Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander Lebedev2020-05-20 10:49:36
PHP
Alexander Lebedev, 2020-05-20 10:49:36

PHP+SQL. How to delete an entry from the database?

There is a simple database with words. The page has a form: input-text "word" and select "dictionary". It is necessary, by clicking on the "delete" button, to delete the word typed by the user, provided that the user has selected a dictionary in which this word exists.
The form data is sent to a php file, where the following code is:

session_start();
require('../connection1.php');
header('Content-Type: text/html; charset=utf8');

if (isset($_POST['word']) && isset($_POST['vocabulary'])){
    $word = $_POST['word'];
    $vocabulary = $_POST['vocabulary'];

    $stmt = $connection->prepare("SELECT `id` FROM `words` WHERE `word` = ?");
    $stmt->bind_param("i", $word);
    $stmt->execute();
    $result1 = $stmt->get_result();
    $row = mysqli_fetch_array($result1);

    $stmt = $connection->prepare("SELECT `id` FROM `words` WHERE `vocabulary` = ?");
    $stmt->bind_param("i", $vocabulary);
    $stmt->execute();
    $result2 = $stmt->get_result();
    $id = mysqli_fetch_array($result2);

    if ($row === $id){
        $query = "DELETE FROM `words` WHERE `words`.`id` = '$row'";
        $result = mysqli_query($connection,$query) or die("Ошибка: ".mysqli_error($connection));

        if($result){
            $_SESSION['smsq'] = "Слово удалено!";
        }else {
            $_SESSION['fsmsq'] = "Ошибка!";
        }
    } else {
        $_SESSION['fsmsq'] = "Ошибка!";
    }
}

header('Location: ../edit-voc.php')


What to fix?)) Newbie + I don’t understand anything in stmt, how many times to use, etc. ...
Or can it be done differently?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
F
FanatPHP, 2020-05-20
@alex2pac_vasiliev

Well done for using prepared expressions, but it's too bad not to finish. Prepared expressions must be used for ALL queries involving variables.
Plus, using the $row array in the query does not make the slightest sense.
Also, I'm not sure if word should be bound with type i and not s.
And of course it's all done in one query.

if (isset($_POST['word'], $_POST['vocabulary'])){
    $word = $_POST['word'];
    $vocabulary = $_POST['vocabulary'];

    $query = "DELETE FROM `words` WHERE `word` =? and `vocabulary` = ?";
    $stmt = $connection->prepare($query);
    $stmt->bind_param("ss", $word, $vocabulary);
    $stmt->execute();
    if($stmt->affected_rows){
        $_SESSION['smsq'] = "Слово удалено!";
    } else {
        $_SESSION['fsmsq'] = "Ошибка!";
    }
}
header('Location: ../edit-voc.php');

Separately, I note that you never need to write or die("Ошибка: ".mysqli_error($connection)); u Instead, you need to write once in the file with the connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

and then PHP will report all query errors on its own

Similar questions
M
Max Ba2017-04-06 13:55:11
How to make a key for a TIN? 3Reply
I
ITpie2021-03-25 20:16:06
How to make docker to test python code with certain libraries? 3Reply
S
Sergey Kulandin2015-04-20 12:45:33
Is crossfire radeon 7850+7870 stable? 3Reply
R
ReDeNDeR2021-04-06 13:10:49
How to order raspberry pi in Baku? 4Reply
N
Nikolay2017-05-04 14:00:30
How to build a chain of calls to a static function? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question