Delete not working

**dlite922** · Jun 24 '09, 08:56 PM

Ya you're delete is wrong.

See Manual: http://dev.mysql.com/doc/refman/5.0/en/delete.html

From what it looks like, you seem to select the image fields of the ads table to hopefully just delete those columns, and not the entire record.

That's now how MySQL works, a record must always have the same number of fields as the table allows although they can contain nothing (empty string, or NULL value)

Remember, Sanitize your inputs if I were to call your delete.php file like so

delete.php?id=1 ';DELETE FROM ads;

what do you think will happen? SQL Injection.

Good luck,

Dan

**Markus** · Jun 24 '09, 08:56 PM

Originally posted by DavidPr

This is a classified ads table which contains all the item's information.

The item's "id" is received on this delete page using

Code:

$id = $_GET["id"];

. It's being sent by

Code:

delete_picture.php?id=$id

A query takes place which grabs the image_name from the database based on the id. Then it unlinks the images in the image/ and image/thumbs folders with this image_name. So the id variable is working, at least to this point.

Then it is suppose to perform this delete query:

Code:

$sql = "DELETE image_name,b_width,b_height,t_width,t_height
FROM ads WHERE id='".$id."'"; 
$result = mysql_query($sql);

But this part is not working. Is there any obvious reason why?

Add 'or die(mysql_error ());' to your mysql query to see if you a generating any errors.

Code:

$result = mysql_query(...) or die(mysql_error());

**DavidPr** · Jun 24 '09, 09:22 PM

How would I sanitize that?

**prabirchoudhury** · Jun 24 '09, 09:43 PM

original
$sql = "DELETE image_name,b_wi dth,b_height,t_ width,t_height
FROM ads WHERE id='".$id."'";
$result = mysql_query($sq l);

your delete query is wrong

may be

Code:

$sql = "DELETE FROM ads WHERE id='".$id."' ";
$result = mysql_query($sql);

**DavidPr** · Jun 25 '09, 12:13 AM

I found that UPDATE worked better than DELETE in this instance.

Code:

$name = $_POST['name'];
$address1 = $_POST['address1'];
$address2 = $_POST['address2'];
$phone = $_POST['phone'];
$cell = $_POST['cell'];

// variables may have a value or they may be empty

query="UPDATE address_book SET
name='$name',
address1='$address1',
address2='$address2',
phone='$phone',
cell='$cell'
WHERE id='$id'";

**prabirchoudhury** · Jun 25 '09, 12:28 AM

cool ..that you wanted ..

get some tutorial online

Delete not working

Delete not working

Comment

Comment

Comment

Comment

Comment

Comment