illuz1on Posted April 15, 2007 Share Posted April 15, 2007 <?php require_once("db.php"); $sql = "DELETE FROM news WHERE id='$id'"; mysql_query($sql); echo "Success!!"; ?> Hey, that is my delete.php file. This is the link I use to try make it delete.. <a href=\"delete.php?id=$id\">Delete</a> It says "Success!!" but then doesnt remove anything from the database? Can anyone help me try see why it doesnt? Thanks Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/ Share on other sites More sharing options...
ShogunWarrior Posted April 15, 2007 Share Posted April 15, 2007 When you are getting something from a URL you get it by name like so: $id = $_GET['id']; or if the URL was ?name=value $var = $_GET['name']; Have a look at the PHP manual about the get and post superglobals, very useful for most projects. Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229910 Share on other sites More sharing options...
Eugene Posted April 15, 2007 Share Posted April 15, 2007 Is $id defined. you should try $_GET['id'], although that will pose some security problems. Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229911 Share on other sites More sharing options...
illuz1on Posted April 15, 2007 Author Share Posted April 15, 2007 mmm ok i see ... so it should look like this then? <?php require_once("db.php"); $sql = "DELETE FROM news WHERE id='$_GET['id']'"; mysql_query($sql); echo "Success!!"; ?> Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229912 Share on other sites More sharing options...
ShogunWarrior Posted April 15, 2007 Share Posted April 15, 2007 I would take the $_GEt part out of the SQL for clarity. <?php require_once("db.php"); $id = mysql_escape_string( $_GET['id'] ); $sql = "DELETE FROM news WHERE id='$id'"; mysql_query($sql); echo "Success!!"; ?> Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-229946 Share on other sites More sharing options...
boo_lolly Posted April 16, 2007 Share Posted April 16, 2007 i wouldn't recommend using a $_GET variable as part of your delete query. if you do, anybody can delete anything if they wanted to. Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230028 Share on other sites More sharing options...
ShogunWarrior Posted April 16, 2007 Share Posted April 16, 2007 As they could with a $_POST,$_REQUEST or AJAX request, it is up to him to implement security. Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230594 Share on other sites More sharing options...
boo_lolly Posted April 16, 2007 Share Posted April 16, 2007 As they could with a $_POST,$_REQUEST or AJAX request, it is up to him to implement security. that was my point... to sanitize user input. Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230612 Share on other sites More sharing options...
ShogunWarrior Posted April 16, 2007 Share Posted April 16, 2007 Ah, very good. Go team! Quote Link to comment https://forums.phpfreaks.com/topic/47145-deletephp-and-linking/#findComment-230700 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.