Cannot delete a field in MySQL using PHP!

[angelali]

I have made a simple form where users who have been subscribed and unsubscribe by inserting their email address.

 

In my database using PHPMyAdmin, my database to store the emails is 'Links', the table is 'email' and the fields are the 'id' and 'emailaddress'.

 

What I have tried is making a text input field, where the user ill insert his or her email address, to unsubscribe on the website. As a result the user's field for his or her email address will be delete in the database which is saving the emails for all users who have subscribed.

 

My HTML codes are:

 

<p>Subscribe for newsletters:</p>
<img src="images/k-newsletter-icon.png" width="96" height="96" alt="subscri"/>
<form action="index.php" method="post">
<input type="text" size="25" placeholder="Your email address..." name="enter"/>
<input class="submit" type="submit" value="Subscribe" name="subscribe"/>
</form>

 

My PHP codes are:

 

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$email = $_POST['enter'];
@mysql_connect ('localhost', 'root', '') or die ('Error');
@mysql_select_db ('links') or die ('Error');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Not an email";
return false;    
} else {
mysql_query("DELETE FROM email WHERE emailaddress ='$email'");
echo "deleted";
}
}
?> 

 

 

When I test it,it is not working, as I see the email which was saved, is still in the database! Help!

[ManiacDan]

Please stop using the [ m ] tag to format your PHP, you must use [ php ] tags.

[ManiacDan]

There's a number of things here:

1)  You absolutely positively must stop this instant and wrap everything in mysql_real_ecape_string if it comes from the user.  Your site is grievously vulnerable to SQL injections.

 

2)  If this isn't working, find out why.  What did they enter?  How does it not match what's in the DB?  Are there spaces?  Your code is fine aside from #1 above.

[angelali]

I'm sorry, I am new here! 

[angelali]

Yes, I know I must wrap "$email = $_POST['enter'];" to $email = mysql_real_ecape_string($_POST['enter']); But I did it quickly...to test if the functionality is good, but I do not know why it is not deleting! There is no space etc... I was shocked to see why it is not deleting. In fact, on many websites they are giving the same example! That's why I have posted this problem on some forums to know why it is not working!

[mikosiko]

other than what already has been suggested, I will add a few things:

 

- You should always work with Error Reporting and Display errors enabled while in development ... you can enable it globally in your php.ini file or case by case in your scripty adding this 2 lines at the beginning (after the opening <?php)

   // Define how to display/report errors
   ini_set("display_errors", "1");
   error_reporting(E_ALL);

 

- Just take out the error suppressing from your code (@) .. that only will hide the possible errors in your code... don't hide errors... control them.

 

- Is a good debugging practice to separate your query strings from mysql-query()  ... in that way you can always echo your query string to validate what could be wrong... like:

....

} else {

$query = "DELETE FROM email WHERE emailaddress ='$email'";
// here you can echo your string for debugging purposes
echo "Query String is : " . $query . "<br />";

mysql_query($query)  or die("Mysql Query Error: " . mysql_error()); // add die() here at least as a temporary way to debug, in production you should use something better
...

 

[angelali]

The errors reporting etc...are turned ON in my PHP.INI. I tried your codes, but it is giving me the query:

 

Here are the codes after modifying what you said:

 

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$email = $_POST['enter'];
mysql_connect ('localhost', 'root', '') or die ('Error');
mysql_select_db ('links') or die ('Error');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "Not an email";
return false;	
} else {
$query = "DELETE FROM email WHERE emailaddress ='$email'";
echo "Query String is : " . $query . "<br />";
mysql_query($query)  or die("Mysql Query Error: " . mysql_error());
}
}
?>

[mikosiko]

....but it is giving me the query...

 

that is exactly what is supposed to do... echo your $query string to allow you to validate if it is correct or not... post exactly what you got.

[ManiacDan]

Please read and respond to entire posts, not just the first sentence.  Note that I gave you debug steps in #2 above that you have not addressed.  Are there spaces?  Does the database match their input EXACTLY?

[angelali]

Here is the query string it gave me:

 

Query String is : DELETE FROM email WHERE emailaddress ='alithebest@gmail.com'

 

The email address above is among one which is stored in the database. Concerning the space, do you mean if there are spaces the names of tables, fields?? If yes, then NO!

 

My database name is 'links', the table is 'email' and the two fields are 'id' and 'emailaddress'.

[ManiacDan]

Does the email address entered match an email address in the table exactly?  Including spaces and tabs?

 

Seriously, read that twice before answering.

[angelali]

I am sorry if I have not understood your question! I am having a headache since some hours...thus I have read your answers a bit too quickly! Well, after verifying again, it seems the table 'emailaddress' which stores the email addresses of course, there is a 'dot' at the beginning of all email addresses in the field.

 

For example, the email address 'alitheest@gmail.com' is like this in the field '.alithebest@gmail.com'. Is this normal or because of this it is not working? I included a screenshot of it...

 

[ManiacDan]

There's probably a dot in the query that INSERTS these emails.  You have to fix that, then delete everything from this table and start over.

 

If this site is "live" and these are real addresses, you'll have to update them all to be correct.

[angelali]

How to fix that? The 'dot' is in the fields by its own! That's why I have asked if this is normal! If you can help me... I am new in PHP, it was just on Last Sunday I have started learning it...

[ManiacDan]

I really can't help you if you don't read the message.

 

Again:  The code that INSERTS the email addresses into this table has a dot in it, where there should not be a dot.  Emails don't just magically show up in your database, something puts them there.  That something is wrong.

[angelali]

The website is not online. I am stil making it. I used the same INSERT codes to put the email address in the database. The INSERT part is on my codes above...

[angelali]

Here are the codes with the INSERT one:

 

<?php
if ( $_SERVER['REQUEST_METHOD'] == "POST" ) {
$ee = htmlentities($_POST['enter']);
if (!preg_match('/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/',$ee) || empty($ee)){
echo '<p class="fail">Failed...Try again!</p>';
} else {
@mysql_connect ('localhost', 'root', '') or die ('A problem has occurred, refresh the page and try again!');
@mysql_select_db ('links') or die ('A problem has occurred, refresh the page and try again!');
$query = "INSERT INTO email (id, emailaddress) VALUES('NULL', '.$ee')";
mysql_query($query);
echo '<p class="success">Successfully subscribed!</p>';
}
}
}
?>

[angelali]

GEEZZZZZZ, yes, I have included the dot myself! DAMN! Any way, I will try to code it right now, and will tell you about it... I am a real nut! 

[angelali]

YES, IT WORKS NOW YEAHHHHHH! :)  It was because of that damn it 'dot'. Now it is working perfectly! It is deleting! THANK YOU ALL GUYS HERE WHO TOOK PATIENCE TO HELP ME! Thank you verily!          Only the problem of duplicate field remains now to tackle! How to mark this thread as solved?

[ManiacDan]

You should not be using htmlentities on these addresses, you should be using mysql_real_escape_string.

 

Glad you got it working.

[angelali]

Oh ok.. Thank you, already modified it!  How to make this thread as solved?