Results 1 to 8 of 8
  1. #1
    Join Date
    Apr 2010
    Posts
    3

    Post Unanswered: Deleting Query Problem

    Hi there,

    I'm having problems deleting a row from my database. With the query I have I can delete everything in my table, but what I need is to only delete the row that has the checkbox ticked! My PHP code is below, can someone please have a look at it and let me know how to delete just one row??

    <?php
    $noupdates=0;
    include("dbconnect.php");
    $email=$_GET['pending'];
    $query = "DELETE FROM members WHERE pending=" .$email;
    $result = @ mysql_query($query);
    if (!$result) {
    $message="problem with members table";
    echo "<a href='../approve.php'><h2>Back to Approve page</h2></a>";
    die($message);
    }
    if (mysql_affected_rows()==0){
    echo "Failed update: ".$email."<br />";
    echo "<a href='../approve.php'><h2>Back to Approve page</h2></a>";
    } else {
    header("location:../approve.php");
    }
    ?>

    Cheers

  2. #2
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    text / string / char columns when used in SQL statements shouldbe encapsulated in quotes
    eg
    Code:
    $query = "DELETE FROM members WHERE pending='" .$email."'";
    I'd rather be riding on the Tiger 800 or the Norton

  3. #3
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    *** Moved to PHP forums, as the problem is with the PHP code, rahter than a MySQL issue ***
    I'd rather be riding on the Tiger 800 or the Norton

  4. #4
    Join Date
    Jun 2007
    Location
    London
    Posts
    2,527
    Quote Originally Posted by stacson
    and let me know how to delete just one row??
    and the following should delete just one row:
    Code:
    $query = "DELETE FROM members WHERE pending='$email' limit 1";

  5. #5
    Join Date
    Apr 2010
    Posts
    3

    Smile

    Hey thanks for the help but the above didn't work, but with sleep and a fresh head I got it to work!!

    $email=$_GET['pending'];
    $query = "DELETE FROM members WHERE pending=1 AND ".$email;

  6. #6
    Join Date
    Jun 2007
    Location
    London
    Posts
    2,527
    Quote Originally Posted by stacson View Post
    Hey thanks for the help but the above didn't work, but with sleep and a fresh head I got it to work!!

    $email=$_GET['pending'];
    $query = "DELETE FROM members WHERE pending=1 AND ".$email;
    I guess we foolishly looked at what your code was originally doing and then tried to do what you asked!

    Out of curiosity:
    • Why are you putting the form variable "pending" into a variable called email???
    • What does $email now contain to make the above delete statement valid?
    • Is there anything to stop a user from entering a pending value of "1=1 or 1=1" which would then delete all the data in your table?
    • Does this now limit the delete to just one record as you originally asked?

  7. #7
    Join Date
    Apr 2010
    Posts
    3
    The code was copied over from "approve.php" as it is pretty much the same and the email variable was called $email on that page - I just haven't altered it.

    When a user signs up the pending column is automatically assigned "1", so $email holds the number 1. When I approve a user the pending column changes to "0".

    I'm really new to all of this and I don't quite understand what you mean "1=1 or 1=1"...all I know is because I didn't specify the number 1 it was deleting everything including approved ("0") members. So by changing my query to $query = "DELETE FROM members WHERE pending=1 AND ".$email; stops all users from being deleted. I will change the $email variable to $pending so it reads eaiser. Hope I have answered your questions.

  8. #8
    Join Date
    Jun 2007
    Location
    London
    Posts
    2,527
    Quote Originally Posted by stacson
    Hope I have answered your questions.
    Perfectly - thank you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •