zhshero Posted November 16, 2010 Share Posted November 16, 2010 i trying to delete messages out of my message database but im not sure if i'm using this code right or there stuff missing to it :S delete.php <?php require_once('settings.php'); checkLogin('1 2'); $id=$_GET["msgs"]; mysql_query("DELETE messages FROM messages WHERE message_id='$id'"); ?> link usages to delete <a href="delete.php?msgs=<? echo $row['message_id'] ?>">[X]</a> Link to comment https://forums.phpfreaks.com/topic/218794-deleting-delete-from-database/ Share on other sites More sharing options...
zhshero Posted November 16, 2010 Author Share Posted November 16, 2010 i take this code works, but other members, can delete messages that isn't there's how would i go about on making it so it only delete's there own messages and can't delete others? Link to comment https://forums.phpfreaks.com/topic/218794-deleting-delete-from-database/#findComment-1134757 Share on other sites More sharing options...
jcbones Posted November 16, 2010 Share Posted November 16, 2010 Your query should look like: mysql_query("DELETE FROM messages WHERE message_id='$id' AND to_user = '$userfinal'"); Link to comment https://forums.phpfreaks.com/topic/218794-deleting-delete-from-database/#findComment-1134759 Share on other sites More sharing options...
zhshero Posted November 16, 2010 Author Share Posted November 16, 2010 i re did it, had to add the userfinal but not sure if I'm using it right <?php require_once('../settings.php'); checkLogin('1 2'); $userfinal = get_main_P($_SESSION['user_id']); $id=$_GET["msgs"]; mysql_query("DELETE FROM messages WHERE message_id='$id' AND to_user = '$userfinal'"); ?> Link to comment https://forums.phpfreaks.com/topic/218794-deleting-delete-from-database/#findComment-1134771 Share on other sites More sharing options...
Pikachu2000 Posted November 16, 2010 Share Posted November 16, 2010 You should really be sanitizing/validating incoming data before using it in a database query, otherwise you're wide open to SQL injection attacks. Link to comment https://forums.phpfreaks.com/topic/218794-deleting-delete-from-database/#findComment-1134828 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.