i have some problem on creating a delete query on my code.
the flow will be, moving data from one table to another, im placing delete codes but its not working
my code
<?php
require_once('php/dbase.php');
$query="INSERT INTO tbl_user (username, password, access_type) VALUES ('".$_POST['user']."','".$_POST['pass']."','staff')";
if($mysqli->query($query)){
$id=$mysqli->insert_id;
$query2="INSERT INTO tbl_accounts (id,fname,mname,lname,gender,designation,s_question,s_answer) VALUES (".$id.",'".$_POST['fname']."','".$_POST['mname']."','".$_POST['lname']."','".$_POST['gender']."','".$_POST['designation']."','".$_POST['s_question']."','".$_POST['s_answer']."')";
if($mysqli->query($query2)){
$error=0;
?>
<script type="text/javascript">
alert("The account has been successfuly verified");
location.href = "account_man.php";
</script>
<?php
}else{
$error=1;
$message="Error";
$data=array('error' =>$error , 'message'=>$message);
echo json_encode($data);
}
}else{
$error=1;
$message="Error";
$data=array('error' =>$error , 'message'=>$message);
echo json_encode($data);
}
?>
The old table is named "tbl_user_reco" and "tbl_accounts_reco".
Note: tbl_user_reco is auto increment
Delete Code
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "tdsw_db";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
// sql to delete a record
$sql = "DELETE FROM tbl_user_reco WHERE id= '.$id.'";
$sql = "DELETE FROM tbl_accounts_reco WHERE id= '.$id.'";
if (mysqli_query($conn, $sql)) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . mysqli_error($conn);
}
mysqli_close($conn);
}else{
$error=1;
$message="Error";
$data=array('error' =>$error , 'message'=>$message);
echo json_encode($data);
}
This is my merged Add and Delete Code and when i run it shows the "Record deleted successfully" but it never deletes anything but it adds data to the new table
<?php
require_once('php/dbase.php');
$query="INSERT INTO tbl_user (username, password, access_type) VALUES ('".$_POST['user']."','".$_POST['pass']."','staff')";
if($mysqli->query($query)){
$id=$mysqli->insert_id;
$query2="INSERT INTO tbl_accounts (id,fname,mname,lname,gender,designation,s_question,s_answer) VALUES (".$id.",'".$_POST['fname']."','".$_POST['mname']."','".$_POST['lname']."','".$_POST['gender']."','".$_POST['designation']."','".$_POST['s_question']."','".$_POST['s_answer']."')";
if($mysqli->query($query2)){
$error=0;
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "tdsw_db";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
// sql to delete a record
$sql = "DELETE FROM tbl_user_reco WHERE id= '.$id.'";
$sql = "DELETE FROM tbl_accounts_reco WHERE id= '.$id.'";
if (mysqli_query($conn, $sql)) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . mysqli_error($conn);
}
mysqli_close($conn);
}else{
$error=1;
$message="Error";
$data=array('error' =>$error , 'message'=>$message);
echo json_encode($data);
}
}else{
$error=1;
$message="Error";
$data=array('error' =>$error , 'message'=>$message);
echo json_encode($data);
}
?>
If you see this code, you are overwriting $sql, and its executing only second query,
$sql = "DELETE FROM tbl_user_reco WHERE id= '.$id.'";
$sql = "DELETE FROM tbl_accounts_reco WHERE id= '.$id.'";//$sql overwriting.
if (mysqli_query($conn, $sql)) {
Related
I am trying to take the value of the topay column where torecieve equals to current session user id and use it to perform operation on the user table.
But it throws a syntax error
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "bazze2";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$merge = "SELECT topay FROM merge WHERE torecieve=$_SESSION[id]";
$sql = "UPDATE user SET topay2='10000000' WHERE 'id'=$merge";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
Use a prepared query, and use a join.
$sql = "UPDATE user AS u
JOIN merge AS m ON u.id = m.topay
SET u.topay2 = '10000000'
WHERE m.toreceive = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_SESSION['id']);
if ($stmt->execute()) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $stmt->error;
}
Hey guys I have created A delete page, It does not work when I just submit the form and the URL is http://localhost/delete-session.php but once I change the URL to http://localhost/delete-session.php?id=1 it works, What am I missing In my code to make it work?
<h1>Delete Page</h1>
<h3>Enter the booking number of the session you would like to delete!</h3>
<form action ="delete-session.php" method="post">
Booking ID:(Refer To Database):<input type="text" name="booking">
This is the php
if(isset($_GET['booking'])){
$id=$_GET['booking'];
if(!is_numeric($id)){
echo "sorry, there appears to have been an error.";
exit;
}
} else {
echo "sorry, there appears to have been an error.";
exit;
}
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "olympics";
$conn = mysqli_connect($servername, $username, $password, $dbname);
$id=$_GET['id'];
if(!is_numeric($id)){
echo "Sorry, there is an error";
exit;
}
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql="DELETE from olympiics where booking='$id'";
echo $sql;
if (mysqli_query($conn, $sql)) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . mysqli_error($conn);
}
mysqli_close($conn);
I'm going to take a crack at this.
I'm guessing it's because when you go to http://localhost/delete-session.php?id=1 you're passing the id=1 via GET, so when you retrieve the GET input from in your code it succeeds with $id=1, but in your HTML your form is send via POST.
As a fix try using $id=$_POST['booking'];
Bench test your code.
It starts getting $id=$_GET['booking']; which does not exist because you have set the method="post" in your <form> tag.
So use $id=$_POST['booking'];
Then later on it does $id=$_GET['id']; overwriting the value you already attempted to get from above.
This would explain why it requires the extra id paramter on http://localhost/delete-session.php?id=1 as using the querystring to send data will send the id parameter in the $_GET['id'] array, and I dont see why you would want to do this anyway as it has been done at the top of your code by getting this id value from $id=$_POST['booking']
It also makes code so much easier to read and more importantly debug if you adopt an indentation standard in your script like below.
Try this out for size, without adding the id=1 to the querystring
if(isset($_POST['booking'])){
$id=$_POST['booking'];
if(!is_numeric($id)){
echo "sorry, there appears to have been an error. Booking must be numeric";
exit;
}
} else {
echo "sorry, there appears to have been an error.";
exit;
}
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "olympics";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql="DELETE from olympiics where booking='$id'";
$res = mysqli_query($conn, $sql);
if ($res !== FALSE) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . mysqli_error($conn);
}
mysqli_close($conn);
?>
As you are using the mysqli extension, you should also be using parameterized queries to prevent SQL Injection.
if(isset($_POST['booking'])){
$id=$_POST['booking'];
if(!is_numeric($id)){
echo "sorry, there appears to have been an error. Booking must be numeric";
exit;
}
} else {
echo "sorry, there appears to have been an error.";
exit;
}
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "olympics";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql="DELETE from olympiics where booking=?";
$stmt = mysqli_prepare($conn, $sql);
if ( $stmt === FALSE ) {
echo mysqli_error($conn);
exit;
}
mysqli_stmt_bind_param($stmt, 'i', $id);
$res = mysqli_stmt_execute($stmt);
if ($res !== FALSE) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . mysqli_error($conn);
}
mysqli_close($conn);
?>
Change form method to get, or use $_REQUEST instead of $_GET
include_once 'dbfunction.php';
getDbConnect();
mysqli_query("DELETE FROM crewlist WHERE id = $_GET[crew_id]") or die (mysqli_error());
echo 'Delete success';
header ('Location: crewlisting.php');
This code doesn't work, however when I replace the crew_id with the actual primary key via hard coding the delete function works
Use this (MySQLi Procedural)
In dbfunction.php should be
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn)
{
die("Connection failed: " . mysqli_connect_error());
}
?>
and insert page should be
<?
include ("dbfunction.php"); //include db connection
$id = $_REQUEST['crew_id'];
$sql = "DELETE FROM crewlist WHERE id = '$id' ";
if (mysqli_query($conn, $sql))
{
echo "Record deleted successfully";
}
else
{
echo "Error deleting record: " . mysqli_error($conn);
}
mysqli_close($conn);
?>
Errors are
There is no function define in getDbConnect()
If you are confusing with 'and " then split the functions
$id = $_REQUEST['crew_id'];
$sql = "DELETE FROM crewlist WHERE id = '$id' ";
Use mysqli_query and mysqli_error in correct format
and error in mysqli_query, You are not passing connection to MySQLi
When ever database part is Finished, Close connection mysqli_close($conn);
Correct your query:
mysqli_query("DELETE FROM crewlist WHERE id ='".$_GET['crew_id']."'") or die('Error: ' . mysqli_error());
I have problem with MySQL database, I can't insert the information into the table. My php code seems to work, but when I run it nothing happens.
<?php
$servername = "localhost";
$fname = "fname";
$lname = "lname";
$klas = "klas";
$nomer = "nomer";
$file = "dom";
$dbname = "homeworks";
$conn = new mysqli($servername, $fname, $lname,$klas,$file,$dbname);
$sql = "INSERT INTO student (fname, lname,klas,file)
VALUES ($servername, $fname, $lname,$klas,$file,)";
?>
You have three main problems in your code:
You're still not connected to the database
Only constructing and not executing
Having not matched parameters in the insert values
Solution :
1. Make a connection first
$conn = new mysqli($servername, $username, $password, $dbname);
The Parameter $servername, $username, $password, $dbname is obviously your hostname, Database Username, Password and the Database name
You should not have your table name or column names in the connection parameters
2. Construct the parameters which matches the coloumn name and variables correctly
$sql = "INSERT INTO student (fname, lname,klas,file)
VALUES ($fname, $lname,$klas,$file)";
3. Execute Your Query :
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
Note :
Also it's good practice to close your connection once you are done
$conn->close();
So, you should be having something like this
<?php
$servername = "localhost";
$username = "YourDBUsername";
$password = "YourDBPassword";
$fname = "fname";
$lname = "lname";
$klas = "klas";
$nomer = "nomer";
$file = "dom";
$dbname = "homeworks"; //Hope you will have your db name here
$conn = new mysqli($servername, $username, $password, $dbname);
$sql = "
INSERT INTO student (fname, lname,klas,file) VALUES
('$fname'
,'$lname'
,'$klas'
,'$file');
";
if ($conn->query($sql) === TRUE) {
echo "New record inserted successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
Advice :
Always use prepared statements else clean your inputs before you insert.
Your connection should look something like this. link
<?php
//change the data into your connection data
$conn = mysqli_connect("localhost","my_user","my_password","my_db");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
You made your query but didn't execute it.
if (mysqli_query($conn, $sql)) {
echo 'records created successfully<br>';
} else {
echo $sql . '"<br>"' . mysqli_error($conn);
}
I have this code that allows a user to reset their account from a url link
<?php
$servername = "localhost";
$username = " ";
$password = " ";
$dbname = " ";
$code = $_GET['code'];
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT com_code FROM user WHERE com_code = ".$_GET['code'];
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<form action='reset.php?code=" . $row["com_code"]. "' method='post'>Enter New Password: <input type='text' name='new_password' placeholder='New Password'><br><input type='submit' value='Submit'></form>";
}
} else {
echo "0 results";
}
$conn->close();
?>
<?php
$servername = "localhost";
$username = " ";
$password = " ";
$dbname = " ";
$pword = $_POST['new_password'];
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if (isset($_POST['Submit'])) {
$sql1 = "UPDATE user SET password='$pword', com_code=NULL WHERE com_code = '$code'";
}
if ($conn->query($sql1) === TRUE) {
echo "Password has been change successfully!";
} else {
echo "Error updating record: " . $conn->error;
}
?>
I keep getting the error:
Warning: mysqli::query(): Empty query in
/home/u590953899/public_html/notify/reset.php on line 47 Error
updating record:
When you press the submit button, it is suppose to UPDATE the database where the com_code = the $GET url
BUT
What happens is that it only reloads the page, how do I fix this?
The link to it is: http://notify.bithumor.co/reset.php?code=123456789
You should change your code to be inside isset like this :
if (isset($_POST['Submit'])) {
$sql1 = "UPDATE user SET password='$pword', com_code=NULL WHERE com_code = '$code'";
if ($conn->query($sql1) === TRUE) {
echo "Password has been change successfully!";
} else {
echo "Error updating record: " . $conn->error;
}
}
Make following changes in your code:
if (isset($_POST['Submit'])) {
$sql1 = "UPDATE user SET password='$pword', com_code IS NULL WHERE com_code = '$code'";
if ($conn->query($sql1) === TRUE) {
echo "Password has been change successfully!";
} else {
echo "Error updating record: " . $conn->error;
}
}
We use IS NULL to check NULL in mysql
if (isset($_POST['Submit'])) {
$sql1 = "UPDATE user SET password='$pword', com_code IS NULL WHERE com_code = $code";
}
Read NULL Values in MYSQL
$_POST['Submit'] will never be set, when your submit button doesn't have name="submit". Just having type="submit", or value="submit", or id="submit" will not do it. You need the name attribute for that.
First check that your input type has name="Submit", if not add it.
After that echo your query first,
if (isset($_POST['Submit'])) {
echo "UPDATE user SET password='$pword', com_code=NULL WHERE com_code = '$code'";
$sql1 = "UPDATE user SET password='$pword', com_code=NULL WHERE com_code = '$code'";
if ($conn->query($sql1) === TRUE) {
echo "Password has been change successfully!";
} else {
echo "Error updating record: " . $conn->error;
}
}
And also all the code i.e. query executing and messages should be in the same if statement ( if(isset($_POST['Submit'])) ).
I hope this works for you.