dannyp100 Posted February 8, 2013 Share Posted February 8, 2013 Hi guys I'm trying to a way of deleting multiple user inbox messages with checkboxes, this is what i've got so far. <?php include 'gradnetconn.php'; require_once ('webpage.class.php'); session_start(); $messageTo = $_SESSION['userID']; if (!(isset($_SESSION['userID']) && $_SESSION['userID'] != '')) { echo "Log in to send a message" ; header ("Location: login.php"); } else { echo "You aree logged in, please feel free to delete a message "; } $sql="SELECT * FROM gn_messages WHERE messageTo = $messageTo AND messageDeleted = '0' ORDER BY messageDate DESC"; $result=mysql_query($sql); $count=mysql_num_rows($result); ?> <table width="400" border="0" cellspacing="1" cellpadding="0"> <tr> <td><form name="form1" method="post" action=""> <table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td bgcolor="#FFFFFF"> </td> <td colspan="4" bgcolor="#FFFFFF"><strong>Delete A Message</strong> </td> </tr> <tr> <td align="center" bgcolor="#FFFFFF">#</td> <td align="center" bgcolor="#FFFFFF"><strong>Message ID</strong></td> <td align="center" bgcolor="#FFFFFF"><strong>From</strong></td> <td align="center" bgcolor="#FFFFFF"><strong>Subject</strong></td> <td align="center" bgcolor="#FFFFFF"><strong>Date</strong></td> </tr> <?php while($rows=mysql_fetch_array($result)){ ?> <tr> <td align="center" bgcolor="#FFFFFF"><input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $rows['messageID']; ?>"></td> <td bgcolor="#FFFFFF"><? echo $rows['messageID']; ?></td> <td bgcolor="#FFFFFF"><? echo $rows['messageFrom']; ?></td> <td bgcolor="#FFFFFF"><? echo $rows['messageSubject']; ?></td> <td bgcolor="#FFFFFF"><? echo $rows['messageDate']; ?></td> </tr> <?php } ?> <tr> <td colspan="5" align="center" bgcolor="#FFFFFF"><input name="delete" type="submit" id="delete" value="Delete"></td> </tr> <?php // Check if delete button active if($delete){ for($i=0;$i<$count;$i++){ $del_id = $checkbox[$i]; $sql = "DELETE FROM gn_messages WHERE messageID='$del_id'"; $result = mysql_query($sql); } // if successful redirect to delete_multiple.php if($result){ echo "<meta http-equiv=\"refresh\" content=\"0;URL=delete_multiple.php\">"; } } mysql_close(); ?> </table> </form> </td> </tr> </table> It says undefined variable delete. Shouldn't this correspond to the ID of the delete button? Notice: Undefined variable: delete (line 70) Thanks Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted February 8, 2013 Share Posted February 8, 2013 (edited) Your form is using method='post'. The form data will be in the $_POST array - $_POST['delete'] Your code has some security problems that you should fix - 1) Your login check code needs an exit; statement after the header() redirect to prevent the remainder of the code on your protected page from running while the browser is requesting the target url in that redirect. The only thing your current logic is protecting or preventing is the echo "You aree logged in, please feel free to delete a message "; statement. 2) You need to make sure that any messages you are deleting actually belong to the currently logged in user. Your current logic would allow any logged in user to delete any or all the messages, belonging to anyone. You also need to consider that any one message appears in the outbox of the person who sent it and in the inbox of the recipient, and actually deleting it would remove it from both the sender and recipient boxes. Are you sure that is what you want? Shouldn't you have two flags, one for the sender and one for the receiver, that indicates when one of them has deleted the message and you should simply not display it in their corresponding box? Edited February 8, 2013 by PFMaBiSmAd Quote Link to comment Share on other sites More sharing options...
dannyp100 Posted February 8, 2013 Author Share Posted February 8, 2013 Thanks for the advice. I understand what you've said. I completely forgot that if a message is deleted, it is completely deleted from the database and wouldn't remain in the senders outbox. I wouldn't know where to start with doing flags etc as i'm a total beginner, any tutorials you could link me to? Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.