Page 1 of 1

deleting recordset from database via an admin page

Posted: Mon Apr 24, 2006 5:10 am
by Richking
Hi there
I've got a form for someone to add news items to a page which is fine. On an admin page I'm displaying the news items and want to put a delete button by each so they can be deleted when redundant.
I've tried doing this by identifying the id in the table and then deleting it but I'm going round in circles...
Any suggestions?
Thanks in advance

Posted: Mon Apr 24, 2006 5:22 am
by JayBird
What have you tried up to now. show you code

Posted: Mon Apr 24, 2006 5:39 am
by Richking
What I have is a repeated region to show the results. Where I'm confused is where to tag the $query, which would be

Code: Select all

$query = "DELETE FROM news WHERE .....";
What would be ideal is to have a setion at the end where the user can enter in a form field the id number of the row that they want to delete, but I'm stuck on how to phrase that within the query above.

Posted: Mon Apr 24, 2006 7:13 am
by Richking
to just expand that

Code: Select all

<form name="form1" id="form1" method="post" action="">
        <input name="idnumber" type="password" id="idnumber" />
        <input name="Delete Item" type="submit" id="Delete Item2" value="Delete Item" />
  </form>

Code: Select all

<?php> mysql_select_db($database_Royalbluecms, $Royalbluecms);
	  $query = "DELETE FROM news SET id WHERE id="idnumber"";
	  $result = "mysql_query($query) or die ("Couldn't execute query");
	 
	  <?>
is returning this error

Parse error: syntax error, unexpected T_STRING in C:\apachefriends\xampp\xampp\htdocs\Royalbluecms\admin.php on line 209

Posted: Mon Apr 24, 2006 7:35 am
by JayBird
Should be pretty obvious with syntax highlighting.

Code: Select all

$query = "DELETE FROM news SET id WHERE id=".$idnumber;
$result = mysql_query($query) or die ("Couldn't execute query");

Posted: Mon Apr 24, 2006 8:09 am
by Richking
it's coming back "couldn't execute query"....

Posted: Mon Apr 24, 2006 8:13 am
by JayBird
your query is wrong

should be something like

Code: Select all

$query = "DELETE FROM news WHERE id=".$idnumber;
you may wanna change the execution line to this for a more informative error message

Code: Select all

$result = mysql_query($query) or die (mysql_error());

Posted: Mon Apr 24, 2006 8:51 am
by Richking
that's nailed it thanks!

Posted: Mon Apr 24, 2006 8:54 am
by John Cartwright

Code: Select all

$query = "DELETE FROM news WHERE id=".intval($idnumber);
if your taking that $idnumber straight from the form, I would recommend doing to ensure that it is a number.

Posted: Mon Apr 24, 2006 2:11 pm
by timvw
I suggest that you make a backup first, and then try "1 OR 1=1" as value...