Having problem with deletejoke ch. 4 - 4th ed. Yank book

PHP
1

Hello - This is my first post - I’m trying to learn php after being a front end hack for years. I’m really stuck on the delete joke part of Ch. 4. The jokes are being listed and their aren’t any errors. my code is below - not sure if the problem is in the controller or the jokes template.

Any help or insight would be greatly appreciated. I’m running this off a live server - not on my computer.
Thanks! :smiley:

<?php  

//Start Reporting -------------------
	ini_set('display_errors', 1);
	error_reporting(E_ALL);
//End Reporting  -------------------


//Start Magic Quotes -------------------	
	if (get_magic_quotes_gpc())
	{
		function stripslashes_deep($value)
		{
			$value = is_array($value) ?
				array_map('stripslashes_deep', $value) :
				stripslashes($value);
			return $value;
		}
		
		$_POST = array_map('stripslashes_deep', $_POST);
		$_GET = array_map('stripslashes_deep', $_GET);
		$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
		$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
	}
//End Magic Quotes -------------------


//Start Add Joke link -------------------
	if (isset($_GET ['addjoke']))
	{
		include 'form.html.php';
		exit();
	}
//End  Add Joke link -------------------



//Start DB CONNECT --------
	$link = mysqli_connect('mysql1.xx.com', 'mwarnoc_jokester', 'xx');
	
	if (!$link)
	{
		$error = 'Unable to connect to the Database server.';
		include 'error.html.php';
		exit();
	}
	
	if (!mysqli_set_charset($link, 'utf8'))
	{
		$output = 'Unable to set database encoding.';
		include 'output.html.php';
		exit();
	}
		
	if (!mysqli_select_db($link, 'mwarnoc_jokes'))
	{
		$error = 'Unable to locate the joke database.';
		include 'error.html.php';
		exit();
	}
//End DB CONNECT --------

	
//Start INSERT into table code -------------------
	if (isset($_POST['joketext']))
	{
		$joketext = mysqli_real_escape_string($link, $_POST['joketext']);
		$sql = 'INSERT INTO jokes SET
			joketext="' . $joketext . '",
			jokedate=CURDATE()';

		if (!mysqli_query($link, $sql))
		{
			$error = 'Error submitting joke: ' . mysqli_error($link);
			include 'error.html.php';
			exit();
		}
		
		header('Location: .');
		exit();
	}
//End INSERT into table code -------------------

		
//Start DELETE code -------------------
	if (isset($_GET['deletejoke']))
	{
		$id = mysqli_real_escape_string($link, $_POST['id']);
		$sql = "DELETE FROM jokes WHERE id='id'";
		
		if (!mysqli_query($link, $sql))
		{
			$error = 'Error submitting joke: ' . mysqli_error($link);
			include 'error.html.php';
			exit();
		}
		
		header('Location: .');
		exit();
	}
//End DELETE code -------------------


//Start SELECT loop -------------------
	$result = mysqli_query($link, 'SELECT id, joketext FROM jokes');
	if (!$result)
	{
		$error = 'Error fetching jokes: ' . mysqli_error($link);
		include 'error.html.php';
		exit();
	}
	
	while ($row = mysqli_fetch_array($result))
	{
 		$jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
	}
	
	include 'jokes.html.php';
//End SELECT loop -------------------
?>

Here is the Jokes template:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<head>
		<title>Delete Jokes</title>
		<meta http-equiv="description" content="" />
		<meta name="keywords" content="" />
		<meta http-equiv="content-type" content="text/html; charset=utf-8" />
	</head><!-- end header -->
	
	<body><!-- start body -->

		<p>Here are all the jokes in the database: </p>
		
		<?php foreach ($jokes as $joke): ?>
			<form action="?deletejoke" method="post">
				<blockquote>
					<p>
						<?php echo htmlspecialchars($joke['text'], ENT_QUOTES, 'UTF-8'); ?>
						<input type="hidden" name="id" value="<?php echo $joke['id']; ?>" />
						<input type="submit" value="Delete" />
					</p>
				</blockquote>
			</form>
		<?php endforeach; ?>
	
	</body><!-- end body -->

</html>
2

Under the delete code - missed the variable - Thanks April at Learnable for sending me the code for the 4th ed.!

$sql = “DELETE FROM jokes WHERE id=‘id’”;

Needs to be

$sql = “DELETE FROM jokes WHERE id=‘$id’”;

Sorry everyone…

3

Hi RipperBro, welcome to the forums

It seems it’s always the small typos that are the big “gotcha’s”

Glad it’s sorted and thanks for posting the solution.

4

I was surprised that no error was displayed because error_reporting(E_ALL); and ini_set(‘display_errors’, 1); were both set. I copied and pasted the code causing problems and sure enough no errors were displayed !!!


<?php 
error_reporting(E_ALL); 
ini_set('display_errors', 1);

// No Errors Shown!!!
$sql = "DELETE FROM jokes WHERE id='id'";

// Updated script - Thanks April at Learnable
// Warning message: Notice: Undefined variable: id 
$sql = "DELETE FROM jokes WHERE id='$id'";



// Alternative statement declarations
// showing warning messages and errors:

// Method # 1
// Warning message: Notice: Use of undefined constant id - assumed 'id'
  $sql = 'DELETE FROM jokes WHERE id="' .id .'"';

// Method # 2
// Warning message: Notice: Undefined variable: id 
$sql = 'DELETE FROM jokes WHERE id="' .$id .'"';

So it looks as though the safest way to write the statements is always to concatenate constants and variables rather than have them inside a double-quoted string.

5

It’s not an error as far as PHP or MySQL are concerned.

The syntax is valid and MySQL is looking for an id field that has the value of the string “id”.

6

Many thanks for pointing out why the syntax is valid, my curiosity is now satisfied :slight_smile:

If the concatenation method was used then the warning notice of undefined constant would have shown.