SitePoint Sponsor

User Tag List

Results 1 to 20 of 20
  1. #1
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    delete and update

    now i have a database and a from.
    i can now insert data from a form into mydatabase but till now i'm trying to update data and i can not
    after that i treid to delete data and i can not reach it also
    can anyone help me

  2. #2
    SitePoint Enthusiast DidUSayScript's Avatar
    Join Date
    Feb 2006
    Location
    UK
    Posts
    32
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    do you have update / delete permissions on db ?
    ______________________
    Enjoying life is not about what you get from it ....
    ...... but how you perceive what you get

    www.jerilimited.co.uk

  3. #3
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,500
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Do you have any code?
    What does "I can not" mean? You get an error? If so, what error?

  4. #4
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i have the permission to do everything in db
    i can not means that i'm trying to make it but i cant write the right syntax.

    my form is the following:



    </p>
    <p>&nbsp;</p>
    <p>&nbsp;</p>
    <form method="post" action="create_subject.php" id="1" name="gateway" >
    <table width="500" border="0" cellspacing="0" cellpadding="0">
    <tr>
    <td width="190">Hotel Name</td>
    <td>::/td>
    <td width="200"><label for="hotel_name"></label>
    <input type="text" name="hotel_name" id="hotel_name"></td>
    <td>
    <input type="checkbox" name="hotel" id="hotel">
    <label for="hotel"></label></td>
    </tr>
    <tr>
    <td>Tel</td>
    <td>::/td>
    <td><input type="text" name="tel" id="tel"></td>
    <td><input type="checkbox" name="te" id="te"></td>
    </tr>
    <tr>
    <td>Tel2</td>
    <td>::/td>
    <td><input type="text" name="tel2" id="tel2"></td>
    <td><input type="checkbox" name="te2" id="te2"></td>
    </tr>
    <tr>
    <td>Fax</td>
    <td>::/td>
    <td><input type="text" name="fax" id="fax"></td>
    <td><input type="checkbox" name="fa" id="fa"></td>
    </tr>
    <tr>
    <td>Contact Person</td>
    <td>::/td>
    <td><input type="text" name="contact_person" id="contact_person"></td>
    <td><input type="checkbox" name="cp" id="cp"></td>
    </tr>
    <tr>
    <td>E-mail</td>
    <td>::/td>
    <td><input type="text" name="emal" id="emal"></td>
    <td><input type="checkbox" name="eml" id="eml"></td>
    </tr>
    <tr>
    <td>Notes</td>
    <td>::/td>
    <td><input type="text" name="notes" id="notes"></td>
    <td><input type="checkbox" name="nts" id="nts"></td>
    </tr>
    <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td><label for="submit"></label>
    <input type="submit" name="submit" id="submit" value="Submit"> <label for="update"></label></td>
    <td>&nbsp;</td>
    </tr>
    </table>
    </form>



    here i can enter data into database
    but i dont know how to delete or update it

  5. #5
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,500
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    http://dev.mysql.com/doc/refman/5.1/en/update.html
    http://dev.mysql.com/doc/refman/5.1/en/delete.html

    I don't see any code to insert data in the database. But anyway, the syntax for the update and delete statements in MySQL can be found at the links above.

    One thing: Let's assume your table has a unique autoincrement key (let's say: HotelId). When you insert new data, this key value is not important (because it's generated by MySQL (autoincrement)), but when you want to update or delete a row, you'll have to pass this key value and use it in the query. You can use a hidden field in the form to do that.
    If your table has another unique key (hotel name for example), then you'll have to use this value in your query.

  6. #6
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    sorry for interruption mr\Guido

    this is my create_subject.php

    <?
    $DBhost = "localhost";
    $DBuser = "root";
    //$DBpass = "123456";
    $DBname = "gateway";

    /// 1. create a database connection
    $connection = mysql_connect($DBhost, $DBuser)
    or die ("database connect error: " . mysql_error());
    //// 2. select a database to use
    $db_connect = mysql_select_db($DBname, $connection)
    or die ("database select error: " . mysql_error());

    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());?>
    <table border="1">
    <tr>

    <td>Hotel </td>
    <td>Tel</td>
    <td>Tel2</td>
    <td>Fax</td>
    <td>Contact Person</td>
    <td>E-mail</td>
    <td>Notes</td>

    </tr>
    <p>
    <?


    $hotel_name=$_POST["hotel_name"];
    $tel=$_POST["tel"];
    $tel2=$_POST["tel2"];
    $fax=$_POST["fax"];
    $contact_person=$_POST["contact_person"];
    $emal=$_POST["emal"];
    $notes=$_POST["notes"];
    ?>

    <?

    $qryp2="INSERT INTO `hotels` (
    `Hotel_Name` ,
    `Tel` ,
    `Tel2` ,
    `Fax` ,
    `Contact_Person` ,
    `E-mail` ,
    `Notes`
    )
    VALUES (
    '$hotel_name', '$tel', '$tel2', '$fax', '$contact_person', '$emal', '$notes'
    )";
    $result2 = mysql_query($qryp2);
    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());

    //// 4. Use returned data
    while ($tr_res = mysql_fetch_array($result)){

    echo "<tr>";

    echo

    "<td>" . $tr_res["Hotel_Name"] . "</td>
    <td>" . $tr_res["Tel"] . "</td>
    <td>" . $tr_res["Tel2"] . "</td>
    <td>" . $tr_res["Fax"] . "</td>
    <td>" . $tr_res["Contact_Person"] . "</td>
    <td>" . $tr_res["E-mail"] . "</td>
    <td>" . $tr_res["Notes"] . "</td>


    ";

    echo "</tr>";
    }

    echo("</table>");







    ?>





    till now i can not delete a specific data

  7. #7
    SitePoint Member
    Join Date
    Nov 2008
    Posts
    18
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    Your create_subject.php file only contains INSERT and SELECT queries, if you want to delete a single record, you must use a DELETE query like so:

    Code PHP:
    $id = ... //get $id from somewhere
    $sql = "DELETE FROM table WHERE id = '$id'";
    mysql_query($sql);

    As guido2004 said, you must pass in a parameter for the deletion, such as through a hidden form field or a URL (probably not a good idea).

    Hope this is of help!

    Alex

  8. #8
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i helps me but i have a problem
    i made a field in my database called ID and it is autoincrement , but i can get this id from the first page to the second page

    i made this line
    <?
    $id = $_POST['id'];

    ?>

    but it did not work, when i press on submit buttom the id is not passed to the second page

    sorry for interruption but i'm a beginner in php mysql and i need ur help

  9. #9
    SitePoint Addict silentcollision's Avatar
    Join Date
    Jun 2006
    Location
    New Zealand
    Posts
    388
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

  10. #10
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Now i have this page and in the image part i want to passs the id in the selected row to the page delete.php and after that deleteing this row


    <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a>

    i want here to set the id to be like the id in the database to use it in the where condition.

    can anyone help me on how to set the vaiable$id to be like the id in the selected row?




    but till now i can not pass the id to the next page





    <?
    $DBhost = "localhost";
    $DBuser = "root";
    //$DBpass = "123456";
    $DBname = "gateway";

    /// 1. create a database connection
    $connection = mysql_connect($DBhost, $DBuser)
    or die ("database connect error: " . mysql_error());
    //// 2. select a database to use
    $db_connect = mysql_select_db($DBname, $connection)
    or die ("database select error: " . mysql_error());

    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());



    ?>



    <table border="1">
    <tr>
    <td> ID </td>
    <td>Hotel </td>
    <td>Tel</td>
    <td>Tel2</td>
    <td>Fax</td>
    <td>Contact Person</td>
    <td>E-mail</td>
    <td>Notes</td>
    <td></td>
    </tr>
    <p>
    <?


    $hotel_name=$_POST["hotel_name"];
    $tel=$_POST["tel"];
    $tel2=$_POST["tel2"];
    $fax=$_POST["fax"];
    $contact_person=$_POST["contact_person"];
    $emal=$_POST["emal"];
    $notes=$_POST["notes"];


    ?>

    <?

    $qryp2="INSERT INTO `hotels` (
    `Hotel_Name` ,
    `Tel` ,
    `Tel2` ,
    `Fax` ,
    `Contact_Person` ,
    `E-mail` ,
    `Notes`
    )
    VALUES (
    '$hotel_name', '$tel', '$tel2', '$fax', '$contact_person', '$emal', '$notes'
    )";
    $result2 = mysql_query($qryp2);
    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());

    //// 4. Use returned data
    while ($tr_res = mysql_fetch_array($result)){

    echo "<tr>";

    echo

    "<td>" . $tr_res['id'] . "</td>

    <td>" . $tr_res["Hotel_Name"] . "</td>
    <td>" . $tr_res["Tel"] . "</td>
    <td>" . $tr_res["Tel2"] . "</td>
    <td>" . $tr_res["Fax"] . "</td>
    <td>" . $tr_res["Contact_Person"] . "</td>
    <td>" . $tr_res["E-mail"] . "</td>
    <td>" . $tr_res["Notes"] . "</td>

    <td> <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a></td>
    ";

    echo "</tr>";
    }

    echo("</table>");






    ?>




    sorry for interruption but i'm a beginner in php mysql and i need ur help
    Last edited by john_zakaria; Dec 2, 2008 at 02:57.

  11. #11
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    p\

    Now i have this page and in the image part i want to passs the id in the selected row to the page delete.php and after that deleteing this row


    <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a>

    i want here to set the id to be like the id in the database to use it in the where condition.

    can anyone help me on how to set the vaiable$id to be like the id in the selected row?




    but till now i can not pass the id to the next page





    <?
    $DBhost = "localhost";
    $DBuser = "root";
    //$DBpass = "123456";
    $DBname = "gateway";

    /// 1. create a database connection
    $connection = mysql_connect($DBhost, $DBuser)
    or die ("database connect error: " . mysql_error());
    //// 2. select a database to use
    $db_connect = mysql_select_db($DBname, $connection)
    or die ("database select error: " . mysql_error());

    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());



    ?>



    <table border="1">
    <tr>
    <td> ID </td>
    <td>Hotel </td>
    <td>Tel</td>
    <td>Tel2</td>
    <td>Fax</td>
    <td>Contact Person</td>
    <td>E-mail</td>
    <td>Notes</td>
    <td></td>
    </tr>
    <p>
    <?


    $hotel_name=$_POST["hotel_name"];
    $tel=$_POST["tel"];
    $tel2=$_POST["tel2"];
    $fax=$_POST["fax"];
    $contact_person=$_POST["contact_person"];
    $emal=$_POST["emal"];
    $notes=$_POST["notes"];


    ?>

    <?

    $qryp2="INSERT INTO `hotels` (
    `Hotel_Name` ,
    `Tel` ,
    `Tel2` ,
    `Fax` ,
    `Contact_Person` ,
    `E-mail` ,
    `Notes`
    )
    VALUES (
    '$hotel_name', '$tel', '$tel2', '$fax', '$contact_person', '$emal', '$notes'
    )";
    $result2 = mysql_query($qryp2);
    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());

    //// 4. Use returned data
    while ($tr_res = mysql_fetch_array($result)){

    echo "<tr>";

    echo

    "<td>" . $tr_res['id'] . "</td>

    <td>" . $tr_res["Hotel_Name"] . "</td>
    <td>" . $tr_res["Tel"] . "</td>
    <td>" . $tr_res["Tel2"] . "</td>
    <td>" . $tr_res["Fax"] . "</td>
    <td>" . $tr_res["Contact_Person"] . "</td>
    <td>" . $tr_res["E-mail"] . "</td>
    <td>" . $tr_res["Notes"] . "</td>

    <td> <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a></td>
    ";

    echo "</tr>";
    }

    echo("</table>");






    ?>

  12. #12
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Post php my sql problem (need help)

    Now i have this page and in the image part i want to passs the id in the selected row to the page delete.php and after that deleteing this row


    <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a>

    i want here to set the id to be like the id in the database to use it in the where condition.

    can anyone help me on how to set the vaiable$id to be like the id in the selected row?




    but till now i can not pass the id to the next page





    <?
    $DBhost = "localhost";
    $DBuser = "root";
    //$DBpass = "123456";
    $DBname = "gateway";

    /// 1. create a database connection
    $connection = mysql_connect($DBhost, $DBuser)
    or die ("database connect error: " . mysql_error());
    //// 2. select a database to use
    $db_connect = mysql_select_db($DBname, $connection)
    or die ("database select error: " . mysql_error());

    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());



    ?>



    <table border="1">
    <tr>
    <td> ID </td>
    <td>Hotel </td>
    <td>Tel</td>
    <td>Tel2</td>
    <td>Fax</td>
    <td>Contact Person</td>
    <td>E-mail</td>
    <td>Notes</td>
    <td></td>
    </tr>
    <p>
    <?


    $hotel_name=$_POST["hotel_name"];
    $tel=$_POST["tel"];
    $tel2=$_POST["tel2"];
    $fax=$_POST["fax"];
    $contact_person=$_POST["contact_person"];
    $emal=$_POST["emal"];
    $notes=$_POST["notes"];


    ?>

    <?

    $qryp2="INSERT INTO `hotels` (
    `Hotel_Name` ,
    `Tel` ,
    `Tel2` ,
    `Fax` ,
    `Contact_Person` ,
    `E-mail` ,
    `Notes`
    )
    VALUES (
    '$hotel_name', '$tel', '$tel2', '$fax', '$contact_person', '$emal', '$notes'
    )";
    $result2 = mysql_query($qryp2);
    ///// 3. Perform database query
    $qryp = "SELECT * FROM hotels";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());

    //// 4. Use returned data
    while ($tr_res = mysql_fetch_array($result)){

    echo "<tr>";

    echo

    "<td>" . $tr_res['id'] . "</td>

    <td>" . $tr_res["Hotel_Name"] . "</td>
    <td>" . $tr_res["Tel"] . "</td>
    <td>" . $tr_res["Tel2"] . "</td>
    <td>" . $tr_res["Fax"] . "</td>
    <td>" . $tr_res["Contact_Person"] . "</td>
    <td>" . $tr_res["E-mail"] . "</td>
    <td>" . $tr_res["Notes"] . "</td>

    <td> <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a></td>
    ";

    echo "</tr>";
    }

    echo("</table>");






    ?>

  13. #13
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Change:-
    Code:
    <td> <a href='delete.php?id='$id'><img src='untitled.jpg' width='10' height='11' border='0' /></a></td>
    To:-
    Code:
    <td> <a href='delete.php?id=" . $tr_res['id'] . "><img src='untitled.jpg' width='10' height='11' border='0' /></a></td>
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  14. #14
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thnx alot
    but in the condition

    "DELETE FROM gateway WHERE id=$_GET['id']";


    is this conditon true ???

  15. #15
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    I think its just a misplaced single quote here:

    <a href='delete.php?id='$id'>

    Should be:

    <a href='delete.php?id=$id'>

    If you had looked at the source code of your page you would probably have noticed the html error you made.

    ps using the GET method to delete something makes it awfully easy for someone to delete everything in your table - in principle you should use GET to retrieve data, and a form with a POST method to alter data.

  16. #16
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Yes that would work, but please bear in mind you need to sanitise the variable before using in your script.

    A simple check to see if the value is numeric should do, then just handle appropriately.

    PHP Code:
    <?php
    //--> check that id is set, is not empty and it is numeric.
    if(  isset($_GET['id']) && !empty($_GET['id']) && is_numeric($_GET['id']) )
    {
        
    //--> proceed with query
    }
    else
    {
        
    //--> handle invalid value
    }
    ?>
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  17. #17
    secure webapps for all Aleksejs's Avatar
    Join Date
    Apr 2008
    Location
    Riga, Latvia
    Posts
    755
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    And also imagine what would happen if I placed something like this:
    <img src="http://yoursite.you/delete.php?id=45"> as an image, say, in this forum...and while being logged into your webapp, you opened this page.
    Take look at explanation of what Cross Site Request Forgery is and how to avoid it.
    And as SilverBulletUK already pointed out - take look at what SQL injections are and how to avoid them.

  18. #18
    SitePoint Wizard silver trophybronze trophy Stormrider's Avatar
    Join Date
    Sep 2006
    Location
    Nottingham, UK
    Posts
    3,133
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Off Topic:

    Quote Originally Posted by Cups View Post
    Buy you a beer if you can work out my Customer User Title on the left there.
    Anagram for Sitepoint Wizard :P

  19. #19
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    235
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    till now i fixed my problem but update not works well

    i have a syntax error in update and i can not modify it
    can u help me?
    $qryp = "UPDATE hotels SET
    Hotel_Name='$hotel_name',
    Tel='$tel',
    Tel2='$tel2',
    Fax= '$fax',
    Contact_Person='$contact_person',
    E-mail='$emal',
    Notes='$notes'
    WHERE id=$id";


    1- i made a form and i post its value in this page
    2- i echoed these values in my page so it works well
    3- but i have a syntax error in mysql statment and i can not modify it
    can u help me?


    my code is:
    <?

    $id = $_POST["id1"];
    echo ("$id");
    $hotel_name=$_POST["hotel_name"];
    echo ("$hotel_name");
    $tel=$_POST["tel"];
    $tel2=$_POST["tel2"];
    $fax=$_POST["fax"];
    $contact_person=$_POST["contact_person"];
    $emal=$_POST["emal"];
    $notes=$_POST["notes"];


    ?>
    <?


    ///// 3. Perform database query
    $qryp = "UPDATE hotels SET
    Hotel_Name='$hotel_name',
    Tel='$tel',
    Tel2='$tel2',
    Fax= '$fax',
    Contact_Person='$contact_person',
    E-mail='$emal',
    Notes='$notes'
    WHERE id=$id";
    print "qryp: " . $qryp . "<br>";
    $result = mysql_query($qryp)
    or die ("table error: " . mysql_error());
    while ($tr_res = mysql_fetch_array($result)){
    //echo $tr_res["id"] ;
    }

    ?>

  20. #20
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by Stormrider View Post
    Off Topic:


    Anagram for Sitepoint Wizard :P
    Off Topic:

    ahh, got me! took a fellow 'wizard' though. Better link up then when I'm around Notts.

    on the lookout for a xmas coding job anyway, might be then.

    Now I am going to have to think of another handle.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •