Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander Lebedev2020-05-20 10:49:36
PHP
Alexander Lebedev, 2020-05-20 10:49:36

PHP+SQL. How to delete an entry from the database?

There is a simple database with words. The page has a form: input-text "word" and select "dictionary". It is necessary, by clicking on the "delete" button, to delete the word typed by the user, provided that the user has selected a dictionary in which this word exists.
The form data is sent to a php file, where the following code is:

session_start();
require('../connection1.php');
header('Content-Type: text/html; charset=utf8');

if (isset($_POST['word']) && isset($_POST['vocabulary'])){
    $word = $_POST['word'];
    $vocabulary = $_POST['vocabulary'];

    $stmt = $connection->prepare("SELECT `id` FROM `words` WHERE `word` = ?");
    $stmt->bind_param("i", $word);
    $stmt->execute();
    $result1 = $stmt->get_result();
    $row = mysqli_fetch_array($result1);

    $stmt = $connection->prepare("SELECT `id` FROM `words` WHERE `vocabulary` = ?");
    $stmt->bind_param("i", $vocabulary);
    $stmt->execute();
    $result2 = $stmt->get_result();
    $id = mysqli_fetch_array($result2);

    if ($row === $id){
        $query = "DELETE FROM `words` WHERE `words`.`id` = '$row'";
        $result = mysqli_query($connection,$query) or die("Ошибка: ".mysqli_error($connection));

        if($result){
            $_SESSION['smsq'] = "Слово удалено!";
        }else {
            $_SESSION['fsmsq'] = "Ошибка!";
        }
    } else {
        $_SESSION['fsmsq'] = "Ошибка!";
    }
}

header('Location: ../edit-voc.php')


What to fix?)) Newbie + I don’t understand anything in stmt, how many times to use, etc. ...
Or can it be done differently?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
F
FanatPHP, 2020-05-20
@alex2pac_vasiliev

Well done for using prepared expressions, but it's too bad not to finish. Prepared expressions must be used for ALL queries involving variables.
Plus, using the $row array in the query does not make the slightest sense.
Also, I'm not sure if word should be bound with type i and not s.
And of course it's all done in one query.

if (isset($_POST['word'], $_POST['vocabulary'])){
    $word = $_POST['word'];
    $vocabulary = $_POST['vocabulary'];

    $query = "DELETE FROM `words` WHERE `word` =? and `vocabulary` = ?";
    $stmt = $connection->prepare($query);
    $stmt->bind_param("ss", $word, $vocabulary);
    $stmt->execute();
    if($stmt->affected_rows){
        $_SESSION['smsq'] = "Слово удалено!";
    } else {
        $_SESSION['fsmsq'] = "Ошибка!";
    }
}
header('Location: ../edit-voc.php');

Separately, I note that you never need to write or die("Ошибка: ".mysqli_error($connection)); u Instead, you need to write once in the file with the connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

and then PHP will report all query errors on its own

Similar questions
P
Petr2016-06-23 10:33:40
Convert from HTML to PSD? 3Reply
D
Danil Tunev2018-11-22 04:48:49
How to see assembler input parameters? 4Reply
S
student_it2015-04-19 11:49:55
How can I prevent the Referer from being sent when playing an audio file via the HTML Audio tag? 2Reply
R
Rustam Akhmetov2016-06-27 10:05:19
How to speed up cms Moodle? 4Reply
H
HAtan2020-09-30 15:30:27
How to process a click and record it? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question