heidi

I have a script that allows me to post comments, but when i try to delete that comment i get a error message telling me that a specific variable is undefined. I refresh the page and try again, and suddently it works. template_test.php <?php if($author == $log_username || $account_name == $log_username ){ $statusDeleteButton = '<span id="sdb_'.$statusid.'"><a href="#" onclick="return false;" onmousedown="deleteStatus(\''.$statusid.'\',\'status_'.$statusid.'\',\''.$DB_table.'\');" title="DELETE THIS STATUS AND ITS REPLIES">delete status</a></span> '; } ?> <script> function deleteStatus(statusid,statusbox,document){ var ajax = ajaxObj("POST", "php_parsers/status_system2.php"); ajax.onreadystatechange = function() { if(ajaxReturn(ajax) === true) { if(ajax.responseText === "delete_ok"){ // remove the div all of the tekst is inside, the textarea and the reply button _(statusbox).style.display = 'none'; _("replytext_"+statusid).style.display = 'none'; _("replyBtn_"+statusid).style.display = 'none'; } else { alert(ajax.responseText); } } } ajax.send("action=delete_status&statusid="+statusid+"&document="+document); }; </script> php_parsers/status_system2.php <?php // fires of when the someone deletes a thread if (isset($_POST['action']) && $_POST['action'] == "delete_status" && !empty($_POST['document'])){ if(!isset($_POST['statusid']) || $_POST['statusid'] == ""){ echo "status id is missing"; exit(); } // sanitize the inserted status id $statusid = preg_replace('#[^0-9]#', '', $_POST['statusid']); // check to see which page the user is on, then give different variables that contain different DB tables // check to see whether or not the user replied to a status from user.php or watch.php if($_POST['document'] == "comments") // this means the user replied within watch.php { $DB_table = "comments"; } else if($_POST['document'] == "status") // this mean that the user replied within user.php { $DB_table = "status"; }else{ echo 'Error: this is an unexpected situation. What is happening? ' . $_POST['document']; } // Check to make sure the person deleting this reply is either the account owner or the person who wrote it if($DB_table == null){ echo 'Can\'t look up nuthin'; }else{ // Check to make sure the person deleting this reply is either the //account owner or the person who wrote it $sql = "SELECT account_name, author FROM $DB_table WHERE id='$statusid' LIMIT 1"; $query = mysqli_query($con, $sql); while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) { $account_name = $row["account_name"]; $author = $row["author"]; } } // delete the thread and it replies with the same osid if ($author == $log_username || $account_name == $log_username) { $sql = "DELETE FROM $DB_table WHERE osid='$statusid'"; mysqli_query($con, $sql); echo "delete_ok"; exit(); } } ?>