Jump to content


Photo

$_POST, MySQL problem PLZ HELP~~


  • Please log in to reply
4 replies to this topic

#1 techiefreak05

techiefreak05
  • Members
  • PipPipPip
  • Advanced Member
  • 494 posts
  • LocationER, MN

Posted 29 August 2006 - 08:16 AM

ok, i have this to add friend into the database--(not the problem)

<?php
if($_POST['friendNew']){

mysql_query("INSERT INTO `friends` ( `username` , `friend`)
VALUES ('$_SESSION[username]', '$_POST[friendUN]');") or die("<font color=white>There was an error adding friend.</font>");
mysql_query("INSERT INTO `friends` ( `username` , `friend`)
VALUES ('$_POST[friendUN]', '$_SESSION[username]');") or die("<font color=white>There was an error adding friend.</font>");
?>
<font color="red">Friend Added Successfully!</font>
<?
}
?>

and i have this to delete but it DOES NOT WORK, whats wrong??

******** CODE THAT HAS SOMETHING WRONG *****************
and i have this to delete but it DOES NOT WORK, whats wrong??
<?php
if($_POST['delFriend']){
$query = mysql_query("SELECT * FROM friends WHERE `username` = '$user'");
while ($array = mysql_fetch_array($query)){
$to = $array[friend];
mysql_query("DELETE FROM `friends` ( `username` , `friend`)
VALUES ('$_SESSION[username]', '$to');") or die("<font color=white>There was an error deleting friend.</font>");
mysql_query("DELETE FROM `friends` ( `username` , `friend`)
VALUES ('$to', '$_SESSION[username]');") or die("<font color=white>There was an error deleting friend.</font>");
}
}
?>
******** (ABOV)^^^^CODE THAT HAS SOMETHING WRONG^^^^ *****************

and heres how i echo the users friends..

<?php
$query = mysql_query("SELECT * FROM friends WHERE `username` = '$user'");
while ($array = mysql_fetch_array($query)){
$to=$array['friend'];
echo "<br><center><b>" .$to. "</b></center>";
echo "<a href='sendMessage.php?to=" .$to. "'>-Message " .$to. "-</a> |<a href='getInfo.php?user=" .$to."'> -Get Info-</a> | <a href='http://zycoworld.com/" .$to. "'>-View zPage-</a><br>";
?>

The SECOND CODE PIECE IS WHERE IM HAVING PORBLEMS, IT JUST DOESNT WORK!!
Link shortener with advanced, detailed statistics:

http://tyny.us/

#2 techiefreak05

techiefreak05
  • Members
  • PipPipPip
  • Advanced Member
  • 494 posts
  • LocationER, MN

Posted 29 August 2006 - 08:19 AM

and HERES THE CODE FOR "delFriend" ....

<form action="" method="post">
<input type="submit" name="delFriend" value="-Remove Friend-">
</form>

Link shortener with advanced, detailed statistics:

http://tyny.us/

#3 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 29 August 2006 - 08:22 AM

You have a mistake with your sql syntax. Delete is on the following format:
DELETE FROM table_name WHERE column_name = some_value
See more Here.

And you should read about SQL injections, because your script is vulnerable.

Orio.
Think you're smarty?

(Gone until 20 to November)

#4 techiefreak05

techiefreak05
  • Members
  • PipPipPip
  • Advanced Member
  • 494 posts
  • LocationER, MN

Posted 29 August 2006 - 08:25 AM

like this: ?

<?php
if($_POST['delFriend']){
$to = $array[friend];
mysql_query("DELETE FROM `friends` WHERE `username` = '$_SESSION[username]' AND `friend` = '$to'") or die("<font color=white>There was an error deleting friend.</font>");
mysql_query("DELETE FROM `friends` WHERE `username` = '$to' AND `friend` = '$_SESSION[username]'") or die("<font color=white>There was an error deleting friend.</font>");
}
?>

Link shortener with advanced, detailed statistics:

http://tyny.us/

#5 techiefreak05

techiefreak05
  • Members
  • PipPipPip
  • Advanced Member
  • 494 posts
  • LocationER, MN

Posted 29 August 2006 - 08:31 AM

AAHH !! the code i just posted deleted all my friends !!! - i have a delete button  for every friend, and i want to delete only one friend when i click the button
Link shortener with advanced, detailed statistics:

http://tyny.us/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users