syntax error when delete sql data using php - php

im getting the following syntax error can someone please help!
im guessing it something soooo easy but i have been looking at it for ages and can see what im doing wrong
<?php
if(isset($_POST['delete']))
{
$dbhost = '';
$dbuser = '';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$CourseId = $_POST['CourseId'];
$sql = "DELETE course ".
" WHERE CourseId = $CourseId" ;
mysql_select_db('d11os_projectdb');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not delete data: ' . mysql_error());
}
echo "Deleted data successfully\n";
mysql_close($conn);
}
else
{
?>`enter code here`

$sql = "DELETE FROM course ". --<-- Missing key word FROM
" WHERE CourseId = $CourseId"

You are missing the table name from the sql query
$sql = "DELETE course FROM **table_name**".
" WHERE CourseId = $CourseId" ;

Related

Query failed in php

$query = "SELECT * FROM Student WHERE student_id = $child AND school_id = $college";
$result = mysqli_query($conic, $query);
if(!$result){
die(" query failed");
echo 'error here';
} else {
i am trying to retrieve some information from the SQL database but the query seems to fail any ideas?
You must learn more : how to retrieve data from database using select in php
so try out following example to display all the records from Student table
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$sql = "SELECT * FROM student WHERE student_id = '"$child"' AND school_id = '"$college"' ";
mysql_select_db('test_db');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
// some code here
}
echo "Fetched data successfully\n";
mysql_close($conn);
?>
NOTE
The mysql extension is deprecated and will be removed in the future:
use mysqli or PDO

Unable to retrieve data from table?

Please consider the following code. I believe it's very straight forward however I couldn't see what's wrong with it.
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$sql = 'SELECT cif, br,
fullname, id, id_type,issuance_country,class
FROM ciftable';
mysql_select_db('ciftable');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
echo "CIF :{$row['cif']} <br> ".
"BR : {$row['br']} <br> ".
"Full Name : {$row['fullname']} <br> ".
"ID : {$row['id']} <br> ".
"ID Type: {$row['id_type']} <br> ".
"Issuance Country : {$row['issuance_country']} <br> ".
"Class : {$row['class']} <br> ".
"--------------------------------<br>";
}
echo "Fetched data successfully\n";
mysql_close($conn);
?>
This is the fresh installation of xampp so will be using default username and password. Kindly ignore all the possible SQL injection or best practices.
The above code throwing exception:
Could not get data: No database selected
Kindly advise.
Missing 2nd parameter:
$db1 = mysql_connect($dbhost, $dbuser, $dbpass);
$rv = mysql_select_db($dbname1, $db1);

php mysql data rerival from table

<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = "";
$name=$_POST['user'];
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$sql = 'SELECT * FROM `usertable` WHERE `username`='$name'' ;
mysql_select_db('myxiv');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
echo "Name :{$row['username']} .<br> ";
}
mysql_close($conn);
?>
Here is my code and i'm getting this error.
Syntax error, unexpected '$name' (T_VARIABLE)
I m trying to retrive data from a table to display in the profile page
$sql = 'SELECT * FROM usertable WHERE username='$name'' ;
Replace Your above query by bellow code and check it.
$sql = "SELECT * FROM usertable WHERE username=' ".$name." ' ";
Try this
Change
$sql = 'SELECT * FROM usertable WHERE username`='$name'' ;
TO
$sql = "SELECT * FROM usertable WHERE username='".$name."';
You make a few mistakes. mysql (which is depracted (take a look at PDO or mysqli)) doesn't need a connection.
You could have a double single quote error but the following should fix some of it:
if($_POST) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$name = mysql_real_escape_string(strip_tags($_POST['user']));
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db('myxiv');
$retval = mysql_query("SELECT * FROM `usertable` WHERE `username` = '$name'");
if(! $retval ) {
die('Could not get data: ' . mysql_error());
} else {
while($row = mysql_fetch_array($retval, MYSQL_ASSOC)) {
echo "Name :{$row['username']} .<br> ";
}
}
}

How to update many fields with single query?

I am working with a MLM company where com has to register the member, if it detects any mistake in data, it has to update the data of member again.
I have the right code which works well when all fields has to update but problem is it does not work for individual input boxes. Please give me solution of this problem.
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'vvvv';
$dbpass = 'xxxx';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$usrid = $_POST['uid'];
$pwrd = $_POST['pwd'];
$nm = $_POST['noe'];
$fnm = $_POST['fn'];
$addrs = $_POST['adrs'];
$cntn = $_POST['cnt_no'];
$cty = $_POST['ct'];
$sql = "UPDATE office_user ".
"SET
password = '$pwrd',
name='$nm',
father_name='$fnm',
address='$addrs',
contact_no='$cntn',
city='$cty' ".
"WHERE user_id = '$usrid'" ;
mysql_select_db('my_db');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
?>

delete from sql with a delete.php file

i am wanting to build a delete page to use to delete some data from my database.
when i put the id in it works fine but i am wanting it to pull the id from the url
www.example.com/delete.php?id=1234
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$sql = 'DELETE FROM MYTABLE
WHERE created=<?php echo $_GET["id"]; ?>';
mysql_select_db('ely');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not delete data: ' . mysql_error());
}
echo "Deleted data successfully\n";
mysql_close($conn);
?>
the part im having issues with is this part
WHERE created=<?php echo $_GET["id"]; ?>';
the error i am getting is "Could not delete data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '=' at line 2"
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$id = mysql_real_escape_string($_GET['id']);
$sql = "DELETE FROM MYTABLE
WHERE created='$id'";
mysql_select_db('ely');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not delete data: ' . mysql_error());
}
echo "Deleted data successfully\n";
mysql_close($conn);
?>
learn quoting!
$sql = 'DELETE FROM MYTABLE
WHERE created=<?php echo $_GET["id"]; ?>';
$sql = 'Delete from MYTABLE WHERE created="'.$_GET['id'].'"';
Next thing is, google for sql-injections, and keep in mind that you should proof if $_GET['id'] is set in time
To concatenate a variable into a string, use the concatenation operator.
But your code is bad for severalreasons.
1: Sanitise your inputs
2: Don't use GET for anything that can change the state of the server, use POST instead.
Here's a story explaining one reason why
try this:
$id = $_GET['id'];
$sql = 'DELETE FROM MYTABLE
WHERE created=' .$id;
"." is used to concatenate the value of the variable $id
As for connecting to a db i suggest you to look up for PDO.
$sql="DELETE FROM MYTABLE WHERE created='".$_GET['id']."'";

Categories