0

Yep, just saw that:

...$_GET['conf'] == hash("sha256", $salt1 . $_GET['id'] . $salt2))...

try that

hi ardav,thank you for the reply...still it would not delete...i think there is a problem in the get method and i am confuse of it...can you please look in the link delete inside my while loop and please correct me if i am wrong...Thank you in advance...

the column fields in my table

  • idno
  • username
  • email
  • password

and here is my edit.php

<?php 

	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
   

  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     $id=$_GET['id'];
     delete($id);
   }
	
	$result = list_rec();
	

?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
				
				
				 while($row = mysql_fetch_array($result))
					{
					   $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
					   $conf=hash('sha256',$input);
						echo '<tr>';
						echo '  <td>' . $row['username'] . '</td>';
						echo '  <td>' . $row['email'] . '</td>';
						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
						echo '</tr>';
					}
			?>
			</table>	
		
			</body>
</html>

This is where i get my functions
conDB.php

<?php
   
		$con=mysql_connect('localhost','root','');
		 if(!$con){die('Not connected to server'.mysql_error());}
		mysql_select_db('findb',$con);
   
        function list_rec()
		{
			$lst="select * from reg_tbl";
			$lstrec=mysql_query($lst);
			return $lstrec;
		}


		function delete($id)
			{
			  
				$sql = "DELETE from mytbl where id = '$id'";
				 mysql_query($sql);
				
				return 'DELETED!!!';
			}

		function register($txtuser,$email,$password)
		{
      
      
			$sql= "insert into reg_tbl
			values(default,'$txtuser','$email',sha2('$password',256))";
			
			mysql_query($sql);	
			
			 
			return 'Succesfully Registered';	
	   
		}	
 ?>
0

Hi,

There need to be a Unique Column in your Table, which could be ID or something, Assuming its ID then following can be done with your own code.

<?php
   print "<table border='1'>";	
     while($row = mysql_fetch_array($rlist))
	{
	  echo "<tr>";			    
            echo "<td>{$row['firstname']}</td>";
	    echo "<td>{$row['lastname']}</td>";
            echo "<td><a href='delete.php?id={$row['ID']}'>delete</td>";
	  echo "</tr>";
	}	
	  print "</table>";
?>

Create a delete.php page and delete the record with ID passed from the above page, and redirect back if you want.

Let us know if it helped.

Enjoy :)

0
if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     echo "get worked";
     $id=$_GET['id'];
     delete($id);
   }else{
echo "email: {$_GET['email']}<br />conf: {$_GET['conf']}<br />strlen: " . strlen($_GET['conf']) . "<br />hash: " .hash("sha256",$salt1 . $_GET['id'] . $salt2);

}

see if you get output.

0
if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     echo "get worked";
     $id=$_GET['id'];
     delete($id);
   }else{
echo "email: {$_GET['email']}<br />conf: {$_GET['conf']}<br />strlen: " . strlen($_GET['conf']) . "<br />hash: " .hash("sha256",$salt1 . $_GET['id'] . $salt2);

}

see if you get output.

hi ardav,

it will generate error in the else statement...
Notice: Undefined index: conf
Notice: Undefined index: id

@ vidjin still i cannot delete...

Thank you in advance...
Best Regards!

0
if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     echo "get worked";
     $id=$_GET['id'];
     delete($id);
   }else{
echo "email: {$_GET['email']}<br />conf: {$_GET['conf']}<br />strlen: " . strlen($_GET['conf']) . "<br />hash: " .hash("sha256",$salt1 . $_GET['id'] . $salt2);

}

see if you get output.

hi ardav,

I have some question in the while statement...i think it cannot get in the url the idno because we surrounded the idno "mysaltyhash" "anothersalthhash"

and it cannot execute to delete($id)...please correct me if i am wrong...

<?php
                 while($row = mysql_fetch_array($result))
	          {
		     $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
		     $conf=hash('sha256',$input);
		     echo '<tr>';
		     echo '  <td>' . $row['username'] . '</td>';
		     echo '  <td>' . $row['email'] . '</td>';
		     echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
		     echo '</tr>';
		   }
 ?>

Best Regards

0

O dear, you will give the whole game away will that:

$input = "mysaltyhash" . $row['idno']. "anothersaltyhash";

do

$input = $row['idno'];
$conf = hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
0

O dear, you will give the whole game away will that:

$input = "mysaltyhash" . $row['idno']. "anothersaltyhash";

do

$input = $row['idno'];
$conf = hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");

hi ardav,

still it won't work, i attache my code so that you can see...please help me.
Thank you in advance and i am hoping for your positive response.

Attachments
<?php
   
		$con=mysql_connect('localhost','root','');
		 if(!$con){die('Not connected to server'.mysql_error());}
		mysql_select_db('findb',$con);
   
        function list_rec()
		{
			$lst="select * from reg_tbl";
			$lstrec=mysql_query($lst);
			return $lstrec;
		}


		function delete($id)
			{
			  
				$sql = "DELETE from mytbl where id = '$id'";
				 mysql_query($sql);
				
				return 'DELETED!!!';
			}

		function register($txtuser,$email,$password)
		{
      
      
			$sql= "insert into reg_tbl
			values(default,'$txtuser','$email',sha2('$password',256))";
			
			mysql_query($sql);	
			
			 
			return 'Succesfully Registered';	
	   
		}	
 ?>
<?php 

	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
   

  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
 // if(isset($_GET['id'])&& isset($_GET['conf']))
   {
     echo'hello';
	 $id = $_GET['id'];
	
     delete($id);
   }
	
	$result = list_rec();
	

?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
				
				
				 while($row = mysql_fetch_array($result))
					{
					  // $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
					      $input = $row['idno'];
					   $conf=hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
						echo '<tr>';
						echo '  <td>' . $row['username'] . '</td>';
						echo '  <td>' . $row['email'] . '</td>';
						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
						echo '</tr>';
					}
			?>
			</table>	
		
			</body>
</html>
<?php

	include_once('conDB.php');
		
	$txtuser='';
	$email='';
	$password='';
    $msg='';
	$msg1='';
	$msg2='';
	$msg3='';

	
	if(isset($_POST['register']))
	{	
	   $txtuser = trim($_POST['txtuser']);
	   $email = trim($_POST['email']);
	   $password = trim($_POST['password']);
   	
	   if($txtuser=='')
			$msg1='User name is required';
	   elseif($email=='')
             $msg2='Email is required';
       elseif($password=='')
            $msg3='Password required';	   
	   else	
	   $msg=register($txtuser,$email,$password);
		
	}

      

 ?>


<html>
	
	<head>
		<title>Register</title>
	</head>
	<body>
	<h1>Register</h1>
	<form method="post" >
    	<table> 
			<tr>
				<td ><label style="color:blue;font-weight:bold;">User Name</label></td>
				<td><input type="text" id="user"  name="txtuser"></input></td>
				<td><div style="color:red;font-weight:bold;"><?php echo $msg1; ?></div></td>
			</tr>
			<tr>
				<td ><label style="color:blue;font-weight:bold;">Email</label></td>
				<td><input type="text" id="email" name="email"></input></td>
				<td><div style="color:red;font-weight:bold;"><?php echo $msg2; ?></div></td>
			</tr>
			<tr>
				<td><label style="color:blue;font-weight:bold;">Password</label></td>
				<td><input type="password" id="pwd" name="password"></input></td>
				<td><div style="color:red;font-weight:bold;"><?php echo $msg3; ?></div></td>
		</table>
		</br>
		
		<input type="submit" id="reg" name="register" value="register"></input>
		
	</form>

	  <div style="color:red;font-weight:bold;">
	      <?php echo $msg; ?>
	  </div>
	</body>
	
	
</html>
0

do you get 'hello'?

<?php 



	include_once('conDB.php');

	$salt1="mysaltyhash";

	$salt2="anothersaltyhash";

   



  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

 // if(isset($_GET['id'])&& isset($_GET['conf']))

   {

     echo'hello';

	 $id = $_GET['id'];

	

     delete($id);

   }

	

	$result = list_rec();

	



?>

<html>

	<title>Delete</title>

		<head></head>

			<body>

			<table border="1">

			<?php

				

				

				 while($row = mysql_fetch_array($result))

					{

					   $input = $row['idno'];

					   $conf=hash('sha256',$salt1 . $input. $salt2);

						echo '<tr>';

						echo '  <td>' . $row['username'] . '</td>';

						echo '  <td>' . $row['email'] . '</td>';

						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";

						echo '</tr>';

					}

			?>

			</table>	

		

			</body>

</html>
<?php

   

		$con=mysql_connect('localhost','root','');

		 if(!$con){die('Not connected to server'.mysql_error());}

		mysql_select_db('findb',$con);

   

        function list_rec()

		{

			$lst="select * from reg_tbl";

			$lstrec=mysql_query($lst);

			return $lstrec;

		}





		function delete($id)

			{

			  

				$sql = "DELETE from mytbl where id = '$id'";

				 mysql_query($sql);

				

				return 'DELETED!!!';

			}




 ?>

the mytbl - shouldn't that be reg_tbl?

I got rid of the register code - ti was all wrong with the sha stuff as you know.

0

do you get 'hello'?

<?php 



	include_once('conDB.php');

	$salt1="mysaltyhash";

	$salt2="anothersaltyhash";

   



  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

 // if(isset($_GET['id'])&& isset($_GET['conf']))

   {

     echo'hello';

	 $id = $_GET['id'];

	

     delete($id);

   }

	

	$result = list_rec();

	



?>

<html>

	<title>Delete</title>

		<head></head>

			<body>

			<table border="1">

			<?php

				

				

				 while($row = mysql_fetch_array($result))

					{

					   $input = $row['idno'];

					   $conf=hash('sha256',$salt1 . $input. $salt2);

						echo '<tr>';

						echo '  <td>' . $row['username'] . '</td>';

						echo '  <td>' . $row['email'] . '</td>';

						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";

						echo '</tr>';

					}

			?>

			</table>	

		

			</body>

</html>
<?php

   

		$con=mysql_connect('localhost','root','');

		 if(!$con){die('Not connected to server'.mysql_error());}

		mysql_select_db('findb',$con);

   

        function list_rec()

		{

			$lst="select * from reg_tbl";

			$lstrec=mysql_query($lst);

			return $lstrec;

		}





		function delete($id)

			{

			  

				$sql = "DELETE from mytbl where id = '$id'";

				 mysql_query($sql);

				

				return 'DELETED!!!';

			}




 ?>

the mytbl - shouldn't that be reg_tbl?

I got rid of the register code - ti was all wrong with the sha stuff as you know.

hi sir,

Nope, i did not get the echo 'hello'...thank you for correcting my table in delete function....sir,so my register code is wrong? why it is wrong sir in my sha2?so what is the proper way in encrypting the password or using the code...please help me.

Thank you in advance.

0

This has already been covered:

hash("sha256", $salt1 . $whatever . $salt2))
if(isset([B]$_GET['email'][/B]) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

You're checking for 'email'? I thought this was 'id' now?

0

This has already been covered:

hash("sha256", $salt1 . $whatever . $salt2))
if(isset([B]$_GET['email'][/B]) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

You're checking for 'email'? I thought this was 'id' now?

hi ardav,

sorry for that email,i forgot to return it to checking id...by the way in my function register you told me that all is wrong in sha2,but how can i encrypt the password and save it to my reg_tbl...i want the password to be encrypt in my reg_tbl

function register($txtuser,$email,$password)
		{
      
      
			$sql= "insert into reg_tbl
			values(default,'$txtuser','$email',sha2('$password',256))";
			
			mysql_query($sql);	 
			return 'Succesfully Registered';	
	   
		}

I am really confuse sir why is it that it will not delete i already change it to cheking in id

<?php 

	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
   

  if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
 // if(isset($_GET['id'])&& isset($_GET['conf']))
   {
     echo'hello';
	 $id = $_GET['id'];
	
     delete($id);
   }
	
	$result = list_rec();
	

?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
				
				
	while($row = mysql_fetch_array($result))
	  {
	    // $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
	    $input = $row['idno'];
	     $conf=hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
	     echo '<tr>';
	    echo '  <td>' . $row['username'] . '</td>';
     	    echo '  <td>' . $row['email'] . '</td>';
	    echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
	    echo '</tr>';
	}
	?>
	</table>	
		
	</body>
</html>

Thank you in advance.

0

This is my last post on this thread, I'm losing the will to live.

Echo out each bit of the

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

to see what it gives you:

echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Good luck with it.

0

This is my last post on this thread, I'm losing the will to live.

Echo out each bit of the

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

to see what it gives you:

echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Good luck with it.

hi ardav,

i just want to inform you that i cannot echo this,it i will not get inside in the if statement....thank you for helping in a couple of time.

0

OK, seriously last post...:)

You place the echo before the if statement.

include_once('conDB.php');
$salt1="mysaltyhash";
$salt2="anothersaltyhash";
echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);
if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

Edited by diafol: n/a

0

This is my last post on this thread, I'm losing the will to live.

Echo out each bit of the

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

to see what it gives you:

echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Good luck with it.

Hi ardav,

Sir i did not surrender...and i figure it out why this will not get inside into the if statement it's because you put this in if statement which could lead to exit in if statement.

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

I remove this function strlen

this function strlen($_GET['conf']) == 256

and now it would delete...

0

OK, seriously last post...:)

You place the echo before the if statement.

include_once('conDB.php');
$salt1="mysaltyhash";
$salt2="anothersaltyhash";
echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);
if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

Nope, this will get undefined index...:idea:

0

my mistake:
should be

echo "conflen: " . strlen($_GET['conf']) . "<br />";

Also the sha256 will give a 64 length:

strlen($_GET['conf']) == 64

Edited by diafol: n/a

0

my mistake:
should be

echo "conflen: " . strlen($_GET['conf']) . "<br />";

Also the sha256 will give a 64 length:

strlen($_GET['conf']) == 64

Hi Ardav,it's working now i put back the strlen function and it would delete now...

about this echo,it would always undefined index because it cannot get the id,conf,conf,id
and i don't know why.but if you can enlighten my mind about this error it would be greatly appreciated....

echo "id: " . $_GET['id'] . "<br />";
	echo "conf: " . $_GET['conf'] . "<br />";
	echo "conflen: " . strlen($_GET['conf']) . "<br />";
	echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Kindly Regards,

Jemz

0

Does your url have the following structure:

somepage.php?id=7&conf=01cf9aabf775e82947191410df4c6157c322ebbf8c761ac1b47ffd8673263c24

0

Does your url have the following structure:

somepage.php?id=7&conf=01cf9aabf775e82947191410df4c6157c322ebbf8c761ac1b47ffd8673263c24

Hello Ardav,

http://localhost/edit/edit.php?id=28&conf=aa97eb7e347388cd290373f3807af654e91bd45af4b96438a552914c2587cdd9

here is the echo i put in the inside in if statement

<?php 
 
	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
  
   
	


 
  if(isset($_GET['id']) && isset($_GET['conf']) && strlen($_GET['conf'])==64 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
        echo'hello';
	echo "id: " . $_GET['id'] . "<br />";
	echo "conf: " . $_GET['conf'] . "<br />";
	echo "conflen: " . strlen($_GET['conf']) . "<br />";
	echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);
	
	 $id = $_GET['id'];
 
     delete($id);
   }
 
	$result = list_rec();
 
 
?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
 
 
	while($row = mysql_fetch_array($result))
	  {
	    // $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
	     $input = $row['idno'];
	     $conf=hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
	     echo '<tr>';
	    echo '  <td>' . $row['username'] . '</td>';
     	    echo '  <td>' . $row['email'] . '</td>';
	    echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
	    echo '</tr>';
	}
	?>
	</table>	
 
	</body>
</html>

please see the screen shot...
Thank you...

Attachments url.jpg 27.72 KB
0

OK so the incoming data is correct by the looks of it. As seen by the first lot of echoes.

So is it working?

0

OK so the incoming data is correct by the looks of it. As seen by the first lot of echoes.

So is it working?

Yes,it is working...it will delete now...:icon_cheesygrin:


I am going to mark this solved now...thank to you ardav...

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.