melting_dog Posted June 28, 2010 Share Posted June 28, 2010 I'm trying to implement a code that will simply delete a row via a pre-entering an ID. Pretty simple, but I seem to be missing something so some other opinions would be appreciated. The postID is sent from a form. So: $postID=$_POST['postID']; $postID = stripslashes($postID); $postID = mysql_real_escape_string($postID); $sql="SELECT * FROM $tbl_name WHERE postID='$postID'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ $sql="DELETE FROM $tbl_name WHERE postID='$postID' LIMIT 1"; $result = '<p>Successfully Removed</p><a href="index.php">Back to Home Page</a>'; } else { $result = '<h3 style = "text-align: center;">Sorry! No Posts with that ID were found.</h3><a href="removePost.php">Try Again?</a>'; } ob_end_flush(); ?> Yeah so like i said probably something simple but any help would be greatly appreciated Cheers Quote Link to comment Share on other sites More sharing options...
Mchl Posted June 28, 2010 Share Posted June 28, 2010 <?php $postID=(int)$_POST['postID']; //assuming ID is numeric, that's even better than real_escape() $sql="DELETE FROM $tbl_name WHERE postID='$postID' LIMIT 1"; mysql_query($sql) or die(mysql_error()); // some better error handling should be put in place instead of this if(mysql_affected_rows() > 0) { //this will tell you if any rows were deletod or not $result = '<p>Successfully Removed</p><a href="index.php">Back to Home Page</a>'; } else { $result = '<h3 style = "text-align: center;">Sorry! No Posts with that ID were found.</h3><a href="removePost.php">Try Again?</a>'; } echo $result; ob_end_flush(); ?> Quote Link to comment Share on other sites More sharing options...
melting_dog Posted June 28, 2010 Author Share Posted June 28, 2010 Thanks. Thats worked a treat. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.