Page 1 of 1

problem with if and else function

Posted: Mon Apr 11, 2011 11:31 am
by liyun88
hi,i dont know how to put condition in if and else function..
actually i want the user delete their comment they dont want by their own id..if success delete,it will pop out deleted successfully..
now my problem is when the user try to delete the comment which are not their own,then it will pop out sorry,..... message..
but it still pop out deleted successfully..actually it not delete the comment..only the id and comid match just can delete..
i think the condition is ok ,but dont know why it failed to function..
can anyone help me to correct my error??thanks in advance..

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid']; 

if ($id = $_SESSION['id'])
{
$query = 'DELETE FROM comment WHERE comid = '.$comid.' AND id ='.$id;
$result =mysql_query( $query);
echo"<script>alert(\"Deleted Successfully!\")</script><script>window.location='comment.php'</script>";
}
else {
echo"<script>alert(\"Sorry, You are not allowed to delete other users'comment!!\")</script><script>window.location='comment.php?id=$id'</script>";
}

?>

Re: problem with if and else function

Posted: Mon Apr 11, 2011 11:43 am
by mikecampbell
There is a problem on this line:

Code: Select all

if ($id = $_SESSION['id'])
A single equal sign is the assignment operator. If you want to test for equality, use two equal signs.

Code: Select all

if ($id == $_SESSION['id'])

Re: problem with if and else function

Posted: Mon Apr 11, 2011 12:05 pm
by liyun88
mikecampbell wrote:There is a problem on this line:

Code: Select all

if ($id = $_SESSION['id'])
A single equal sign is the assignment operator. If you want to test for equality, use two equal signs.

Code: Select all

if ($id == $_SESSION['id'])
i just try your suggestion..still same problem like before..it wil pop out deleted successfully alhough it cant deleted..
any suggestion??thanks in advance..

Re: problem with if and else function

Posted: Mon Apr 11, 2011 2:36 pm
by oscardog
Try this:

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid'];

if ($id == $_SESSION['id'])
{
$query = "DELETE FROM comment WHERE comid = '.$comid.' AND id = '.$id.'";
$result =mysql_query($query);
echo "<script>alert(\"Deleted Successfully!\")</script><script>window.location='comment.php'</script>";
}
else {
echo "<script>alert(\"Sorry, You are not allowed to delete other users'comment!!\")</script><script>window.location='comment.php?id=$id'</script>";
}
You need to wrap any variables you're using in a query with single quotes :)

Re: problem with if and else function

Posted: Tue Apr 12, 2011 4:42 am
by liyun88
oscardog wrote:Try this:

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid'];

if ($id == $_SESSION['id'])
{
$query = "DELETE FROM comment WHERE comid = '.$comid.' AND id = '.$id.'";
$result =mysql_query($query);
echo "<script>alert(\"Deleted Successfully!\")</script><script>window.location='comment.php'</script>";

i just try your code..now the user have correct id also cannot delete the comment and the user have not correct id also cant delete the comment..
but it will pop out the delete successfully message...still the same problem...
why like that??
}
else {
echo "<script>alert(\"Sorry, You are not allowed to delete other users'comment!!\")</script><script>window.location='comment.php?id=$id'</script>";
}
You need to wrap any variables you're using in a query with single quotes :)

Re: problem with if and else function

Posted: Tue Apr 12, 2011 7:04 pm
by danwguy
You are getting teh deleted sucessfull message because as long as $id == $_SESSION['id'] it will give the success message you need to do something liek this...

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid'];

if ($id == $_SESSION['id'])
{
$query = "DELETE FROM comment WHERE comid = '.$comid.' AND id = '.$id.'";
$result =mysql_query($query);
if($result) {
echo "<script>alert(\"Deleted Successfully!\")</script><script>window.location='comment.php'</script>";
}

}
else {
echo "<script>alert(\"Sorry, You are not allowed to delete other users'comment!!\")</script><script>window.location='comment.php?id=$id'</script>";
}
 
I would do this though...

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid'];

$query = mysql_query("DELETE FROM comment WHERE comid='$comid' AND id='$id'");
if(!$query) {
echo "<script> alert('Sorry, you are not allowed to delete other users comments!!'); </script><script> window.location='comment.php?id=$id'</script>";
exit();
} else {
echo "<script> alert('Deleted successfully!'); </script> <script> window.location='comment.php'</script>";
}

 
The line "if ($id == $_SESSION['id'])" is not needed because you are saying $id = $_SESSION['id']; earlier so that statement will always evaluate to true and is a waste of space. The above code will only echo the success alert if the delete went through, else it will give the sorry alert. Notice in the second script I wrote I got rid of the . infornt of and behind your variables in the mysql statement. You do not need them and if you use them you will not get the right result because it will say DELETE FROM comment WHERE comid=.12. which you don't want so get rid of the . infront and behind. try out my second code and you should be good to go.

Re: problem with if and else function

Posted: Tue Apr 12, 2011 9:04 pm
by liyun88
danwguy wrote:You are getting teh deleted sucessfull message because as long as $id == $_SESSION['id'] it will give the success message you need to do something liek this...

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid'];

if ($id == $_SESSION['id'])
{
$query = "DELETE FROM comment WHERE comid = '.$comid.' AND id = '.$id.'";
$result =mysql_query($query);
if($result) {
echo "<script>alert(\"Deleted Successfully!\")</script><script>window.location='comment.php'</script>";
}
else {
echo "<script>alert(\"Sorry, You are not allowed to delete other users'comment!!\")</script><script>window.location='comment.php?id=$id'</script>";
}
 
I would do this though...

Code: Select all

<?php
session_start();
require_once 'config.php';

$id=$_SESSION['id'];

$comid=$_REQUEST['comid'];

$query = mysql_query("DELETE FROM comment WHERE comid='$comid' AND id='$id'");
if(!$query) {
echo "<script> alert('Sorry, you are not allowed to delete other users comments!!'); </script><script> window.location='comment.php?id=$id'</script>";
exit();
} else {
echo "<script> alert('Deleted successfully!'); </script> <script> window.location='comment.php'</script>";
}

 
The line "if ($id == $_SESSION['id'])" is not needed because you are saying $id = $_SESSION['id']; earlier so that statement will always evaluate to true and is a waste of space. The above code will only echo the success alert if the delete went through, else it will give the sorry alert. Notice in the second script I wrote I got rid of the . infornt of and behind your variables in the mysql statement. You do not need them and if you use them you will not get the right result because it will say DELETE FROM comment WHERE comid=.12. which you don't want so get rid of the . infront and behind. try out my second code and you should be good to go.

hi,i already try your given code..but still the same problem..both code also still the same problem..when i use your second code,it will pop out deleted successfully message for both user and not the user..but even the user also cannot delete their own comment..when i change the delete query

Code: Select all

$query = "DELETE FROM comment WHERE comid = '.$comid.' AND id = '.$id.'";
to
$query = 'DELETE FROM comment WHERE comid = '.$comid.' AND id ='.$id;
}
thanks for your help..i am very appreciate it...i dont know what wrong twith my code??