Page 1 of 1

trying to delete from a MySQL table

Posted: Tue Oct 09, 2007 6:21 am
by roondog
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


here is my code

Code: Select all

<?php
$con = mysql_connect('localhost', '******', '******');
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db ('roondog_gallery', $con);

mysql_query("DELETE FROM test WHERE picname=$_POST[remove]");


mysql_close($con);
?>
and my form

Code: Select all

<html>
<head>
<style type="text/css">
img{
width: 100px;
height: 100px;
border: 1px solid black;
}
</style>
</head>
<body>

<?php

$con = mysql_connect('localhost', '******', '*****'}

mysql_select_db('roondog_gallery', $con);

$result = mysql_query("SELECT * FROM test");

while($row = mysql_fetch_array($result))
  {
echo "<form action='picdelete.php' method='post'>";

echo "<img src='$row[picname]'  />";

echo "<input type='checkbox' name='remove' value='$row[picname]' />";

}

echo "<input type='submit' value='delete picture'  />";

echo "</form>";

if (mysql_rows_affected() => 1){

echo

?>

</body>
</html>
i get no errors but the columns are not deleting.


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Re: trying to delete from a MySQL table

Posted: Tue Oct 09, 2007 6:24 am
by VladSun
This
roondog wrote:here is my code

Code: Select all

mysql_query("DELETE FROM test WHERE picname=$_POST[remove]");
should be

Code: Select all

mysql_query("DELETE FROM test WHERE picname=".$_POST['remove']);
in case picname is ID (i.e. numeric)

or

Code: Select all

mysql_query("DELETE FROM test WHERE picname='".$_POST['remove']."'");
in case picname is a string.

EDIT: Gosh! I always forgot that it is valid syntax in PHP ( "blah-blah $array[key]") :)

Posted: Tue Oct 09, 2007 6:25 am
by olog-hai
Do this to check if you have something:

Code: Select all

print_r( $_POST )

Posted: Tue Oct 09, 2007 6:35 am
by VladSun
I must warn you that passing $_POST values directly into the SQL query is a huge security risk. You should validate/sanitize the user input data.

Posted: Tue Oct 09, 2007 7:26 am
by roondog
Thanks, i'm just trying to get it to work first. Also thanks for the quick response but it's still not working.

Posted: Tue Oct 09, 2007 7:31 am
by miro_igov
Do you have display_errors disabled?

This is very strange construction at the end of your form:

Code: Select all

if (mysql_rows_affected() => 1){

echo

?>

Posted: Tue Oct 09, 2007 7:41 am
by roondog
i started writing something but i've deleted that now.

Posted: Tue Oct 09, 2007 7:45 am
by VladSun
Please, post your new code and the result from:

Code: Select all

print_r($_POST);
as olog-hai has suggested.

Posted: Tue Oct 09, 2007 7:58 am
by roondog
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


code is:

Code: Select all

<?php
$con = mysql_connect('localhost', 'roondog', 'twiggy');
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db ('roondog_gallery', $con);

if($POST['picname']){

mysql_query("DELETE FROM test WHERE picname=' " .$_POST['remove']. "'");

}

print_r($_POST);

mysql_close($con);
?>
form is

Code: Select all

<html>
<head>
<style type="text/css">
img{
width: 100px;
height: 100px;
border: 1px solid black;
}
</style>
</head>
<body>

<?php

$con = mysql_connect('localhost', 'roondog', 'twiggy');
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db('roondog_gallery', $con);

$result = mysql_query("SELECT * FROM test");

while($row = mysql_fetch_array($result))
  {
echo "<form action='picdelete.php' method='post'>";

echo "<img src='$row[picname]'  />";

echo "<input type='checkbox' name='remove' value='$row[picname]' />";

}

echo "<input type='submit' value='delete picture'  />";

echo "</form>";

?>

</body>
</html>
result form print_r($POST) is

Array ( [remove] => ./images/alfie.jpg )


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Tue Oct 09, 2007 8:03 am
by VladSun
You have a redundant white space in your query - between the first single quote and the double quote.

And what is:

Code: Select all

if($POST['picname']){
???

you don't have a $_POST key "picname" in your form neither you have $POST array- it is $_POST.

Posted: Tue Oct 09, 2007 9:52 am
by feyd
There are escaping/validation issues to contend with as well. Since we have many threads dedicated to these topics, I'll let you search them out instead of rehashing.