Delete Registration in Bd

Asked

Viewed 451 times

1

I created a system for post creation. But I am not able to delete in the bank but appears the confirmation of Deleted Successfully!

<?php
       $db = mysqli_connect("127.0.0.1", "root", "", "photos");
       $sql = "SELECT * FROM images";
       $result = mysqli_query($db, $sql);
       while ($row = mysqli_fetch_array($result)) {
          echo "<div class='post-item'> <div class='inner'>";
          echo "  <div class='post-title'><h2><a href='#'> ".$row['titulo']."</a></h2></div>";
          echo "<div class='post-image'><div></div><img src='images/".$row['image']."'></div ";
          echo " <div class='post-meta-top'>Posted <span class='post-date'>2 days ago</span> </div>
                                <div class='clear'></div> ";
          echo "    <div class='post-desc'>
                                    <p>".$row['texto']."</p>
                                </div>";
           echo "                     <a href='?id=".$row['id']."&Acao=Deletar'><button>Deletar</button></a> 
                            </div>
                        </div>";                      
}


if (isset($_GET['Acao']) && $_GET['Acao'] == 'Deletar') {
   $id = $_GET['id'];
   $sql = mysqli_query("DELETE FROM images WHERE id='$id' ");

   if ($result) { 
   echo '<script type="text/javascript">alert("Comentario Excluido!"); </script>';
   } else { 
       echo '<script type="text/javascript">alert("Erro!"); </script>';
   }

}
?>
  • 1

    Only use the tag [tag:phpmyadmin] if the problem is with phpmyadmin itself, in your case the problem is with the script and/or mysql. Phpmyadmin is not a part application and does not influence your script, I recommend this reading: http://answall.com/q/115691/3635

1 answer

8

  • You are testing $result, and has stored the result object in the query in the variable $sql

    $sql = mysqli_query("DELETE FROM images WHERE id='$id' ");
    ^^^^
    if ($result) { 
        ^^^^^^^
    
  • The nomenclature is bad, because SQL is what is in quotes, and not the return of mysqli_query, that as mentioned is an object.

  • You’re making darlings without a connection link, always read the Manual, so you don’t have to ask a question to each line of code.

    Note that this is a tip to make your life easier, because reading the manual your work will yield much more. Nothing against you asking, we’re here to help, but anything that’s simpler and can handle on its own, will speed up your time.

  • To know how many records were affected (whether entered, updated or removed) the most appropriate function is mysqli_affected_rows($link).

    Often the query may have been successful, but no record is found that satisfies the WHERE, then your test will fail.

  • Important, if you put this code on the air, your DB will be destroyed at any time, because you haven’t sanitized your data and anyone injects the code.

There are other considerations, but solving these above is a good start. The suggestion is to do small separate tests until you master the basics, and once it’s up and running, put it in the main code.

On the excerpt from if, an improvement would be that:

// forçando que $id seja um número:
// (o ideal seria fazer um teste mais complexo, já que esse cast não
// evita que quebrem o código mandando um array.
// De qq forma, isto já evita a injeção, que é o maior perigo)
$id = 0 + $id; 

// guardando o objeto de resultado em $result        
$result = mysqli_query($link, 'DELETE FROM images WHERE id='.$id);

// e testando  1) se a query foi executada  2) se deletou algo de fato
if(!$result) {
    ... houve um problema na query ...
} elseif( mysqli_affected_rows($link) > 0 ) {
    ... deletou um ou mais registros ...
} else {
    ... a query foi realizada, mas nao foi deletado nenhum registro ...
}

I would recommend a good reading on the following links:

http://php.net/manual/en/book.mysqli.php

How to prevent SQL code injection into my PHP code

Browser other questions tagged

You are not signed in. Login or sign up in order to post.