Results 1 to 7 of 7

Thread: delete from table sql

  1. #1
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default delete from table sql

    i am trying to delete entries to a sql table by clicking a button. how would i write
    Code:
    <a href="???">click</a>
    so that
    Code:
    DELETE FROM DatesTable WHERE (tDate < GETDATE())

  2. #2
    Join Date
    Nov 2006
    Location
    Northeast USA
    Posts
    408
    Thanks
    8
    Thanked 30 Times in 28 Posts

    Default

    Code:
    <a href="?delete=true">DELETE</a>
    PHP Code:
    <?php
    if($_GET['delete']) {
    if(
    mysql_query("DELETE FROM DatesTable WHERE (tDate < GETDATE())"))
    echo 
    "Deleted";
    else echo 
    "Failed at deleting";
    }
    ?>
    -Ben -- THE DYNAMIC DRIVERS
    My Links: My DD Profile||My Youtube Video Tutorials||DD Helping Coders||DD Coders In Training
    I told my client to press F5, the client pressed F, then 5, *facepalm*

  3. #3
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    What database are you using?

    Basically the page would be

    PHP Code:
    <?php
    if (isset($_GET['delete']) && $_GET['delete'] = ) {
    DB CONNECTION
    $query 
    "DELETE FROM DatesTable WHERE (tDate < GETDATE())";
    DB Execution
    echo "Deleted.";
    exit();
    }
    ?>
    <a href="?delete=1">click</a>
    I don't know how this is being used but this could be executed by anyone at anytime in this form.
    Corrections to my coding/thoughts welcome.

  4. #4
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default

    i see, and DB CONNECTION would be the php file that has the dB credentials?

  5. #5
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,643
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    either that, or
    PHP Code:
    mysql_connect($host,$user,$pass);
    mysql_select_db($db_name); 
    likewise, "DB Execution" would be something along the lines of
    PHP Code:
    $result mysql_query($query); 
    . But the most important thing to note is bluewalrus' comment about "anyone" being able to do this: It's not very secure.

    You need to have code that verifies who is doing this, and if they're allowed to, or you might lose your whole database unexpectedly.

    Simply password-protecting the form is not sufficient. You have the code to process that form, so all someone needs to do is write their own form that uses the same fieldnames and submit it to your website with whatever values they want.

  6. #6
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    Yes, or the actual connections.

    For example in mssql

    PHP Code:
    $server "server";
    $connInfo = array("Database" => "Table_NAME");
    $conn sqlsrv_connect$server$connInfo);
    if( 
    $conn === false )
    {
         echo 
    "Connect Fail.<br />";
         die( 
    print_rsqlsrv_errors(), true));

    Could be in the file or

    PHP Code:
    include('connection.php'); 
    then connection.php would contain, assuming it's in the same domain

    PHP Code:
    $server "server";
    $connInfo = array("Database" => "Table_NAME");
    $conn sqlsrv_connect$server$connInfo);
    if( 
    $conn === false )
    {
         echo 
    "Connect Fail.<br />";
         die( 
    print_rsqlsrv_errors(), true));

    To execute the sql you'd put in

    PHP Code:
    $query "DELETE stuff here";
    $statment sqlsrv_query($conn$query);
    if(
    $statment === false) {
    echo 
    "Nope. Somethings wrong.";
    }
    sqlsrv_free_stmt($statment);
    sqlsrv_close($conn); 
    Just saw traq's comment figure I'll leave this in case you use mssql though. Another note on that code a robot or spider if it found the link could trigger that the way it is written, this page should have some sort of verification on it.
    Corrections to my coding/thoughts welcome.

  7. #7
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,643
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    very true about spiders, hadn't thought of that

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •