Page 3 of 3

Re: delete and update of user records

Posted: Fri Jan 28, 2011 3:49 am
by timoteo
how do I get a value in checkbox?

Re: delete and update of user records

Posted: Fri Jan 28, 2011 7:22 am
by timoteo
now I am getting no error with foreach, however I have no value read in checkbox. $_POST['checkbox'] just echos "array" - no value. Therefore there is no value to do delete

Re: delete and update of user records

Posted: Fri Jan 28, 2011 7:31 am
by social_experiment
Is this after you have submitted the form?

Re: delete and update of user records

Posted: Fri Jan 28, 2011 7:35 am
by timoteo
when the page opens with no checkbox values I get the error. When I click a checkbox the page opens again but this time with no error (as it now has a value) but no delete happens.

Re: delete and update of user records

Posted: Fri Jan 28, 2011 7:39 am
by timoteo
the error message I fixed with a simple if else

Code: Select all

 <?php 
if ($_POST['checkbox']) {
foreach ($_POST['checkbox'] as $value) {
$id = $value;
$sql = "DELETE * FROM recommendations WHERE idnum = '". $id ."' ";
$deletesql = mysql_query($sql);
}
}
else
{
}
I'm wondering if the problem is not with my form tabs?

Code: Select all

<form action="myrecommendations.php" method="post" enctype="application/x-www-form-urlencoded" name="myrecommendations" target="_self" id="myrecommendations">

Re: delete and update of user records

Posted: Fri Jan 28, 2011 7:41 am
by social_experiment
Maybe. Remove everything except the action and method attributes and see what happens.

Re: delete and update of user records

Posted: Fri Jan 28, 2011 7:49 am
by timoteo
nothing happens :(

Re: delete and update of user records

Posted: Fri Jan 28, 2011 5:19 pm
by timoteo
can anyone help?
This is what I am echoing out from my delete query.

DELETE * FROM recommendations WHERE idnum = '.43.'

I can't delete anything.I think it is because of the ". ." that it is not recognising the query, How can I strip them (the ..)?

Here is my delete script

Code: Select all

 <?php 
if ($_POST['checkbox']) {
foreach ($_POST['checkbox'] as $value) {
$id = $value;
$sql = "DELETE * FROM recommendations WHERE idnum = '". mysql_real_escape_string($id) ."' ";
echo $sql.'<br>';
$deletesql = mysql_query($sql);
}
}
else
{
}
?>	

Re: delete and update of user records

Posted: Fri Jan 28, 2011 11:57 pm
by social_experiment
Are you storing the value with the two periods i.e .43. in the database?

Re: delete and update of user records

Posted: Sat Jan 29, 2011 4:35 am
by timoteo
no. I have tried to get rid of them on the query but I haven't been able to.

Re: delete and update of user records

Posted: Sat Jan 29, 2011 7:59 am
by Neilos
try,

Code: Select all

$id = $value;
$escaped_id = mysql_real_escape_string($id);
$sql = "DELETE FROM recommendations WHERE idnum = '$escaped_id';";

Re: delete and update of user records

Posted: Sat Jan 29, 2011 8:55 am
by timoteo
It actually worked with this:

Code: Select all

foreach ($_POST['checkbox'] as $value) {
$id = $value;
$sql = "DELETE FROM recommendations WHERE idnum = '$id' ";
Is this good practise? It works anyway, however I hope it does not leave security problems.
The only problem I have now is to get the page to automatically refresh on form submit

Re: delete and update of user records

Posted: Sat Jan 29, 2011 11:54 am
by social_experiment
Any 'input' into the database should be passed through mysql_real_escape_string. You can also check if the value is numeric but since you preset the value it's up to you.

Code: Select all

$sql = "DELETE FROM recommendations WHERE idnum = '". mysql_real_escape_string($id) ."' ";
Glad it's finally working :D

Re: delete and update of user records

Posted: Sat Jan 29, 2011 12:37 pm
by timoteo
thankyou very much for all your help and ideas.
Do you know how I can get the delete input to refresh the page? - metatags? Or would I be better to bounce around 2 pages - send to delete2.php and if they want to delete another entry send back to delete1.php. etc.

Re: delete and update of user records

Posted: Sun Jan 30, 2011 4:06 pm
by timoteo
just so you know how this finished:

Code: Select all

headers("location:URL.php")
did the job. Together with moving the whole block of PHP to the top of the page ... in the headers. I had put this under the html form. A mistake many may be making - the forums are full of this error, none of which seemed to provide a clear answer.

It's all great now