select_db('test', $mysql) or die(mysql_error());

  // each element has to be escaped and put into single quotes
  $params = array_map(
    function($e) use ($mysql) {
      return "'".mysql_real_escape_string($e, $mysql)."'";
    },
    $_POST['check_box']
  );
  // again join them, "'1','2','x'"
  $params = join(', ', $params);
  // IN operator in WHERE-clause
  $sql = "DELETE FROM xyz WHERE cat_id IN ($params)";
  echo 'sql2 = ', $sql, "<br />";
  // mysql_query($sql, $mysql) or die(mysql_error());
}
?>
  </body>
</html>