PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I'm deleting sub-topics and before that I want to check if there are any articles present under this sub-topic.If there are any, the sub-topic is not deleted else it gets deleted.
I tried to delete the sub-topics and ir-respective of the articles present under each sub-topic, the sub-topic gets deleted.
I tried to debug and it always returns "there are none"
Could somebody please take a look at the part of my code where the problem would be.
// if you have chosen subtopics to delete
if(isset($HTTP_POST_VARS['action'])){
$qry3="SELECT SUBTOPIC_ID FROM subtopic WHERE SUBTOPIC_ID='".$HTTP_POST_VARS['SUBTOPIC_ID']."'";
$result_3=mysql_query($qry3) or die(mysql_error());
// begin the query
$subtopic_id=$HTTP_POST_VARS['SUBTOPIC_ID'];
echo $subtopic_id;
$result_sub=mysql_query("SELECT * FROM articles WHERE SUBTOPIC_ID='$subtopic_id' ");
if (mysql_numrows($result_sub)>0)
echo "there is more than zero";
else
echo "there are none";
$qry4 = "DELETE FROM subtopic WHERE SUBTOPIC_ID IN('" . implode("','", $HTTP_POST_VARS['to_delete']) . "')";
while($row_4=mysql_fetch_row($result_sub)){
if(isset($HTTP_POST_VARS[$row_4->SUBTOPIC_ID])){
// the checkboxes were named for the subtopic_id
$qry4 .= "OR SUBTOPIC_ID=".$row_4->SUBTOPIC_ID;
// add this subtopic to the query string
}
}
mysql_query($qry4) or die(mysql_error());
}
$qry3="SELECT SUBTOPIC_ID FROM subtopic WHERE SUBTOPIC_ID='".$HTTP_POST_VARSї'SUBTOPIC_ID']."'";
$result_3=mysql_query($qry3) or die(mysql_error());
// begin the query
$subtopic_id=$HTTP_POST_VARSї'SUBTOPIC_ID'];
If the subtopic_id is not vailid, the next query will give no result.
So they can't 'hack' your program that way.