Back To Programming / Scripting / Coding Forum

Delete User Help

  • jordonshaw
  • Student
  • Student
  • User avatar
  • Joined: Dec 30, 2008
  • Posts: 91
  • Loc: Tennessee
  • Status: Offline

Post February 23rd, 2009, 1:10 pm

I'm having a issues and I can't figure out why. I've wrote the below code to delete a user from my site and I can't find while, but it isn't working. The thing about it is, the redirect of when the query is successful is working and I'm not getting any error message, just like the query is working, but the user is still there. Any suggestions?

Code: [ Select ]
 
<?php require_once("includes/session.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php confirm_logged_in(); ?>
<?php
    $id = $_GET['usr'];
    $query = "DELETE FROM SNP_Users WHERE user_id = {$id}";
        $result = mssql_query($query, $connection);
        if ($result) {
            redirect_to("index.php");
         } else {
            echo "<p>User didn't delete.</p>";
        }
?>
<?php
    if (isset($connection)) {
        mssql_close($connection);    
    }
?>
 
  1.  
  2. <?php require_once("includes/session.php"); ?>
  3. <?php require_once("includes/connection.php"); ?>
  4. <?php require_once("includes/functions.php"); ?>
  5. <?php confirm_logged_in(); ?>
  6. <?php
  7.     $id = $_GET['usr'];
  8.     $query = "DELETE FROM SNP_Users WHERE user_id = {$id}";
  9.         $result = mssql_query($query, $connection);
  10.         if ($result) {
  11.             redirect_to("index.php");
  12.          } else {
  13.             echo "<p>User didn't delete.</p>";
  14.         }
  15. ?>
  16. <?php
  17.     if (isset($connection)) {
  18.         mssql_close($connection);    
  19.     }
  20. ?>
  21.  
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post February 23rd, 2009, 1:10 pm

  • devilwood
  • Silver Member
  • Silver Member
  • User avatar
  • Joined: Nov 18, 2007
  • Posts: 429
  • Status: Offline

Post February 23rd, 2009, 3:50 pm

Does the user you're using to connect to the db have all the required permissions to delete a record?

I don't really see much wrong say for maybe the brackets around {$id} in your query. Not sure if those are needed.
  • dark_lord
  • Graduate
  • Graduate
  • User avatar
  • Joined: Jan 14, 2009
  • Posts: 162
  • Loc: India-Kolkata
  • Status: Offline

Post February 23rd, 2009, 10:14 pm

yeah everything is alright, not sure about the brackets

also note that

Code: [ Select ]
$query = "DELETE FROM SNP_Users WHERE user_id = ";


above query will execute and return true even if id is not set or has no value

so check if you are really getting the value of id from get parameter!
Wrap Up your Big Url | Mariana World Community
  • RedBMedia
  • Proficient
  • Proficient
  • User avatar
  • Joined: May 01, 2007
  • Posts: 315
  • Status: Offline

Post February 24th, 2009, 7:28 am

Get rid of the brackets, that's not proper SQL syntax. dark_lord is right
Joe Hall
  • Bogey
  • Bogey
  • Genius
  • User avatar
  • Joined: Jul 14, 2005
  • Posts: 8211
  • Loc: USA
  • Status: Offline

Post February 24th, 2009, 2:45 pm

lol the brackets are fine... all that does is put the variable in there... it isn't rendered into the SQL as far as I can tell... I do that all the time with my queries and they all work. Those brackets aren't necessary, you could do without them, but they aren't doing anything except put in the $d into the SQL query faster.

To get an error add or die(mssql_error()) after the mssql_query. Also, sanitize your ID since it is received directly from the URL.
PHP Code: [ Select ]
<?php
$id = addslashes($_GET['usr']);
// or mssql_real_escape_string(); if there is a function for mssql like that
?>
  1. <?php
  2. $id = addslashes($_GET['usr']);
  3. // or mssql_real_escape_string(); if there is a function for mssql like that
  4. ?>
or something like that... clean it from SQL queries...
"Bring forth therefore fruits meet for repentance:" Matthew 3:8

Page 1 of 1

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 95 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.