So, I am trying to figure out how do this this and it boggling me. THIS WILL NOT BE USED ONLINE LIVE SO SQL INJECTION I DONT' CARE ABOUT. What am I doing wrong/right?
<?php
$db = mysql_connect("localhost", "root", "root");
if (!$db) {
die("Database connect failed: " . mysql_error());
}
$db_select = mysql_select_db("UNii", $db);
if (!$db_select) {
die("Database selection failed: " . mysql_error());
}
$comment = $_GET['comment'];
$id = $_GET['id'];
$sql = "UPDATE Dbsaved SET comment = '{$comment}' WHERE id = $id";
$comment1 = mysql_query($sql);
if (!$comment1) {
die("did not save comment: " . mysql_error());
}
echo $sql;
The main problem is with the statement itself, the connection is fine. I am trying to read $comment, and then update that into a MYSQL table and then have it read back in a different file.
EDIT: Mark up for the form I'm taking $comment from.
<!DOCTYPE html>
<html lang="en">
<LINK href="stylesheet.css" rel="stylesheet" type="text/css">
<script src ="js/validateform.js"></script>
<head>
<meta charset="UTF-8">
<title>UniHelp Home</title>
</head>
<body>
<div id="headeruni">
<h1>Welcome <?php echo $_GET["name"]; ?> to UniHelp!</h1>
</div>
<div id ="infouni">
<h3>Welcome to UniHelp. The social Network getting you connected to other people all over the University for any help you require!</h3>
</div>
<div id ="nameandemail">
<form action="formsend.php" method="post">
First name: <br> <input type="text" name="name"><br>
Email: <br> <input type="text" name="email"><br>
Comment: <br> <input type="text" name="message"><br>
<input type="submit" name="submit">
</form>`enter code here`
</div>
<div id="grabphpdiv">
<?php
$db = mysql_connect("localhost", "root", "root");
if (!$db) {
die("Database connect failed: " . mysql_error());
}
$db_select = mysql_select_db("UNii", $db);
if (!$db_select) {
die("Database selection failed: " . mysql_error());
}
$result = mysql_query("SELECT * FROM Dbsaved", $db);
if (!$result) {
die ("Database query failed: " . mysql_error());
}
$comment = $_POST['$comment'];
while ($row = mysql_fetch_array($result)) {
echo "<div id='posts'>";;
echo "<h2>";
echo $row[1] . "";
echo "</h2>";
echo "<p>";
//echo $timestamp = date('d-m-y G:i:s ');
echo "<br>";
echo "<br>";
echo $row[2] . "";
echo "</p>";
echo "<p>";
echo $row[3] . "";
echo "</p>";
echo 'Delete';
echo "<br>";
echo "<br>";
echo 'Comment: <br>
<input type=text name=comment><br>
<a href=addcomment.php?id=' . $row[0]. '&comment='. $row['$comment'].'>Comment</a>';
echo "<p>";
echo $row['comment'] . "";
echo "</p>";
echo "</div>";
echo "<br>";
}
?>
</div>
</body>
<div id="footer">Copyright © James Taylor 2016</div>
</html>
I just ran this code:
$comment = "Hello World!";
$id = 1;
$sql = "UPDATE Dbsaved SET comment = '{$comment}' WHERE id = {$id}";
echo $sql;
and saw:
UPDATE Dbsaved SET comment = 'Hello World!' WHERE id = 1
which is a correct SQL statement, so if it is not working, you might want to play with SQL directly to get something working. Hope that helps!
SOLUTION:
$comment = $_GET['$comment'];
$id = $_GET['$id'];
while ($row = mysql_fetch_array($result)) {
echo "<div id='posts'>";;
echo "<h2>";
echo $row[1] . "";
echo "</h2>";
echo "<p>";
//echo $timestamp = date('d-m-y G:i:s ');
echo "<br>";
echo "<br>";
echo $row[2] . "";
echo "</p>";
echo "<p>";
echo $row[3] . "";
echo "</p>";
echo 'Delete';
echo "<br>";
echo "<br>";
echo $row[4] . "";
echo "<br>";
echo 'Comment: <br>
<form action="addcomment.php?id=' . $row[0]. '" method="post">
<input type=text name=comment><br>
<input type=submit name="submit">
</form>';
echo "<p>";
echo $row['comment'] . "";
echo "</p>";
echo "</div>";
echo "<br>";
}
?>
and:
<?php
$db = mysql_connect("localhost", "root", "root");
if (!$db) {
die("Database connect failed: " . mysql_error());
}
$db_select = mysql_select_db("UNii", $db);
if (!$db_select) {
die("Database selection failed: " . mysql_error());
}
$comment = $_POST['comment'];
$id = $_GET['id'];
$sql = "UPDATE Dbsaved SET comment = '$comment' WHERE id = $id ";
$comment1 = mysql_query($sql);
echo $sql;
if (!$comment1) {
die("did not save comment: " . mysql_error());
}
else {
header("location: UniHelpindex.php");
}
It was to do with mainly needing to get the id which was used in $row[0]' in the form created in the while loop. And actually using the correct syntax for the update Dbsaved... bit.
Related
I had inserted the data from html and it is stored in mysql database, and the data is retrieved from database to html,now I had done how to delete the data that are displayed in html,my task is how to update the displayed.And my deleted code is:
Below is my HTML code:
<html>
<head>
<title>STUDENT_DATA</title>
</head>
<body>
<form action="tab.php" method="post" >
<center>
sname: <input type="text" name="sname" required><br></br>
sno:<input type="text" name="sno"><br></br>
marks:<input type="text" name="marks"><br></br>
class:<input type="text" name="class"><br></br>
phno:<input type="text" name="phno" onkeypress='return event.charCode >
= 48 && event.charCode <= 57'><br></br>
DOB:<input type="date" placeholder="DD-MM-YYYY"
required pattern="(0[1-9]|1[0-9]|2[0-9]|3[01]).(0[1-9]|1[012]).[0-9]{4}"
name="DOB"/><br></br>
<button>submit</button></br>
</center>
</form>
</body>
</html>
Below is my PHP code for displaying the data:
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<?php
$connection = mysql_connect('localhost', 'root','');
if (!$connection)
{
die("Database Connection Failed" . mysql_error());
}
$select_db = mysql_select_db( "student",$connection);
if (!$select_db)
{
die("Database Selection Failed" . mysql_error());
}
$sql = "SELECT * FROM hello1 ";
$result = mysql_query($sql) or die(mysql_error());
?>
<table border="2" style= " margin: 0 auto;" id="myTable">
<thead>
<tr>
<th>sname</th>
<th>sno</th>
<th>marks</th>
<th>class</th>
<th>phno</th>
<th>DOB</th>
</tr>
</thead>
<tbody>
<?php
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['sname'] . "</td>";
echo "<td>" . $row['sno'] . "</td>";
echo "<td>" . $row['marks'] . "</td>";
echo "<td>" . $row['class'] . "</td>";
echo "<td>" . $row['phno'] . "</td>";
echo "<td>" . $row['DOB'] . "</td>";
echo "<td><a href='delete.php?did=".$row['sname']."'>Delete</a></td>";
echo "</tr>";
}
?>
</tbody>
</table>
</body>
</html>
Below is my PHP code for deleting:
<?php
$connection = mysql_connect('localhost', 'root','');
if (!$connection)
{
die("Database Connection Failed" . mysql_error());
}
$select_db = mysql_select_db( "student",$connection);
if (!$select_db)
{
die("Database Selection Failed" . mysql_error());
}
?>
<?php
if(isset($_GET['did'])) {
$delete_id = $_GET['did'];
$sql = mysql_query("DELETE FROM hello1 WHERE sname = '".$delete_id."'");
if($sql) {
echo "<br/><br/><span>deleted successfully...!!</span>";
}
else
{
echo "ERROR";
}
}
?>
Below is what I have tried in update.php
<?php
$connection = mysql_connect('localhost', 'root','');
if (!$connection) { die("Database Connection Failed" . mysql_error());
}
$select_db = mysql_select_db( "emp",$connection);
if (!$select_db) { die("Database Selection Failed" . mysql_error()); } ?>
<?php if(isset($_GET['did']))
{
$update_id = $_GET['did']; $sql = mysql_query("UPDATE FROM venu WHERE id = '".$update_id."'");
if($sql) {
echo "<br/><br/><span>updated successfully...!!</span>";
} else {
echo "ERROR";
}
} ?>
I'm in the process of making a web page that's meant to display data that's within a database. The database is stored in MySQL and I'm making the web page in PHP. The PHP code that I have is
<?php
$query = "select * from project where ".$searchtype." like '%".$searchterm."%'";
$result = mysqli_query($db,$query);
$num_results = mysqli_num_rows($results);
echo "<p>Number of projects found: ".$num_results."</p>";
for ($i=0; $i <$num_results; $i++) {
$row = mysqli_fetch_assoc($result);
echo "<p><strong>".($i+1).". Title: ";
echo htmlspecialchars(stripslashes($row['title']));
echo "</strong><br />Author: ";
echo stripslashes($row['author']);
echo "<br />ISBN: ";
echo stripslashes($row['isbn']);
echo "<br />Price: ";
echo stripslashes($row['price']);
echo "</p>";
}
$mysqli_free_result($result);
$mysqli_close($db);
?>
This PHP script is meant to load different projects that's within the database and in a welcome.php script that calls this script connects to the database and it does connect to it correctly. The problem that I'm having is when I run this script, is that I get the following:
Number of projects found:
As shown, it doesn't display any data from the database.
EDIT
My welcome.php script is
<?php
$hostname='mysql.uniwebsite.ac.uk';
$database='uniusername';
$username='database';
$password='password';
$db= mysql_connect($hostname, $username, $password);
if (!$link) {
die('Connection failed: ' . mysql_error());
}
else{
echo "Connection to MySQL server " .$hostname . " successful!
" . PHP_EOL;
}
$db_selected = mysql_select_db($database, $link);
if (!$db_selected) {
die ('Can\'t select database: ' . mysql_error());
}
else {
echo 'Database ' . $database . ' successfully selected!';
}
?>
EDIT #2
My projects.php code is
<?php
$searchtype=$_POST['searchtype'];
$searchterm=trim($_POST['searchterm']);
if (!$searchtype || !$searchterm) {
echo 'No search details. Go back and try again.';
exit;
}
$query = "select * from project where ".$searchtype." like '%".$searchterm."%'";
var_dump($query);
$result = mysqli_query($link,$query);
$num_results = mysqli_num_rows($result);
echo "<p>Number of projects found: ".$num_results."</p>";
for ($i=0; $i <$num_results; $i++) {
$row = mysqli_fetch_assoc($result);
echo "<p><strong>".($i+1).". Project Number: ";
echo htmlspecialchars(stripslashes($row['projectNo']));
echo "</strong><br />Project Name: ";
echo stripslashes($row['pjname']);
echo "<br />Project City: ";
echo stripslashes($row['city']);
echo "</p>";
}
mysqli_free_result($result);
mysqli_close($link);
?>
And when I run it, I get No search details. Go back and try again.
EDIT #3
In my projects.php I have now got
<form action="list_projects.php" method="post">
<p>Choose Search Type: <br /></p>
<select name="searchtype">
<option value="partNo">Part Number</option>
<option value="pname">Part Name</option>
<option value="color">Part Colour</option>
<option value="weight">Part Weight</option>
<option value="city">City</option>
</select>
<br />
<p>Enter Search Term: </p>
<br />
<input name="searchterm" type="text" size="20"/>
<br />
<input type="submit" name="submit" value="Search"/>
</form>
<?php
$searchtype=$_POST['searchtype'];
$searchterm=trim($_POST['searchterm']);
if (!$searchtype || !$searchterm) {
echo 'No search details. Go back and try again.';
exit;
}
$query = "select * from project where ".$searchtype." like '%".$searchterm."%'";
var_dump($query);
$result = mysqli_query($link,$query);
$num_results = mysqli_num_rows($result);
echo "<p>Number of projects found: ".$num_results."</p>";
for ($i=0; $i <$num_results; $i++) {
$row = mysqli_fetch_assoc($result);
echo "<p><strong>".($i+1).". Part Number: ";
echo htmlspecialchars(stripslashes($row['partNo']));
echo "</strong><br />Part Name: ";
echo stripslashes($row['pname']);
echo "<br />Part Colour: ";
echo stripslashes($row['color']);
echo "<br />Part Weight: ";
echo stripslashes($row['weight']);
echo "<br />City";
echo stripcslashes($row['city']);
echo "</p>";
}
mysqli_free_result($result);
mysqli_close($link);
?>
but when I run it, I get string(49) "select * from project where projectNo like '%J1%'"
Number of projects found:
EDIT
Here are the both files corrected. There were few more typos with function names like $mysqli_free_result($result) and $mysqli_close($db).
File welcome.php:
<?php
$hostname='mysql.uniwebsite.ac.uk';
$database='uniusername';
$username='database';
$password='password';
$link = mysql_connect($hostname, $username, $password);
if (!$link) {
die('Connection failed: ' . mysql_error());
}
else{
echo "Connection to MySQL server " .$hostname . " successful!
" . PHP_EOL;
}
$db_selected = mysql_select_db($database, $link);
if (!$db_selected) {
die ('Can\'t select database: ' . mysql_error());
}
else {
echo 'Database ' . $database . ' successfully selected!';
}
?>
<?php
$query = "select * from project where ".$searchtype." like '%".$searchterm."%'";
// var_dump($query); -- uncomment to make sure the final query makes sense after filling those variables
$result = mysqli_query($link,$query);
$num_results = mysqli_num_rows($result);
echo "<p>Number of projects found: ".$num_results."</p>";
for ($i=0; $i <$num_results; $i++) {
$row = mysqli_fetch_assoc($result);
echo "<p><strong>".($i+1).". Title: ";
echo htmlspecialchars(stripslashes($row['title']));
echo "</strong><br />Author: ";
echo stripslashes($row['author']);
echo "<br />ISBN: ";
echo stripslashes($row['isbn']);
echo "<br />Price: ";
echo stripslashes($row['price']);
echo "</p>";
}
mysqli_free_result($result);
mysqli_close($link);
?>
UPDATE
Remove mysql_close($link);
And then, instead of using $db in the rest of your code, use $link.
$result = mysqli_query($link, $query);
Hello Everyone Good Afternoon
Can I ask a question? but before that here is my code.
<html>
<center>
<font size="2" face = "century gothic">
<?php
$con=mysqli_connect("localhost","root","","election2016");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM candidate_info");
echo "<table border='1'>
<tr>
<th>Candidate Name</th>
<th>Position</th>
<th>Vote</th>
<th>Number of Votes</th>
</tr>";
while ($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['CandidateName'] . "</td>";
echo "<td>" . $row['Position'] . "</td>";
echo "<td><input type='radio' name='candidateid'/>";
echo "<td>" . $row['NumberofVotes'] . "</td>";
}
echo "</table>";
mysqli_close($con);
?>
<br>
<br>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<input name = "update" type = "submit" id = "update" value = "Update">
</form>
</center>
</font>
</html>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$candidateid = $row['candidateid'];
$sql = "UPDATE candidate_info SET numberofvotes = '1' WHERE candidateid = $candidateid" ;
mysql_select_db('election2016');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
?>
The Output of my Code Here is it will show list of Candidates,Position,Radio Button Number of Votes with a button save.
My error here is that when i select a radio button and click the button update i want to put 1 in numberofvotes field but its not updating. Whats wrong with my code?
Any help would be appreciated.
TY so much
<html>
<center>
<font size="2" face = "century gothic">
<?php
$con=mysqli_connect("localhost","root","","election2016");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM candidate_info");
echo "<table border='1'>
<tr>
<th>Candidate Name</th>
<th>Position</th>
<th>Vote</th>
<th>Number of Votes</th>
</tr>";
while ($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['CandidateName'] . "</td>";
echo "<td>" . $row['Position'] . "</td>";
echo "<td><input type='radio' name='candidateid' value='".$row['candidateid']."' >";
echo "<td>" . $row['NumberofVotes'] . "</td>";
$candidateid=$row['candidateid'];
}
echo "</table>";
mysqli_close($con);
?>
<br>
<br>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<input type="hidden" name="candidateid" value="<?php echo $candidateid;?>">
<input name = "update" type = "submit" id = "update" value = "update">
</form>
</center>
</font>
</html>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$candidateid = $_POST['candidateid'];
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$candidateid = $_POST['candidateid'];
$sql = "UPDATE candidate_info SET numberofvotes = 1 WHERE candidateid = '$candidateid'" ;
mysql_select_db('election2016');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
?>
I have a database table with fields Name, EmailAddress, Qualification I want to perform the search using name, emailaddress, qualification and need to display the user details in my web page can anybody tell how can I do it?
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//$name=$_POST['name'];
//$email=$_POST['email'];
//$qualification=$_POST['qualify'];
$sql = "SELECT * FROM form WHERE Name ='kumar' OR EmailAddress = 'kumar#gmail.com' OR Qualification = 'BE' ";
$result=$conn->query($sql);
while($row = $result->fetch_assoc())
{
echo 'Name: '.$row['Name'];
echo '<br /> EmailAddress: ' .$row['EmailAddress'];
echo '<br /> Qualification: '.$row['Qualification'];
echo '<br /> DOB: '.$row['DOB'];
}
mysql_close($con);
$con = mysql_connect ("localhost", "root", "");
mysql_select_db ("myDB", $con);
if (!$con) { die ("Could not connect: " . mysql_error()); }
$sql = mysql_query("SELECT * FROM search WHERE name LIKE '%arun%' OR EmailAddress LIKE '%arun%' OR Qualification LIKE '%arun%' ");
$con->query($sql);
if(count($sql)>0 || $sql !=NULL){
while ($row = mysql_fetch_array($sql, MYSQL_ASSOC))
{
echo 'Name: '.$row['name'];
echo '<br /> Email: ' .$row['email'];
echo '<br /> Address: '.$row['address'];
}
}
else{
echo 'your error here';
}
mysql_close($con);
Use PDO, donĀ“t use mysql or even mysqli. Its not even supported anymore in the latest PHP versions.
$host = 'localhost';
$dbname = 'mydb';
$username = 'root';
$password = 'password';
try {
// create the connection
$conn = new PDO('mysql:host=' . $host . ';dbname=' . $dbname . ';charset=utf8', 'root', 'password');
// set the errmode to exception, set this to ERRMODE_SILENT if you want to hide database errors
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo $e->getMessage(); // catch any connection errors
$conn = false;
}
$select_data = $conn->prepare("SELECT * FROM search WHERE name LIKE :name OR EmailAddress LIKE :email OR Qualification LIKE :qualification ");
$select_data->bindValue(':name', $name); // bind the values to the paramaters
$select_data->bindValue(':email', $email);
$select_data->bindValue(':qualification', $qualification);
$select_data->execute();
if($select_data->rowcount() > 0){ // rowcount returns the amount of results
// atleast 1 result
$results = $select_data->fetchAll(PDO::FETCH_ASSOC); // fetch the results into an array
foreach($results as $row){
echo 'Name: ' . $row['name'];
echo '<br /> Email: ' . $row['email'];
echo '<br /> Address: ' . $row['address'];
}
}
There are other ways to do this with PDO but this is how I tend to do it.
Please try the below code:
<form id="form" action="" method="POST" >
<fieldset>
<label>First Name </label>
<input type="text" placeholder="Name" value="<?php if (isset($_REQUEST['name'])) echo $_REQUEST['name']; ?>" class="form-control required" id="name" name="name">
<label>EmailAddress</label>
<input type="text" placeholder="EmailAddress" value="<?php if (isset($_REQUEST['EmailAddress'])) echo $_REQUEST['EmailAddress']; ?>" class="form-control required" id="EmailAddress" name="EmailAddress">
<label>Qualification </label>
<input type="text" class="form-control" placeholder="Qualification" value="<?php if (isset($_REQUEST['qualification'])) echo $_REQUEST['qualification']; ?>" id="Qualification" name="Qualification">
<br><input value="Search" name="Search" style="width:100%" type="submit" class="btn btn-success">
</fieldset>
</form>
<?php
if (isset($_POST['Search'])) {
$con = mysql_connect("localhost", "root", "");
mysql_select_db("myDB", $con);
if (!$con) {
die("Could not connect: " . mysql_error());
}
$where = '';
if ($_POST['name']) {
$where .="name like '%" . $_POST['name'] . "%'";
}
if ($_POST['EmailAddress']) {
if (!empty($where))
$where.=" or ";
$where .="email like '%" . $_POST['EmailAddress'] . "%'";
}
if ($_POST['Qualification']) {
if (!empty($where))
$where.=" or ";
$where .="qualification like '%" . $_POST['Qualification'] . "%'";
}
$sql = "select id, name, email, qualification from student where " . $where;
echo $sql;
$res = mysql_query($sql) or die("Error in query " . mysql_error());
while ($row = mysql_fetch_array($res, MYSQL_ASSOC)) {
echo "<br><br>";
echo 'No. : ' . $row['id'];
echo '<br /> Name: ' . $row['name'];
echo '<br /> Email: ' . $row['email'];
echo '<br /> Qualification: ' . $row['qualification'];
}
mysql_close($con);
}
?>
I hope this will work for you as you want.
I am just unable to understand why the rows are not getting deleted!
please note that i am getting the login values of corrected check boxes in the php page.
from my point of view, most probably error should be in php page where i am using
'DELETE FROM' query.
<?php
session_start();
?>
<html>
<head>
<form id="delete_customers" action="deletecustomers.php" method="post">
<?php
$con = mysql_connect("localhost","root","");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("car_rental_system", $con);
$result = mysql_query("SELECT * FROM customer");
echo "<table border='1' align='center'>
<tr>
<th>first_name</th>
<th>Last_name</th>
<th>login</th>
</tr>";
while($row = mysql_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['first_name'] . "</td>";
echo "<td>" . $row['login'] . "</td>";
echo "<td>"."<input type='checkbox' name='deletingcustomers[]'
value=$row['login']}"."</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con);
?>
<p class='submit'>
<button type='submit' name='dscustomer'>Delete selected</button>
</p>
</head>
</html>
//NOW deletecustomers.php
<?php
session_start();
$_SESSION['deletingcustomers'] = $_POST['deletingcustomers'];
$N = count($_SESSION['deletingcustomers']);
$con = mysql_connect("localhost","root","");
if (!$con) die('Could not connect: ' . mysql_error());
mysql_select_db("car_rental_system", $con);
if(empty($_SESSION['deletingcustomers'])) {
echo("No customers selected");
} else {
for ($i=0; $i<$N; $i++) {
$sql1="delete from `customer`
where login='{$_SESSION[deletingcustomers][$i]}'";
if(mysql_query($sql1,$con))
echo 'executed';
}
}
?>
NO! No! Why do people keep using mysql_query().....(head desk)
Please look up PDO. http://php.net/manual/en/book.pdo.php it helps prevent sql injections and gives you a better understanding of how to harness oop's power.
Your $_SESSION[deletingcustomers][$i] needs to be $_SESSION['deletingcustomers'][$i]
Example on its way
$tempVar = $_SESSION['deletingcustomers'][$i];
$dbConnection = new PDO("mysql:host=".$hostName.";dbname=".$dbName, $username, $password);
$sql = "delete from `customer` where login='$tempVar'";
$stmt = $newObj->prepare($sql);
$stmt->execute();
Replace
echo "<td>"."<input type='checkbox' name='deletingcustomers[]' value=$row['login']}"."</td>";
To
echo "<td><input type='checkbox' name='deletingcustomers[]' value='".$row['login']."'</td>";
and try