Jump to content

Recommended Posts

Hi guys

I'm trying to a way of deleting multiple user inbox messages with checkboxes, this is what i've got so far.

 

<?php
include 'gradnetconn.php';
require_once ('webpage.class.php');
session_start();
$messageTo = $_SESSION['userID'];

if (!(isset($_SESSION['userID']) && $_SESSION['userID'] != '')) {
echo "Log in to send a message" ;
header ("Location: login.php");
} else {
echo "You aree logged in, please feel free to delete a message ";
}
$sql="SELECT * FROM gn_messages WHERE messageTo = $messageTo AND messageDeleted = '0'
ORDER BY messageDate DESC";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td><form name="form1" method="post" action="">
<table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td bgcolor="#FFFFFF"> </td>
<td colspan="4" bgcolor="#FFFFFF"><strong>Delete A Message</strong> </td>
</tr>
<tr>
<td align="center" bgcolor="#FFFFFF">#</td>
<td align="center" bgcolor="#FFFFFF"><strong>Message ID</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>From</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Subject</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Date</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center" bgcolor="#FFFFFF"><input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $rows['messageID']; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $rows['messageID']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['messageFrom']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['messageSubject']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['messageDate']; ?></td>
</tr>
<?php
}
?>

<tr>
<td colspan="5" align="center" bgcolor="#FFFFFF"><input name="delete" type="submit" id="delete" value="Delete"></td>
</tr>
<?php
// Check if delete button active
if($delete){
for($i=0;$i<$count;$i++){
$del_id = $checkbox[$i];
$sql = "DELETE FROM gn_messages WHERE messageID='$del_id'";
$result = mysql_query($sql);
}
// if successful redirect to delete_multiple.php
if($result){
echo "<meta http-equiv=\"refresh\" content=\"0;URL=delete_multiple.php\">";
}
}
mysql_close();
?>
</table>
</form>
</td>
</tr>
</table>

 

It says undefined variable delete. Shouldn't this correspond to the ID of the delete button?

Notice: Undefined variable: delete (line 70)

 

Thanks

Your form is using method='post'. The form data will be in the $_POST array - $_POST['delete']

 

Your code has some security problems that you should fix -

 

1) Your login check code needs an exit; statement after the header() redirect to prevent the remainder of the code on your protected page from running while the browser is requesting the target url in that redirect. The only thing your current logic is protecting or preventing is the echo "You aree logged in, please feel free to delete a message "; statement.

 

2) You need to make sure that any messages you are deleting actually belong to the currently logged in user. Your current logic would allow any logged in user to delete any or all the messages, belonging to anyone.

 

You also need to consider that any one message appears in the outbox of the person who sent it and in the inbox of the recipient, and actually deleting it would remove it from both the sender and recipient boxes. Are you sure that is what you want? Shouldn't you have two flags, one for the sender and one for the receiver, that indicates when one of them has deleted the message and you should simply not display it in their corresponding box?

Edited by PFMaBiSmAd

Thanks for the advice. I understand what you've said.

I completely forgot that if a message is deleted, it is completely deleted from the database and wouldn't remain in the senders outbox. I wouldn't know where to start with doing flags etc as i'm a total beginner, any tutorials you could link me to?

 

Thanks

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.