Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Aug 2008
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Multipurpose page won't delete!

    I am trying to create a multipurpose page that makes sure the user wants to delete. However it does not seem to be passing event code to the page, can you see the problem?
    PHP Code:
    <p>
      <?php 

    if (isset($_GET['delete'])) // If the user wants to delete an event
    {

        
    //Connect to the database server
        
    $dbcnx = @mysql_connect('localhost''root''els6014');
        if (!
    $dbcnx
        {
            exit(
    '<p>Unable to connect to the ' .
           
    'database server at this time.</p>');
        }

        
    //select the prototype database
        
    if (!@mysql_select_db('prototype')) 
        {
              exit(
    '<p>Unable to locate the ARD ' .
              
    'database at this time.</p>');
        }    
        
    // Delete the event event from the events table
        // and also delete that events from the attendance table.
        
    $EventCode $_GET['EventCode'];
        
    $ok1 = @mysql_query("DELETE FROM events WHERE EventCode='$EventCode'");
        
    $ok2 = @mysql_query("DELETE FROM attendance WHERE EventCode='$EventCode'");
        if (
    $ok1 and $ok2
            {
                  echo 
    '<p>Event deleted successfully!</p>';
            } 
        else 
            {
                  echo 
    '<p>Error deleting Event from database!<br />'.
                  
    'Error: ' mysql_error() . '</p>';
            }
        echo 
    '<p><a href="viewallevents.php">Return to view all events</a></p>';
    }

    else 
    // Default page display
    {    

          echo 
    '<p> Are you sure you would like to delete this event? </p>';

          
    // When clicked, this link will delete the event
          
    echo '<p><a href="' $_SERVER['PHP_SELF'] .
               
    '?delete=1&amp;EventCode=$EventCode">Yes</a></p>';
         
        
    //If the user changes their mind it will bring  them bact to vie all events
           
    echo '<p><a href="viewallevents.php">Cancel</a></p>';
     
    }
    ?>
    </p>
    </body>
    </html>

  • #2
    New to the CF scene
    Join Date
    Aug 2008
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    none working code aside you have to make sure your filter your database input.

    PHP Code:
    function clean($foo)
    {
        
    htmlentities(strip_tags(trim($foo)));
        return 
    $foo;
    }
    $_GET array_map("clean",$_GET); 
    just something quick like this.

    lines 24-25
    PHP Code:
        $ok1 = @mysql_query("DELETE FROM events WHERE EventCode='".$EventCode."'");
        
    $ok2 = @mysql_query("DELETE FROM attendance WHERE EventCode='".$EventCode."'"); 
    line 45
    PHP Code:
    '?delete=1&amp;EventCode='.$EventCode.'">Yes</a></p>'


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •