Page 1 of 1

Deleting a post

Posted: Thu Mar 26, 2015 11:09 am
by chino
Hello guys, I'm creating a blog where editors can delete a post. I've created my delete.php file but get a blank screen when I try to delete a post. Any idea why this is happening? Thanks in advance.

Code: Select all


if(isset($_GET['pid']) ) 
    
    {
    
        $id = $_GET['pid'];
        $sql = "DELETE FROM post WHERE is $_GET[id]";
        $result = mysql_query($sql) or die ("Failed".mysql_error());
                                                              
    
    }


This is my blog code

Code: Select all


<!DOCTYPE html>
<html>
<head>
  <title>Page Title</title>
  <link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>

<h1>The last 5 added posts</h1>
<a href='member.php'>Return to profile</a><br>
<ul>
<?php

if (!$link = mysql_connect('igor.gold.ac.uk', 'ma301sl', 'fitnesspal1')) {
    echo 'Could not connect to mysql';
    exit;
}

if (!mysql_select_db('ma301sl_blog', $link)) {
    echo 'Could not select database';
    exit;
}

$sql    = 'SELECT * FROM post ORDER BY id DESC LIMIT 10';
$result = mysql_query($sql, $link);

if (!$result) {
    echo "DB Error, could not query the database\n";
    echo 'MySQL Error: ' . mysql_error();
    exit;
}

while ($row = mysql_fetch_assoc($result)) {

     $id=$row['id'];
     $title=$row['title'];
     $creator=$row['creator'];
     $body=$row['body'];
     $date=$row['date'];
    
    $menu = "<li><a href=?pid=$id>$title</a></li>";
    
    echo $menu;
}

mysql_free_result($result);

?>

<?php

if (!$link = mysql_connect('igor.gold.ac.uk', 'ma301sl', 'fitnesspal1')) {
    echo 'Could not connect to mysql';
    exit;
}

if (!mysql_select_db('ma301sl_blog', $link)) {
    echo 'Could not select database';
    exit;
}

$pid = $_GET['pid'];
$sql    = "SELECT * FROM post WHERE id=$pid" ;
$result = mysql_query($sql, $link);

if (!$result) {
    echo "DB Error, could not query the database\n";
    echo 'MySQL Error: ' . mysql_error();
    exit;
}

while ($row = mysql_fetch_assoc($result)) {

     $id=$row['id'];
     $title=$row['title'];
     $creator=$row['creator'];
     $body=$row['body'];
     $date=$row['date'];
    
    $post = "<h1>$title</h1><p>$creator</p><p>$body</p><p>Posted on : $date</p>";
    
    echo $post;
    
    
    echo "<a href=\"edit.php?id=" . $id=$row['id'] . "\">Edit</a>";
    echo "<span> </span>";
    echo "<a href=\"delete.php?id=" . $id=$row['id'] . "\">Delete</a>";
    
    
}
mysql_free_result($result);
?>


<ul/>
</td>
</body>
</html>


Re: Deleting a post

Posted: Thu Mar 26, 2015 12:13 pm
by Christopher
Always filter/validate external input:

Code: Select all

if(isset($_GET['pid']) ) {
        $id = (int)$_GET['pid'];
        if ($id > 0) {
                $sql = "DELETE FROM post WHERE id='$id'";
                $result = mysql_query($sql) or die ("Failed".mysql_error());
        }                                                          
}
Please use the mysqli or PDO extensions. The mysql extension is deprecated.

Re: Deleting a post

Posted: Thu Mar 26, 2015 1:07 pm
by chino
Thanks but I still get a blank screen when the link is pressed. I get no error so I don't know what I've done wrong.

This is the link I have used for the delete.php

Code: Select all


 echo "<a href='delete.php?pid='>Delete</a>";


Re: Deleting a post

Posted: Thu Mar 26, 2015 2:54 pm
by chino
is working thank you!