0

I currently have the following code on my view information page which allows the user to go to a different page to update and delete the information, which can be seen below: -

Update: -

<a href=\"update_line.php?barcode=".$user["barcode"]."\">Edit Line</a>

Delete: -

<a href=\"delete_line.php?barcode=".$user["barcode"]."\">Delete Line</a>

I also attached the other related pages which can be found in the attached zip file. However, even though the PHP code is saying that the records are being updated or deleted this is not the case, please can anyone see if I have any problems in my code.

Cheers.

2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by cwarn23
0

Yes there are several things wrong with that code. One is that the Update sql query seems to be updating with empty variables unless there was something I did not read inside the include(). Also your mysql query's are venerable to sql injections. In other words people can easily hack into your database using your own script and this is a common problem for all noobs in php. That is why I would recommend reading up on the mysql_real_escape_string() function as it will solve that problem when used properly. Also in your delete line file I noticed on line 3 there is a possible syntax error since quotes aren't used but could be wrong there. And next time don't post your mysql password in public domain. Hope that helps...

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.