Jump to content

Archived

This topic is now archived and is closed to further replies.

techiefreak05

$_POST, MySQL problem PLZ HELP~~

Recommended Posts

ok, i have this to add friend into the database--(not the problem)

[code]
<?php
if($_POST['friendNew']){

mysql_query("INSERT INTO `friends` ( `username` , `friend`)
VALUES ('$_SESSION[username]', '$_POST[friendUN]');") or die("<font color=white>There was an error adding friend.</font>");
mysql_query("INSERT INTO `friends` ( `username` , `friend`)
VALUES ('$_POST[friendUN]', '$_SESSION[username]');") or die("<font color=white>There was an error adding friend.</font>");
?>
<font color="red">Friend Added Successfully!</font>
<?
}
?>
[/code]

and i have this to delete but it DOES NOT WORK, whats wrong??

******** CODE THAT HAS SOMETHING WRONG *****************
and i have this to delete but it DOES NOT WORK, whats wrong??
[code]
<?php
if($_POST['delFriend']){
$query = mysql_query("SELECT * FROM friends WHERE `username` = '$user'");
while ($array = mysql_fetch_array($query)){
$to = $array[friend];
mysql_query("DELETE FROM `friends` ( `username` , `friend`)
VALUES ('$_SESSION[username]', '$to');") or die("<font color=white>There was an error deleting friend.</font>");
mysql_query("DELETE FROM `friends` ( `username` , `friend`)
VALUES ('$to', '$_SESSION[username]');") or die("<font color=white>There was an error deleting friend.</font>");
}
}
?>[/code]
******** (ABOV)^^^^CODE THAT HAS SOMETHING WRONG^^^^ *****************

and heres how i echo the users friends..

[code]
<?php
$query = mysql_query("SELECT * FROM friends WHERE `username` = '$user'");
while ($array = mysql_fetch_array($query)){
$to=$array['friend'];
echo "<br><center><b>" .$to. "</b></center>";
echo "<a href='sendMessage.php?to=" .$to. "'>-Message " .$to. "-</a> |<a href='getInfo.php?user=" .$to."'> -Get Info-</a> | <a href='http://zycoworld.com/" .$to. "'>-View zPage-</a><br>";
?>[/code]

The SECOND CODE PIECE IS WHERE IM HAVING PORBLEMS, IT JUST DOESNT WORK!!

Share this post


Link to post
Share on other sites
and HERES THE CODE FOR "delFriend" ....

[code]
<form action="" method="post">
<input type="submit" name="delFriend" value="-Remove Friend-">
</form>
[/code]

Share this post


Link to post
Share on other sites
You have a mistake with your sql syntax. Delete is on the following format:
DELETE FROM table_name WHERE column_name = some_value
See more [url=http://www.w3schools.com/sql/sql_delete.asp]Here[/url].

And you should read about SQL injections, because your script is vulnerable.

Orio.

Share this post


Link to post
Share on other sites
like this: ?

[code]
<?php
if($_POST['delFriend']){
$to = $array[friend];
mysql_query("DELETE FROM `friends` WHERE `username` = '$_SESSION[username]' AND `friend` = '$to'") or die("<font color=white>There was an error deleting friend.</font>");
mysql_query("DELETE FROM `friends` WHERE `username` = '$to' AND `friend` = '$_SESSION[username]'") or die("<font color=white>There was an error deleting friend.</font>");
}
?>
[/code]

Share this post


Link to post
Share on other sites
AAHH !! the code i just posted deleted all my friends !!! - i have a delete button  for every friend, and i want to delete only one friend when i click the button

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.