Jump to content

SQL Manipulation


Go to solution Solved by Barand,

Recommended Posts

$delete = mysqli_query($connection,"SELECT Quantity FROM Books WHERE (ID='$idB' AND Quantity < 1)");

        if($delete){

            $delete_run = mysqli_query($connection,"DELETE FROM Books WHERE ID='$idB'");

            echo "<script>alert('Book successfully deleted!')</script>";

        }else{

            $remove= mysqli_query($connection, "UPDATE Books SET Quantity = Quantity - $quantityB WHERE (ID='$idB' AND Quantity > 0)");

            if($remove){

                echo "<script>alert('Book successfully removed!')</script>";

            }

        }

    }

 

My goal here is to delete a data from a table only if the quantity reaches zero and I am having trouble on how to implement that idea what I have so far is just deleting the data with whatever ID was input by the user. $idB and $quantityB are the variables that I used to store user input. Need help :(

 

Edited by AnViLe
Link to comment
https://forums.phpfreaks.com/topic/314229-sql-manipulation/
Share on other sites

  • Solution

Your code seems to be assuming that $delete will be "false" if that first select query does not find any results. Wrong. It will be false only if the query fails with an error. Not finding records is not an error.

I would use that first select query to find out how many books there were for that id. Here's a PDO example...

if ($_SERVER['REQUEST_METHOD']=='POST') {
    $res = $conn->prepare("SELECT quantity FROM book
                           WHERE idb = ?
                           ");
    $res->execute( [$_POST['idb'] ] );
    $available = intval($res->fetchColumn());
    
    if ($available >= $_POST['quantity'] ) {
        $res = $conn->prepare("UPDATE book
                                 SET quantity = quantity - ?
                               WHERE idb = ?  
                               ");
        $res->execute( [ $_POST['quantity'], $_POST['idb'] ] );
        echo "Book/s successfully removed<br>";
    }
    else {
        echo "There are only $available books in stock<br>";
    }
    
    // Remove books with zero quantity
    $count = $conn->exec("DELETE FROM book WHERE quantity = 0");
    echo "$count books were removed<br>";
}           

 

  • Like 1
Link to comment
https://forums.phpfreaks.com/topic/314229-sql-manipulation/#findComment-1592078
Share on other sites

I got questions about your solution:
1.)What is prepare() function? Is it the same as mysqli_query() and is execute() also the same with mysqli_query()?
2.)"$available = intval($res->fetchColumn());" Does this code mean you're storing the data from the table to a variable $available and that specific data is the ID?
3.) Does the "?" represent the user's input?

Edited by AnViLe
Link to comment
https://forums.phpfreaks.com/topic/314229-sql-manipulation/#findComment-1592083
Share on other sites

you should not put user-provided data into your sql query strigs. It exposes you to "SQLinjection". Used prepared statements intead

https://www.php.net/manual/en/pdo.prepare.php

https://www.php.net/manual/en/pdostatement.execute.php

The first query "SELECT quantity FROM book ..." gets the quantity then stores that quantity in the variable "$available". If the book id isn't found, fetchColumn() would return "false" hence the intva()l to change that to 0 - if no books or no record I don't want to update).

  • Like 1
Link to comment
https://forums.phpfreaks.com/topic/314229-sql-manipulation/#findComment-1592084
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.