illuz1on Posted April 15, 2007 Share Posted April 15, 2007 <?php require_once("db.php"); $sql = "DELETE FROM news WHERE id='$id'"; mysql_query($sql); echo "Success!!"; ?> Hey, that is my delete.php file. This is the link I use to try make it delete.. <a href=\"delete.php?id=$id\">Delete</a> It says "Success!!" but then doesnt remove anything from the database? Can anyone help me try see why it doesnt? Thanks Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/ Share on other sites More sharing options...
ShogunWarrior Posted April 15, 2007 Share Posted April 15, 2007 When you are getting something from a URL you get it by name like so: $id = $_GET['id']; or if the URL was ?name=value $var = $_GET['name']; Have a look at the PHP manual about the get and post superglobals, very useful for most projects. Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229910 Share on other sites More sharing options...
Eugene Posted April 15, 2007 Share Posted April 15, 2007 Is $id defined. you should try $_GET['id'], although that will pose some security problems. Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229911 Share on other sites More sharing options...
illuz1on Posted April 15, 2007 Author Share Posted April 15, 2007 mmm ok i see ... so it should look like this then? <?php require_once("db.php"); $sql = "DELETE FROM news WHERE id='$_GET['id']'"; mysql_query($sql); echo "Success!!"; ?> Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229912 Share on other sites More sharing options...
ShogunWarrior Posted April 15, 2007 Share Posted April 15, 2007 I would take the $_GEt part out of the SQL for clarity. <?php require_once("db.php"); $id = mysql_escape_string( $_GET['id'] ); $sql = "DELETE FROM news WHERE id='$id'"; mysql_query($sql); echo "Success!!"; ?> Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229946 Share on other sites More sharing options...
boo_lolly Posted April 16, 2007 Share Posted April 16, 2007 i wouldn't recommend using a $_GET variable as part of your delete query. if you do, anybody can delete anything if they wanted to. Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230028 Share on other sites More sharing options...
ShogunWarrior Posted April 16, 2007 Share Posted April 16, 2007 As they could with a $_POST,$_REQUEST or AJAX request, it is up to him to implement security. Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230594 Share on other sites More sharing options...
boo_lolly Posted April 16, 2007 Share Posted April 16, 2007 As they could with a $_POST,$_REQUEST or AJAX request, it is up to him to implement security. that was my point... to sanitize user input. Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230612 Share on other sites More sharing options...
ShogunWarrior Posted April 16, 2007 Share Posted April 16, 2007 Ah, very good. Go team! Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230700 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.