How to delete a post in php by clicking delete

With the popularity of the Internet, website construction has increasingly become a common network activity. In websites, the construction of forums is particularly popular. Many people will post their opinions on certain things in the forum, or ask some questions, waiting for responses from netizens. But many people may not have been exposed to backend management and don't know how to implement some functions in the website through code. This article will briefly introduce a common need: how to delete a post in the forum by clicking the delete button.

Here we assume that you already have a certain PHP foundation and can carry out website development. In order for you to better understand and use the code, this article will be divided into two parts. The first part will briefly lead you to understand the code required to implement the function, including front-end code and back-end code; the second part will explain the implementation principle of this part of the code in detail, hoping to allow you to better grasp the knowledge.

1. Code implementation

1. Front-end code

In the front-end code, we need to provide a delete button for each user of the post. Generally speaking, the delete button is often designed in the upper right corner of the post. The specific implementation is as follows:

<a>删除</a>

In this code, we add a href attribute to the delete button, which points to a file named delete_post.php backend file. We also pass in a post_id parameter in the value of the href attribute, which represents the number of the post to be deleted.

The above code should be nested within the HTML code of the post. When users browse posts, they can see this button to delete posts.

2. Backend code

In the backend code, we need to use the delete_post.php file to determine whether the user has permission to delete the post. If he has permission, delete the post. The post is deleted from the database. The specific implementation is as follows:

// 1.检查用户是否已经登录
session_start();
if (!isset($_SESSION["user_id"])) {
  echo "对不起，您还没有登录！";
  exit;
}

// 2.检查帖子是否存在
if (!isset($_GET["post_id"])) {
  echo "对不起，您访问的帖子不存在！";
  exit;
}

// 3.获取帖子编号
$post_id = $_GET["post_id"];

// 4.连接到数据库
$pdo = new PDO("mysql:host=localhost;dbname=my_db", "my_username", "my_password");

// 5.检查该用户是否能删除该帖子
$stmt = $pdo->prepare("SELECT user_id FROM posts WHERE post_id = ?");
$stmt->execute(array($post_id));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (count($rows) !== 1 || $rows[0]["user_id"] !== $_SESSION["user_id"]) {
  echo "对不起，您没有权限删除该帖子！";
  exit;
}

// 6.删除帖子
$stmt = $pdo->prepare("DELETE FROM posts WHERE post_id = ?");
$stmt->execute(array($post_id));

echo "帖子删除成功！";

In the above code, we sequentially checked whether the user has logged in, whether the post exists, and obtained the number of the post. We then connected to the database, checked if the user had permission to delete the post, and ultimately deleted the post. If any errors occur during the process, we will output error messages on the web page. If all goes well, we will output a message that the post was deleted successfully.

2. Implementation Principle

1. Front-end code implementation principle

The core of front-end code implementation lies in the <a></a> tag in HTML. The jump effect can be achieved by setting the href attribute for this tag. By passing parameters for this attribute, you can pass these parameters to the target page while jumping to the target page. In this way, in the PHP script of the target page, these parameters can be obtained through the $_GET variable. The delete_post.php file in the above code is actually the page used to process the delete button of this post. When the user clicks this button in the foreground, the browser will jump to the delete_post.php file and pass the post number to this file.

It should be noted that if the user is not logged in, the user should be prompted to log in in the foreground code instead of letting the user jump to background processing. In the code implementation of this article, we use session to determine whether the user is logged in. If $_SESSION["user_id"] does not exist, it can be considered that the user is not logged in. At this time, a message prompting the user to log in should be output instead of jumping to the background page.

2. Principle of backend code implementation

The core of backend code implementation is the PDO class library in PHP. By using this class library, we can easily connect to MySQL database and execute SQL statements in a safe manner.

In the background code, we need to do the following things:

1) Check whether the user is logged in. In this article, we use session to store the user's login status. If $_SESSION["user_id"] does not exist, it can be considered that the user is not logged in, and a message prompting the user to log in should be output.

2) Check if the post exists. Before getting the number of each post, we need to first determine whether the post really exists. If it does not exist, a message indicating that the post does not exist should be output.

3) Get the post number. After we have confirmed that the post exists, we can get the post number through the $_GET variable.

4) Connect to the database. The PDO class library in PHP provides many methods to connect to the MySQL database. All we have to do is use this class library to create a connection object and call the relevant methods to execute the SQL statements we need.

5) Check whether the user can delete the post. Here, we need to query the posts table in the database and check whether the post exists and whether the user has permission to delete the post. Finally, we use the prepare function to execute the prepared statement and the execute function to execute the SQL statement.

6) Delete the post. If the user has permission to delete posts, we can use the DELETE statement to delete the post from the database.

It should be noted that we must consider SQL injection vulnerabilities when executing SQL statements in PHP. In the implementation code introduced in this article, the PDO class library has enabled prepared statements by default, and parameter binding is also used to avoid injection vulnerabilities.

3. Summary

I hope that through studying this article, you can already understand how to delete a post in the forum by clicking the delete button. It is worth mentioning that we only provide a simple implementation method in this article and do not provide a detailed explanation of all implementation details. If you want to truly master this knowledge point, you need to have a deeper understanding of PHP and MySQL. We recommend that you refer to some tutorials dedicated to PHP and MySQL to better master this knowledge point.

The above is the detailed content of How to delete a post in php by clicking delete. For more information, please follow other related articles on the PHP Chinese website!