joshgarrod Posted January 22, 2009 Share Posted January 22, 2009 Hi, I know I submitted a thread earlier and marked it as solved but I realised my method only required someone to right click and view source to find the password to enter to delete the record. i have figured a new method but am having trouble sourcing the password for the record I am trying to delete, any ideas? <?php $con = mysql_connect("serv","usr","pass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("db", $con); $id=$_POST['id_delete']; $password_entered = $_POST['password_entered']; $query = ("SELECT password from classifieds WHERE ref'$_POST[id_delete]'"); $result = mysql_query($query); while($row = mysql_fetch_array($result)) { $hidden_password = $row ['password']; if ($password_entered == $hidden_password) { mysql_query("DELETE from classifieds where ref='$_POST[id_delete]'"); mysql_close(); header("location:thankyou.html"); exit(); } else { header("location:error.html"); exit(); } } ?> This is the error I get: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\source\of\files\delete_caravan.php on line 18 Quote Link to comment Share on other sites More sharing options...
gevans Posted January 22, 2009 Share Posted January 22, 2009 The problems in your query syntax; $query = ("SELECT password from classifieds WHERE ref'$_POST[id_delete]'"); should be $query = ("SELECT password from classifieds WHERE ref = '".$_POST['id_delete']."'"); Also this will give you a better isight into the error; $result = mysql_query($query) or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
joshgarrod Posted January 22, 2009 Author Share Posted January 22, 2009 thanks for your help, works just as it should now! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.