0

For some reason this is not deleting anything now I echo out the $mailers variable, it puts out a email

$mailers = $_GET['leaveme'];
    $sql = "DELETE FROM `List` WHERE `email` = '" .$mailers . "'";
    $results = mysql_query($sql, $link) or die(mysql_error());
Improve this question
12
  • What would exit( $sql ); before the actual execution of the statement show? Does it look correct? Commented Oct 16, 2015 at 7:56
  • 1
    die(mysql_error()) giving anything? Commented Oct 16, 2015 at 7:56
  • Does your user have the rights to delete data from the database? Is there a email named 'leaveme'? Commented Oct 16, 2015 at 7:56
  • 1
    Note: Use placeholders, don't assamble sql-strings with interpolation! Commented Oct 16, 2015 at 7:56
  • 1
    1) This code is obsolete already 2) it's vulnerable to SQL injection attacks stackoverflow.com/questions/60174/… and 3) are you actually connecting to the database in the first place? Commented Oct 16, 2015 at 8:05

3 Answers 3

Reset to default
1

Make sure you establish your connection correctly inside your $link variable.

$link = mysql_connect('Host', 'username', 'password'); /* REPLACE NECESSARY DATA */
if (!$link) {
    die('Not connected : ' . mysql_error());
}

$db_selected = mysql_select_db('database', $link); /* REPLACE NECESSARY DATABASE NAME */
if (!$db_selected) {
    die ('Can\'t use foo : ' . mysql_error());
}

Make sure also that your table (Link) and column (email) names were correct. Try running it first in your SQL page in PhpMyAdmin.

Take a look at SQL injections and use *_real_escape_string.

$mailers = mysql_real_escape_string($_GET['leaveme']);

But if I were you, you should use prepared statement instead as mysql_* is already deprecated.

$link = new mysqli("host", "User", "password", "database"); /* REPLACE NECESSARY DATA */

/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

if($stmt = $con->prepare("DELETE FROM List WHERE `email` = ?")){ /* PREPARE THE QUERY */
  $stmt->bind_param("s", $_GET["leaveme"]); /* BIND THIS VARIABLE TO YOUR QUERY */
  $stmt->execute(); /* EXECUTE THE QUERY */
  $stmt->close(); /* CLOSE THE STATEMENT */
} /* END OF PREPARED STATEMENT */
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

my problem was it was putting an extra line in the mysql database I fixed it with the following 

$string = trim(preg_replace('/\s\s+/', '', $string));
Improve this answer

2 Comments

That trim function is unnecesary. It only removes whitespaces from start and end of the given string but you've already done that by preg_replace.
Doesn't your database have rows and columns? Where does a line go?
0

you have to connect to the mysql server with mysql_connect and select the DB before calling mysql_query

$link = mysql_connect('localhost', 'user', 'pass');
if (!$link) die('Not connected : ' . mysql_error());

mysql_select_db('yourdbname', $link);

$mailers = $_GET['leaveme'];
$sql = "DELETE FROM `List` WHERE `email` = '" .$mailers . "'";
$results = mysql_query($sql, $link) or die(mysql_error());
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.