Page 1 of 1
i cant find the problem with code for delete query
Posted: Sun Apr 10, 2011 12:24 pm
by liyun88
hi,i face some delete query problem..i know this is easy tip for you all..but i dont know what wrong with my code that cant delete the comment that i want delete..
i already tries many times by changing the code..still failed to delete them..i need delete the comment which the user want delete his comment related with his comment_id and id..but something very strange that when click the delete button,it will pop out deleted successfully but actually nothing to delete..
thanks in advance..
Code: Select all
<?php
session_start();
require_once 'config.php';
$id=$_SESSION['id'];
$comment_id=$_REQUEST['comment_id'];
$query = 'DELETE FROM comment WHERE comment_id = "$comment_id" AND id = "$id"';
mysql_query( $query);
echo"<script>alert(\"Deleted successfully!\")</script><script>window.location='comment.php?id=$id'</script>";
?>
Re: i cant find the problem with code for delete query
Posted: Sun Apr 10, 2011 12:57 pm
by Darhazer
It has to be:
Code: Select all
$query = "DELETE FROM comment WHERE comment_id = '$comment_id' AND id = '$id'";
When the string is in single quotes, the variables are not replaced with their values but are send as is
Re: i cant find the problem with code for delete query
Posted: Sun Apr 10, 2011 7:44 pm
by liyun88
Darhazer wrote:It has to be:
Code: Select all
$query = "DELETE FROM comment WHERE comment_id = '$comment_id' AND id = '$id'";
When the string is in single quotes, the variables are not replaced with their values but are send as is
sorry,i already try your way but still failed to delete the comment...what is the problem??actually is simple task..
can you help me to correct them??
thanks for ur great help..
comment_id is the auto increment in that table when the user comment and saved into database,it will auto add the number..the comment_id is also primary key in the table..
but if i try below,it can delete all comment which the user comment by using the id..
i dont want like this,,i want the user delete the comment he clicks by using comment_id and id but not all..
Code: Select all
<?php
session_start();
require_once 'config.php';
$id=$_SESSION['id'];
$comment_id=$_REQUEST['comment_id'];
$query = 'DELETE FROM comment WHERE id = '.$id;
$result =mysql_query( $query);
echo"<script>alert(\"Deleted successfully!\")</script><script>window.location='comment.php?id=$id'</script>";
?>
Re: i cant find the problem with code for delete query
Posted: Mon Apr 11, 2011 3:35 am
by Darhazer
check if you have correct value in $comment_id.
Best output the query on the screen.
Re: i cant find the problem with code for delete query
Posted: Mon Apr 11, 2011 5:26 am
by liyun88
Darhazer wrote:check if you have correct value in $comment_id.
Best output the query on the screen.
yaya...i already check many time that have correct value in $comment_id...
i change comment_id to comid in the table,still failed to delete..
but when i put the comid on the display of webpage..it can show the comid from the comment table..
i really dont understand what problem is it??i already try many times and wanna give up..because delete query is simple task..
below is the display comment in the webpage
Code: Select all
<?php
session_start();
require_once 'config.php' ;
require_once 'application.php' ;
?>
<?php
$query = 'SELECT * FROM comment ORDER BY date DESC ';
$result = mysql_query($query);
while($row=mysql_fetch_object($result))
{
echo "<div class='commentbox'>";
echo "Comment: " . $row->comment . " on " . $row->comid . "\n";
echo "</div>";
echo "<div class='commentfooter'>";
echo "Posted by: " .$row->username . " on " . $row->date . "\n";
echo "<a href='deleteComment.php' class='delete'>";
echo "Delete";
echo "</a>";
echo "</div>";
} ?>
below is the deleteComment.php
Code: Select all
<?php
session_start();
require_once 'config.php';
$id=$_SESSION['id'];
$comid=$_SESSION['comid'];
$query = 'DELETE FROM comment WHERE comid = "' . mysql_real_escape_string($comid) . '"';
$result =mysql_query( $query);
echo"<script>alert(\"Deleted successfully!\")</script><script>window.location='comment.php?id=$id'</script>";
?>
Re: i cant find the problem with code for delete query
Posted: Mon Apr 11, 2011 6:39 am
by Darhazer
You do not pass the id of the comment to deleteComment.php
Code: Select all
echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>";
Re: i cant find the problem with code for delete query
Posted: Mon Apr 11, 2011 8:32 am
by liyun88
Darhazer wrote:You do not pass the id of the comment to deleteComment.php
Code: Select all
echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>";
thanks for your great help...i am very appreaciate your help..
can i ask u something about i not really understand when can i use query like this
Code: Select all
$query = 'DELETE FROM comment WHERE comid = "$comid" AND id ="$id"';
but i just now try query like this,failed to delete...i refer many tutorial
and you just now also show me like this query...why failed to delete??
Code: Select all
$query = "DELETE FROM comment WHERE comment_id = '$comment_id' AND id = '$id'";
but i success delete by using your suggestion..
Code: Select all
echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>";
and
Code: Select all
$query = 'DELETE FROM comment WHERE comid = '.$comid.' AND id ='.$id;
can you explain to me??because sometimes i am very confuse to use them...
thanks for your great help..
Re: i cant find the problem with code for delete query
Posted: Tue Apr 12, 2011 2:42 am
by Darhazer
It's really about passing data between requests. You have to read more on this.
When you click on a link in a web page, you are making new HTTP request and no data is being passed to the script, except for the explicitly passed data, the content of the cookie and eventually any data saved in the session. Modifying the link to echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>"; you explicitly pass the comment id to the script so it can delete the proper script.
By the way, if you build your application in this way, it is vulnerable to CSRF attacks, but that's another topic.
Re: i cant find the problem with code for delete query
Posted: Tue Apr 12, 2011 11:52 am
by liyun88
Darhazer wrote:It's really about passing data between requests. You have to read more on this.
When you click on a link in a web page, you are making new HTTP request and no data is being passed to the script, except for the explicitly passed data, the content of the cookie and eventually any data saved in the session. Modifying the link to echo "<a href='deleteComment.php?id=".$row->comid."' class='delete'>"; you explicitly pass the comment id to the script so it can delete the proper script.
By the way, if you build your application in this way, it is vulnerable to CSRF attacks, but that's another topic.
thanks thanks for your explaination..i learn some from you..i will continue learn and study php..
thank you very much..i am very appreciate it..