Jump to content

Error!!

Mod-Jay

By Mod-Jay
in PHP Coding Help

 Share

Recommended Posts

Mod-Jay Member

Mod-Jay

Posted
Posted

Error:

 

Deletes All the Tables Made.. Everything in the Database.. I want it to Delete The only 1 ITEM!!

 

Code:

 

	<table border="2" cellspacing="0" cellpadding="5" class="tborder" width="80%"><tr><td>Name</td><td>Desc</td><td>Date Added</td><td>Edit</td><td>Delete</td></tr>	<tr></tr>                <?php		$result = mysql_query("SELECT * FROM blog");		//the while loop		while($r=mysql_fetch_array($result))		{$name=$r["name"];$desc=$r["descr"];$date=$r["date"];if(isset($_GET['action']) && $_GET['action'] == 'delete') {mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());echo "News Deleted";}echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete'>Delete</a></td></tr>";}?></table>

 

Link to comment
https://forums.phpfreaks.com/topic/212476-error/
Share on other sites
PradeepKr Newbie

PradeepKr

Posted
Posted

Replace this

 

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());echo "News Deleted";}

 

 

with this

 

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $name = realEscape($r["name"]);  if( isset($name) && $name != "")  {    $sql_delete = sprintf("DELETE FROM blog WHERE name='%s' ", realEscape($r["name"]) );    echo "SQL is |$sql_delete|";  //remove after debugging    mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());    echo "News Deleted";  }   else  {     echo "name is empty";  }}

 

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107013
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You are retrieving everything with a SELECT query, looping through that data, deleting all the matching name= values, so, of course it is deleting everything...

 

Remove the SELECT query and all the logic related to it. Why are you doing that in code that presumably is for deleting data from a table?

 

Your code would need to receive a piece of unique data that identifies the row(s) that you do want to delete. Nothing in your posted code either makes a link/form that would provide that unique identifying data or makes use of that data if it was supplied.

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107015
Share on other sites
Mod-Jay Member

Mod-Jay

Posted
  • Author
Posted

Replace this

 

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());echo "News Deleted";}

 

 

with this

 

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $name = realEscape($r["name"]);  if( isset($name) && $name != "")  {    $sql_delete = sprintf("DELETE FROM blog WHERE name='%s' ", realEscape($r["name"]) );    echo "SQL is |$sql_delete|";  //remove after debugging    mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());    echo "News Deleted";  }   else  {     echo "name is empty";  }}

 

 

 

It didnt work.. Im having problems with it deleting everything.. i just want the delete to Delete that Just One im Deleting, If u have a Team-Veiwer Ill try to show u what i mean.

EDIT

 

Actully it did work.. It now Shows IT deleting Everything.. LOL.. Now how do i stop it? And make it Delete The Name Itself

 

EDIT

Now i Got it to Say its name.. it says correct name.. But it still Deletes them all ,I think it has Something to do With 

<td><a href='news.php?action=delete'>Delete $name</a></td>

 

 

EDIT

My Edited Code:

 

	                <?php		$result = mysql_query("SELECT * FROM blog");		//the while loop		while($r=mysql_fetch_array($result))		{$id=$r["ID"];$name=$r["name"];$desc=$r["descr"];$date=$r["date"];if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $name = realEscape($r["name"]);  if( isset($name) && $name != "")  {    $sql_delete = sprintf("DELETE FROM blog WHERE name='%s' ", realEscape($r["name"]) );    echo "SQL is |$sql_delete|";  //remove after debugging    mysql_query("DELETE FROM blog WHERE name='". realEscape($name) ."'") or die(mysql_error());    echo "News Deleted";  }   else  {     echo "name is empty";  }}echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete'>Delete $name</a></td></tr>";}?>

 

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107019
Share on other sites
Mod-Jay Member

Mod-Jay

Posted
  • Author
Posted

Change this: realEscape('name') to this: '$name'.

WHERE name = name will match every record in the table.  Also, its already been escaped once, so it doesn't need it again.

 

Didnt work.. I also have ID so if u got anything to match it with an id , lets hear it..

 

**EDIT**

Edited Code So far..

 

	                <?php		$result = mysql_query("SELECT * FROM blog");		//the while loop		while($r=mysql_fetch_array($result))		{$id=$r["ID"];$name=$r["name"];$desc=$r["descr"];$date=$r["date"];if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $id = realEscape($r["ID"]);  if( isset($id) && $id != "")  {    $sql_delete = sprintf("DELETE FROM blog WHERE ID='%s' ", realEscape($r["ID"]) );    echo "SQL is |$sql_delete|";  //remove after debugging    mysql_query("DELETE FROM blog WHERE ID='$id'") or die(mysql_error());    echo "News Deleted";  }   else  {     echo "name is empty";  }}echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete'>Delete $name</a></td></tr>";}?>

 

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107024
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

This should not be in your while loop

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $id = realEscape($r["ID"]);  if( isset($id) && $id != "")  {    $sql_delete = sprintf("DELETE FROM blog WHERE ID='%s' ", realEscape($r["ID"]) );    echo "SQL is |$sql_delete|";  //remove after debugging    mysql_query("DELETE FROM blog WHERE ID='$id'") or die(mysql_error());    echo "News Deleted";  }   else  {     echo "name is empty";  }}

 

Move it outside of the loop!

 

You should pass the records id you want to delete within your link

 

<a href='news.php?action=delete&id=$id'>Delete $name</a>

 

 

Now change this

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $id = realEscape($r["ID"]);  if( isset($id) && $id != "")  {

 

To

 

if(isset($_GET['action']) && $_GET['action'] == 'delete') {  $id = realEscape($r["ID"]);  if( isset($_GET['id']) && is_numeric($_GET['id']))  {     $id = (int) $_GET['id'];

 

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107027
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

 

Change this: realEscape('name') to this: '$name'.

Why? Variables do not get parsed within single quotes!

 

 

You're right; I overlooked the string concatenation. The correct string would be (or would have been):

"DELETE FROM blog WHERE name = '$name'";

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107030
Share on other sites
Mod-Jay Member

Mod-Jay

Posted
  • Author
Posted

THANK YOU IT WORKS 100% Thanks WILDTEEN88

 

@@@@ ALSO how do i make it do ORDER BY desc ?

 

I added it , Got

Error:

 

 

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\Users\cory\Desktop\xampp\htdocs\Starter Kit(2)\admincp\pages\news.php on line 40

 

Code:

 

	                <?php		$result = mysql_query("SELECT * FROM blog ORDER BY desc");		//the while loop		while($r=mysql_fetch_array($result))		{$id=$r["ID"];$name=$r["name"];$desc=$r["descr"];$date=$r["date"];echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete&id=$id'>Delete $name</a></td></tr>";}?>

 

Line 40:

 

while($r=mysql_fetch_array($result))

 

Link to comment
https://forums.phpfreaks.com/topic/212476-error/#findComment-1107032
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.