i cant find the problem with code for delete query

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
liyun88
Forum Commoner
Posts: 51
Joined: Thu Mar 31, 2011 12:18 pm

i cant find the problem with code for delete query

Post by liyun88 »

hi,i face some delete query problem..i know this is easy tip for you all..but i dont know what wrong with my code that cant delete the comment that i want delete..
i already tries many times by changing the code..still failed to delete them..i need delete the comment which the user want delete his comment related with his comment_id and id..but something very strange that when click the delete button,it will pop out deleted successfully but actually nothing to delete..
thanks in advance..

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comment_id=$_REQUEST['comment_id'];


$query = 'DELETE FROM comment WHERE  comment_id = "$comment_id" AND id = "$id"';
mysql_query( $query);

echo"<script>alert(\"Deleted successfully!\")</script><script>window.location='comment.php?id=$id'</script>";
?>
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: i cant find the problem with code for delete query

Post by Darhazer »

It has to be:

Code: Select all

$query = "DELETE FROM comment WHERE  comment_id = '$comment_id' AND id = '$id'";
When the string is in single quotes, the variables are not replaced with their values but are send as is
liyun88
Forum Commoner
Posts: 51
Joined: Thu Mar 31, 2011 12:18 pm

Re: i cant find the problem with code for delete query

Post by liyun88 »

Darhazer wrote:It has to be:

Code: Select all

$query = "DELETE FROM comment WHERE  comment_id = '$comment_id' AND id = '$id'";
When the string is in single quotes, the variables are not replaced with their values but are send as is
sorry,i already try your way but still failed to delete the comment...what is the problem??actually is simple task..
can you help me to correct them??
thanks for ur great help..

comment_id is the auto increment in that table when the user comment and saved into database,it will auto add the number..the comment_id is also primary key in the table..
but if i try below,it can delete all comment which the user comment by using the id..
i dont want like this,,i want the user delete the comment he clicks by using comment_id and id but not all..

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comment_id=$_REQUEST['comment_id'];


$query = 'DELETE FROM comment WHERE  id = '.$id;
$result =mysql_query( $query);

echo"<script>alert(\"Deleted successfully!\")</script><script>window.location='comment.php?id=$id'</script>";
?>
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: i cant find the problem with code for delete query

Post by Darhazer »

check if you have correct value in $comment_id.
Best output the query on the screen.
liyun88
Forum Commoner
Posts: 51
Joined: Thu Mar 31, 2011 12:18 pm

Re: i cant find the problem with code for delete query

Post by liyun88 »

Darhazer wrote:check if you have correct value in $comment_id.
Best output the query on the screen.
yaya...i already check many time that have correct value in $comment_id...
i change comment_id to comid in the table,still failed to delete..
but when i put the comid on the display of webpage..it can show the comid from the comment table..
i really dont understand what problem is it??i already try many times and wanna give up..because delete query is simple task..
below is the display comment in the webpage

Code: Select all

<?php
session_start();
require_once 'config.php' ;
require_once 'application.php' ;
?>   

       <?php
		  $query = 'SELECT * FROM comment ORDER BY date DESC ';   
    $result = mysql_query($query);  

while($row=mysql_fetch_object($result))
    { 
   
    echo "<div class='commentbox'>";
    echo "Comment: " . $row->comment  . " on " . $row->comid .  "\n";
    echo "</div>"; 
    echo "<div class='commentfooter'>";  
    echo "Posted by: " .$row->username . " on " . $row->date . "\n"; 
	echo "<a href='deleteComment.php' class='delete'>";
	echo "Delete";
	echo "</a>";  
    echo "</div>"; 
} ?>
             
 
  
below is the deleteComment.php

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_SESSION['comid']; 


$query = 'DELETE FROM comment WHERE comid =  "' . mysql_real_escape_string($comid) . '"';
$result =mysql_query( $query);

echo"<script>alert(\"Deleted successfully!\")</script><script>window.location='comment.php?id=$id'</script>";
?>
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: i cant find the problem with code for delete query

Post by Darhazer »

You do not pass the id of the comment to deleteComment.php

Code: Select all

 echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>";

Code: Select all

$comid=$_GET['comid']; 
liyun88
Forum Commoner
Posts: 51
Joined: Thu Mar 31, 2011 12:18 pm

Re: i cant find the problem with code for delete query

Post by liyun88 »

Darhazer wrote:You do not pass the id of the comment to deleteComment.php

Code: Select all

 echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>";

Code: Select all

$comid=$_GET['comid']; 
thanks for your great help...i am very appreaciate your help..
can i ask u something about i not really understand when can i use query like this

Code: Select all

$query = 'DELETE FROM comment WHERE   comid = "$comid" AND id ="$id"';
but i just now try query like this,failed to delete...i refer many tutorial

and you just now also show me like this query...why failed to delete??

Code: Select all

$query = "DELETE FROM comment WHERE  comment_id = '$comment_id' AND id = '$id'";
but i success delete by using your suggestion..

Code: Select all

 echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>";
and

Code: Select all

$query = 'DELETE FROM comment WHERE   comid = '.$comid.' AND id ='.$id;
can you explain to me??because sometimes i am very confuse to use them...
thanks for your great help..
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: i cant find the problem with code for delete query

Post by Darhazer »

It's really about passing data between requests. You have to read more on this.
When you click on a link in a web page, you are making new HTTP request and no data is being passed to the script, except for the explicitly passed data, the content of the cookie and eventually any data saved in the session. Modifying the link to echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>"; you explicitly pass the comment id to the script so it can delete the proper script.

By the way, if you build your application in this way, it is vulnerable to CSRF attacks, but that's another topic.
liyun88
Forum Commoner
Posts: 51
Joined: Thu Mar 31, 2011 12:18 pm

Re: i cant find the problem with code for delete query

Post by liyun88 »

Darhazer wrote:It's really about passing data between requests. You have to read more on this.
When you click on a link in a web page, you are making new HTTP request and no data is being passed to the script, except for the explicitly passed data, the content of the cookie and eventually any data saved in the session. Modifying the link to echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>"; you explicitly pass the comment id to the script so it can delete the proper script.

By the way, if you build your application in this way, it is vulnerable to CSRF attacks, but that's another topic.

thanks thanks for your explaination..i learn some from you..i will continue learn and study php..
thank you very much..i am very appreciate it..
Post Reply