SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Addict
    Join Date
    Oct 2010
    Posts
    323
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Get variable not sending

    please i am trying to delete from a table and sending the id through a "get variable", but it is not sending the values which means i cant transfer the values to the delete page.please help me have a look
    PHP Code:

    <?


    $connect 
    mysql_connect('localhost','xxxxxx','xxxxxx') or die('error connecting: ' mysql_error());
    mysql_select_db('reachea2_registeringmembers')or die('error selecting db: ' mysql_error());

    $pplresult mysql_query("SELECT * FROM repplac");
    echo 
    "<table border='1'><tr><th> SHOP NAME</th><th> PRODUCT NAME</th><th> PRODUCT SIZE</th><th> PRODUCT COLOUR</th><th> PRODUCT QUANTITY</th><th> PRICE</th><th> </th></tr>";
    while(
    $row mysql_fetch_assoc($pplresult)){
    echo 
    "<tr><td>" .$row['Sname'] ."</td><td>" .$row['Pname'] ."</td><td>" .$row['Psize'] ."</td><td>" .$row['Pcolour'] ."</td><td>" .$row['Pquantity'] ."</td><td>" .$row['Price'] ."</td><td>" ?>
    <a href="deleteproduct.php?del=$row['Pidno']">delete</a></td></tr><?php }
        
    // table closing tag
    echo"</table>"
    ?>
    PHP Code:
    <?php
    $rowdelete 
    $_GET['del'];
    //echo "$rowdelete";

    //open database
    $connect mysql_connect('localhost','xxxxxxx','xxxxxxxx') or die('error connecting: ' mysql_error());
    mysql_select_db('reachea2_registeringmembers')or die('error selecting db: ' mysql_error());//select database


    $queryreg mysql_query("

    DELETE FROM pplac where pidno =   
    {$rowdelete} LIMIT 1

    "
    );
    ?>

  2. #2
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,501
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Check the link in the HTML code of the page in your browser. What do you see?

  3. #3
    SitePoint Addict
    Join Date
    Oct 2010
    Posts
    323
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    checked it but discovered that a escaped php tag, was before the link, so its been rectified guido, thanks

  4. #4
    SitePoint Addict
    Join Date
    Oct 2010
    Posts
    323
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    guido, for the delete scripts itself, its giving this error
    Unknown column 't555' in 'where clause'
    PHP Code:
    <?php
    $rowdelete 
    $_GET['del'];
    //echo "$rowdelete";

    //open database
    $connect mysql_connect('localhost','xxxxxxx','xxxxx') or die('error connecting: ' mysql_error());
    mysql_select_db('reachea2_registeringmembers')or die('error selecting db: ' mysql_error());//select database


    $delete mysql_query("DELETE FROM repplac where pidno = {$rowdelete}");
    if (
    mysql_affected_rows() == 1){
    echo 
    "yeah";
    }else die(
    mysql_error()); 
    ?>

  5. #5
    SitePoint Wizard bronze trophy Immerse's Avatar
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    1,661
    Mentioned
    7 Post(s)
    Tagged
    1 Thread(s)
    You need to enclose variable values in apostrophes when executing queries, otherwise MySQL will think it's a column name:

    PHP Code:
    $delete mysql_query("DELETE FROM repplac where pidno = '{$rowdelete}'"); 

    p.s. you need to read up about escaping variables to send to queries, as I could drop your entire database using this! http://php.net/manual/en/function.my...ape-string.php

  6. #6
    SitePoint Addict
    Join Date
    Oct 2010
    Posts
    323
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    thanks immerse, will read, and correct all posibble pitfall before continuing the work.thanks

  7. #7
    SitePoint Wizard bronze trophy Immerse's Avatar
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    1,661
    Mentioned
    7 Post(s)
    Tagged
    1 Thread(s)
    Awesome!
    Let us know if you need something explaining or help with securing your script

  8. #8
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,501
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by Immerse View Post
    You need to enclose variable values in apostrophes when executing queries
    String values, yes. Numeric values, no. In this case it's a string value, so yes

  9. #9
    SitePoint Wizard bronze trophy Immerse's Avatar
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    1,661
    Mentioned
    7 Post(s)
    Tagged
    1 Thread(s)
    @guido2004 ; Yes, good point!

  10. #10
    SitePoint Addict
    Join Date
    Oct 2010
    Posts
    323
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    i am having this error warning
    Warning: Wrong parameter count for mysql_query() in /home/reachea2/public_html/deleteproduct.php on line 8
    i guess its because i have assigned the string to a variable $rowdelete, so ow will i correct that please

    PHP Code:
    <?php require_once("include/dataconnect.php");?>
    <?php 
    require_once("include/functions.php");?>
    <?php
    $rowdelete 
    $_GET['del'];
    //echo "$rowdelete";
    $delete mysql_query("DELETE FROM repplac where pidno = '{$rowdelete}'",
    mysql_real_escape_string($pidno),
     
    mysql_real_escape_string(${$rowdelete}));
    if (
    mysql_affected_rows() == 1){
    //echo "yeah";
    redirect_to('youraccount.php');
    }else die(
    mysql_error()); 
    ?>


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •