I've been trying to get my delete statement working.
This is how it should work: Whenever I press the delete button 'commentDelete' it should delete the comment, that has the commentID equal to the poster.
But instead, it only deletes the most previous comment, posted by the poster. I'm really confused, and can't figure out why.
Here's my code I tried:
function commentsDelete($conn) {
if(isset($_POST['commentsDelete'])){
$commentID = $_POST['commentID'];
$sql = "DELETE FROM comments WHERE commentID='$commentID'";
$result = mysqli_query($conn, $sql);
header("Location: commentpage.php");
}
}
The commentID is a integer
If the commentID column is numeric, then you should not be comparing against a quoted text string. Use this instead:
$sql = "DELETE FROM comments WHERE commentID=$commentID";
Remove the quotes from commentId if it is of numeric type in your database
Related
Ok, don't know if this is simple in practice as it is in theory but I want to know.
I have a single INSERT query were by in that query, i want to extract the AUTO_INCREMENT value then reuse it in the same query.
For example
//values to be inserted in database table
$a_name = $mysqli->real_escape_string($_POST['a_name']);
$details = $mysqli->real_escape_string($_POST['details']);
$display_type = $mysqli->real_escape_string($_POST['display_type']);
$getId = mysqli_insert_id();
//MySqli Insert Query
$insert_row = $mysqli->query("INSERT INTO articles (a_name,details,display_type,date_posted) VALUES('$a_name','$details','$display_type$getId',CURRENT_TIMESTAMP)");
Apparently, am getting a blank value(I know because the mysqli_insert_id() is before the query, but I've tried all i could but nothing has come out as i want. Can some please help me on how to achive this
From my knoweldge this cant be done. Because no query has been run, MySQL is unable to return the ID of said query.
You could use a classic approach, pull the id of the previous record and add 1 to it, this is not a great solution as if a record is deleted, the auto increment value and the last value +1 may differ.
Run multiple queries and then use the insert_id (MySQLi is different to what you are using, you are best using $db->lastInsertId(); as mentioned in the comments.
Run a query before hand and store it as a variable;
SELECT auto_increment FROM INFORMATION_SCHEMA.TABLES WHERE table_name = 'tablename'
I strongly recommend Option 2, it is simply the cleanest and most reliable method for what you are looking to achieve.
It seems the value required for $display_type is :$display_type + (max(id) + 1).
In order to get the max_id you'll have to do this query before :
$sql = "SELECT id FROM articles ORDER BY id DESC LIMIT 1";
$result = mysqli->query($sql);
$maxid = $result->fetch_array(MYSQLI_NUM);
// $maxid[0] will contains the value desired
// Remove the mysqli_insert_id() call - Swap $getid by ($maxid[0] + 1)
// and u're good to go
N.B. update the name of ur primary key in the query $sql.
EDIT :
Assuming the weakness of the query and the quick resarch i did.
Try to replace $sql by (don't forget to Update DatabaseName & TableName values) :
$sql = SELECT `AUTO_INCREMENT`
FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA = 'DatabaseName'
AND TABLE_NAME = 'TableName';
That Should do it . More info on the link below :
Stackoverflow : get auto-inc value
I don't think this can be done. You'll have to first insert the row, then update display_type, in two separate queries.
Thanks guys for your opinions, out of final copy, paste, edit and fix; here is the final working code(solution)
`
//values to be inserted in database table
$a_name = $mysqli->real_escape_string($_POST['a_name']);
$details = $mysqli->real_escape_string($_POST['details']);
$display_type = $mysqli->real_escape_string($_POST['display_type']);
//Select AUTO_INCREMENT VALUE
$sql = "SELECT `AUTO_INCREMENT`
FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA = 'chisel_bk'
AND TABLE_NAME = 'articles'";
$result = $mysqli->query($sql);
$maxid = $result->fetch_array(MYSQLI_NUM);
$getId = $maxid[0];
//MySqli Insert Query
$insert_row = $mysqli->query("INSERT INTO articles (a_name,details,display_type,date_posted) VALUES('$a_name','$details','$display_type$getId',CURRENT_TIMESTAMP)");
This happens to do the magic!!!
`
I have looked all over and at tons of code and examples.. This is such a small bit of code but I just can't seem to get it to work.
I have dbo.accounts which contains the id, username, password, createtime..
I have a simple form, you type in the username, and I need the select query to return the ID based on the username.
$result = mssql_query('SELECT id FROM dbo.account WHERE name = $username');
The dbo.gamemoney table will just insert some hardcoded info such as an amount of coins for the game..
My problem is that if I use a query as ID = 123, it works, but when I try to grab the id of dbo.accounts by using the username, I get nothing back.
I know it has to be something small, But I have tried to figure it out for so many hours now that I'm honestly lost..
Thanks for your time,
Chris
Since, $username is string type, you have to enclose it in quotes.
$result = mssql_query("SELECT id FROM dbo.account WHERE name = '$username'");
As a better practice would suggest use a try-catch scenario so that you get the exact error log. Try -
$result = mssql_query('SELECT id FROM dbo.account WHERE name = "'.$username.'"') or die('MSSQL error: ' . mssql_get_last_message());
Thanks everyone for the help!
I was able to get it working. Now I'll make sure it's the right way. I had forgot to add,
while($row = mssql_fetch_array($result)) {
$id = $row['id'];
$ip = $row['ip'];
}
Thats why the id was blank. I was missing some code.
Chris
I have a script which is supposed to delete a post from a database, however when the query is executed it does not delete anything. This is the query string.
$query = "DELETE post FROM kaoscraft_posts WHERE post_id = $postid"
What is wrong with the statement?
Yes, all variables are set and yes I have tested with an exact post_id
If you need more information, please just comment and tell me, don't be rude about it.
From the MySQL manual:
For the single-table syntax, the DELETE statement deletes rows from tbl_name and returns a count of the number of deleted rows.
So you can't delete the post only, you need to delete whole row.
$query = "DELETE FROM kaoscraft_posts WHERE post_id = $postid"
If you want to clear the post only, you can do it by UPDATE statement.
Delete query structure should be like this:
DELETE FROM table_name WHERE condition ;
You can not delete a column value in your table. you need to delete whole record of a row. If you wanted to delete single row then you need to update this row.
try this:
$query = "DELETE FROM kaoscraft_posts WHERE post_id = $postid";
You have an extra 'word' in your statement... it should be
$query = "DELETE FROM kaoscraft_posts WHERE post_id = $postid"
Please look on the below syntax,you come to know your mistake
DELETE FROM table_name WHERE column_name = some_value;
I am trying to update a column in a row in a MySQL table. The column is the 'votes' column and when someone submits an HTML form there is a hidden input with a value of "1" that gets submit and posted. This is the code I am using to try to update the vote count:
if(isset($_POST['image_id']) && isset($_POST['vote'])){
$image_id = $mysqli->real_escape_string($_POST['image_id']);
$vote = $mysqli->real_escape_string($_POST['vote']);
$sql_users_vote = "SELECT * FROM users WHERE id='$image_id'";
$result_users_vote = $mysqli->query($sql_users_vote);
$row_vote = mysqli_fetch_array($result_users_vote);
$votes_count = $row_vote['votes'];
$new_votes = $votes_count + $vote;
$sql_vote = "UPDATE users WHERE id='$image_id' SET votes=$new_votes";
$result_vote = $mysqli->query($sql_vote);
}
I have echo'ed out the variable up until $sql_vote and $image_id, $vote, $votes_count and $new_votes all echo out the correct values. I'm guessing that there is a problem in the UPDATE syntax. I've checked it over and over but can't seem to find anything. I know that I don't have quotes around $new_votes in the UPDATE because I believe that is correct syntax. I've tried it with quotes and it doesn't work that way either.
Can someone help me identify the problem? Thanks!
Doesn't the SET come before the WHERE?
$sql_vote = "UPDATE users SET votes = $new_votes WHERE id = '$image_id'"
Or does it not matter?
$sql_vote = "UPDATE users SET votes=$new_votes WHERE id='$image_id'";
Why doesnt this delete work to delete the whole record:
$query = 'DELETE FROM tblEvents WHERE index = $_GET["id"]';
$result = mysql_query($query, $db) or die(mysql_error($db));
Where index is variable of type int, auto_incremented in MySQL?
Your question php is related, not mysql.
print $query; and see.
then refer to php strings syntax, http://php.net/types.string for the proper syntax.
Also, a variable that goes to the query, must be properly prepared, escaped, or, in case of integer value, manually cast to this type,
$id=intval($_GET["id"]);
or, to make it single line,
$query = 'DELETE FROM tblEvents WHERE `index` = '.intval($_GET["id"]);
also, index is reserved word that can cause problems too, you can escape it with backticks,
`index`
but it will be much better if you rename it to just id
You should test for delete success with a separate query
$query = 'DELETE FROM tblEvents WHERE index = $_GET["id"]';
mysql_query($query, $db);
if( mysql_affected_rows < 1 ) die();
Col. Shrapnel is right, you can't use variables directly in a string in single quotes. If you use double quotes around your query, it will work.
EDIT: As Col. Shrapnel said in his comment, in this case you'll also have to change the double quotes in the array offset to single quotes.
Hopefully you already know this, but you need to secure that $_GET['id'] so people can't do SQL Injection. Try using the following instead:
$query = sprintf('DELETE FROM tblEvents WHERE index = %d',mysql_real_escape_string($_GET['id']));
This also solves your problem of using a variable in single quotes instead of double quotes.
if you wanted you could also do:
$id = mysql_real_escape_string($_GET['id']);
$query = "DELETE FROM tblEvents WHERE index = {$id}";
This works too.