Mod-Jay Posted September 3, 2010 Share Posted September 3, 2010 Error: Deletes All the Tables Made.. Everything in the Database.. I want it to Delete The only 1 ITEM!! Code: <table border="2" cellspacing="0" cellpadding="5" class="tborder" width="80%"><tr><td>Name</td><td>Desc</td><td>Date Added</td><td>Edit</td><td>Delete</td></tr> <tr></tr> <?php $result = mysql_query("SELECT * FROM blog"); //the while loop while($r=mysql_fetch_array($result)) {$name=$r["name"];$desc=$r["descr"];$date=$r["date"];if(isset($_GET['action']) && $_GET['action'] == 'delete') {mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());echo "News Deleted";}echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete'>Delete</a></td></tr>";}?></table> Link to comment https://forums.phpfreaks.com/topic/212476-error/ Share on other sites More sharing options...
PradeepKr Posted September 3, 2010 Share Posted September 3, 2010 May be it is realEscape($r["name"]) and not realEscape('name') Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107008 Share on other sites More sharing options...
Mod-Jay Posted September 3, 2010 Author Share Posted September 3, 2010 Atm , its with the "Delete" Everytime i click it on one Table, It Deletes All the Tables.. Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107009 Share on other sites More sharing options...
Pikachu2000 Posted September 3, 2010 Share Posted September 3, 2010 Why do you have your DELETE query inside the while loop from the wildcard SELECT query? Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107011 Share on other sites More sharing options...
Pikachu2000 Posted September 3, 2010 Share Posted September 3, 2010 It actually deletes all of the tables, or it deletes all of the records in the `blog` table? Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107012 Share on other sites More sharing options...
PradeepKr Posted September 3, 2010 Share Posted September 3, 2010 Replace this if(isset($_GET['action']) && $_GET['action'] == 'delete') {mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());echo "News Deleted";} with this if(isset($_GET['action']) && $_GET['action'] == 'delete') { $name = realEscape($r["name"]); if( isset($name) && $name != "") { $sql_delete = sprintf("DELETE FROM blog WHERE name='%s' ", realEscape($r["name"]) ); echo "SQL is |$sql_delete|"; //remove after debugging mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error()); echo "News Deleted"; } else { echo "name is empty"; }} Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107013 Share on other sites More sharing options...
PFMaBiSmAd Posted September 3, 2010 Share Posted September 3, 2010 You are retrieving everything with a SELECT query, looping through that data, deleting all the matching name= values, so, of course it is deleting everything... Remove the SELECT query and all the logic related to it. Why are you doing that in code that presumably is for deleting data from a table? Your code would need to receive a piece of unique data that identifies the row(s) that you do want to delete. Nothing in your posted code either makes a link/form that would provide that unique identifying data or makes use of that data if it was supplied. Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107015 Share on other sites More sharing options...
Mod-Jay Posted September 3, 2010 Author Share Posted September 3, 2010 Replace this if(isset($_GET['action']) && $_GET['action'] == 'delete') {mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error());echo "News Deleted";} with this if(isset($_GET['action']) && $_GET['action'] == 'delete') { $name = realEscape($r["name"]); if( isset($name) && $name != "") { $sql_delete = sprintf("DELETE FROM blog WHERE name='%s' ", realEscape($r["name"]) ); echo "SQL is |$sql_delete|"; //remove after debugging mysql_query("DELETE FROM blog WHERE name='". realEscape('name') ."'") or die(mysql_error()); echo "News Deleted"; } else { echo "name is empty"; }} It didnt work.. Im having problems with it deleting everything.. i just want the delete to Delete that Just One im Deleting, If u have a Team-Veiwer Ill try to show u what i mean. EDIT Actully it did work.. It now Shows IT deleting Everything.. LOL.. Now how do i stop it? And make it Delete The Name Itself EDIT Now i Got it to Say its name.. it says correct name.. But it still Deletes them all ,I think it has Something to do With <td><a href='news.php?action=delete'>Delete $name</a></td> EDIT My Edited Code: <?php $result = mysql_query("SELECT * FROM blog"); //the while loop while($r=mysql_fetch_array($result)) {$id=$r["ID"];$name=$r["name"];$desc=$r["descr"];$date=$r["date"];if(isset($_GET['action']) && $_GET['action'] == 'delete') { $name = realEscape($r["name"]); if( isset($name) && $name != "") { $sql_delete = sprintf("DELETE FROM blog WHERE name='%s' ", realEscape($r["name"]) ); echo "SQL is |$sql_delete|"; //remove after debugging mysql_query("DELETE FROM blog WHERE name='". realEscape($name) ."'") or die(mysql_error()); echo "News Deleted"; } else { echo "name is empty"; }}echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete'>Delete $name</a></td></tr>";}?> Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107019 Share on other sites More sharing options...
wildteen88 Posted September 3, 2010 Share Posted September 3, 2010 Where are you using this code to? Post your code here. Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107020 Share on other sites More sharing options...
Pikachu2000 Posted September 3, 2010 Share Posted September 3, 2010 Change this: realEscape('name') to this: '$name'. WHERE name = name will match every record in the table. Also, its already been escaped once, so it doesn't need it again. Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107021 Share on other sites More sharing options...
wildteen88 Posted September 3, 2010 Share Posted September 3, 2010 Change this: realEscape('name') to this: '$name'. Why? Variables do not get parsed within single quotes! Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107023 Share on other sites More sharing options...
Mod-Jay Posted September 3, 2010 Author Share Posted September 3, 2010 Change this: realEscape('name') to this: '$name'. WHERE name = name will match every record in the table. Also, its already been escaped once, so it doesn't need it again. Didnt work.. I also have ID so if u got anything to match it with an id , lets hear it.. **EDIT** Edited Code So far.. <?php $result = mysql_query("SELECT * FROM blog"); //the while loop while($r=mysql_fetch_array($result)) {$id=$r["ID"];$name=$r["name"];$desc=$r["descr"];$date=$r["date"];if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($id) && $id != "") { $sql_delete = sprintf("DELETE FROM blog WHERE ID='%s' ", realEscape($r["ID"]) ); echo "SQL is |$sql_delete|"; //remove after debugging mysql_query("DELETE FROM blog WHERE ID='$id'") or die(mysql_error()); echo "News Deleted"; } else { echo "name is empty"; }}echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete'>Delete $name</a></td></tr>";}?> Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107024 Share on other sites More sharing options...
wildteen88 Posted September 3, 2010 Share Posted September 3, 2010 This should not be in your while loop if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($id) && $id != "") { $sql_delete = sprintf("DELETE FROM blog WHERE ID='%s' ", realEscape($r["ID"]) ); echo "SQL is |$sql_delete|"; //remove after debugging mysql_query("DELETE FROM blog WHERE ID='$id'") or die(mysql_error()); echo "News Deleted"; } else { echo "name is empty"; }} Move it outside of the loop! You should pass the records id you want to delete within your link <a href='news.php?action=delete&id=$id'>Delete $name</a> Now change this if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($id) && $id != "") { To if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($_GET['id']) && is_numeric($_GET['id'])) { $id = (int) $_GET['id']; Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107027 Share on other sites More sharing options...
Pikachu2000 Posted September 3, 2010 Share Posted September 3, 2010 Change this: realEscape('name') to this: '$name'. Why? Variables do not get parsed within single quotes! You're right; I overlooked the string concatenation. The correct string would be (or would have been): "DELETE FROM blog WHERE name = '$name'"; Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107030 Share on other sites More sharing options...
Mod-Jay Posted September 3, 2010 Author Share Posted September 3, 2010 THANK YOU IT WORKS 100% Thanks WILDTEEN88 @@@@ ALSO how do i make it do ORDER BY desc ? I added it , Got Error: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\Users\cory\Desktop\xampp\htdocs\Starter Kit(2)\admincp\pages\news.php on line 40 Code: <?php $result = mysql_query("SELECT * FROM blog ORDER BY desc"); //the while loop while($r=mysql_fetch_array($result)) {$id=$r["ID"];$name=$r["name"];$desc=$r["descr"];$date=$r["date"];echo "<tr><td>News Name: $name</td><td>News Desc: $desc</td><td>Date Posted: $date</td><td><a href='edit.php'>Edit</a></td><td><a href='news.php?action=delete&id=$id'>Delete $name</a></td></tr>";}?> Line 40: while($r=mysql_fetch_array($result)) Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107032 Share on other sites More sharing options...
wildteen88 Posted September 3, 2010 Share Posted September 3, 2010 Just one more thing you can remove this line $id = realEscape($r["ID"]); I forgot to remove it. Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107036 Share on other sites More sharing options...
PradeepKr Posted September 5, 2010 Share Posted September 5, 2010 descr not desc SELECT * FROM blog ORDER BY descr Link to comment https://forums.phpfreaks.com/topic/212476-error/#findComment-1107446 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.