Can not get the following code to delete Jack.... What is wrong with the code?
<?php
===QueryString===
delete.php?q=169|170|171|
$arr = explode('|', $q);
for ($i = 0; $i < count($arr); $i++) {
$query .= "DELETE FROM aCar WHERE aID =
'".$arr."'";
$result =mysql_query($query);
}
?>
Thanks in Advance!
Jump to Postyou have to GET the string from the get array.
try this.
<?php $q = $_GET['q']; //make sure you validate this string otherwise i could delete your database with sql injection $arr = explode('|',$q); $i = 0; while ($i < count($arr)) { $sql = "DELETE FROM …
you have to GET the string from the get array.
try this.
<?php
$q = $_GET['q'];
//make sure you validate this string otherwise i could delete your database with sql injection
$arr = explode('|',$q);
$i = 0;
while ($i < count($arr)) {
$sql = "DELETE FROM `aCar` WHERE `aId` = '" . $arr[$i] . "'";
$query = mysql_query($sql);
$i++;
}
?>what is the best way to validate the $_GET string?
use the mysql_real_escape_string() function to validate it.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.