Question
So I have an issue getting rows to be deleted using the following code. The table displays the information correctly, plus sends the correct id in the url to the delete.php page, but I cannot get it to complete the command. Changing the code slightly on the delete.php I can get it to show either:
Couldn't delete the index.
or:
Binding parameters failed: 0
https://stackoverflow.com/questions/21359041
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian <?php
$con = mysqli_connect("localhost","user","pass","database");
// Check connection
if (mysqli_connect_errno())
{
die("Failed to connect to MySQL: " . mysqli_connect_error());
}
if (!$result = mysqli_query($con,"SELECT * FROM mytable ORDER BY `server_name`;"))
{
die("Error: " . mysqli_error($con));
}
?>
<table border='1'>
<tr>
<th><b>Server Name</b></th>
<th><center><b>Port</b></center></th>
<th><center><b>Mod</b></center></th>
</tr>
<?php
while($row = mysqli_fetch_array($result))
{
?>
<tr>
<td><?php echo $row['server_name']; ?></td>
<td><center><?php echo $row['server_port']; ?></center></td>
<td><center><?php echo $row['mod']; ?></center></td>
<td><center><a href="delete.php?id=<?php echo $row['index']; ?>"><img src="images/remove.png" width="16" height="16"></center></img></a></td>
</tr>
<?php
}
mysqli_close($con);
?>
</table>
My delete file is
<?php
// Your database info
$db_host = 'localhost';
$db_user = 'user';
$db_pass = 'pass';
$db_name = 'database';
if (!isset($_GET['id']))
{
echo 'No ID was given...';
exit;
}
$con = new mysqli($db_host, $db_user, $db_pass, $db_name);
if ($con->connect_error)
{
die('Connect Error (' . $con->connect_errno . ') ' . $con->connect_error);
}
$sql = "DELETE FROM mytable WHERE 'index' = " . $_GET['id'];
if (!$result = $con->prepare($sql))
{
die('Query failed: (' . $con->errno . ') ' . $con->error);
}
if (!$result->bind_param('i', $_GET['ID']))
{
die('Binding parameters failed: (' . $result->errno . ') ' . $result->error);
}
if (!$result->execute())
{
die('Execute failed: (' . $result->errno . ') ' . $result->error);
}
if ($result->affected_rows > 0)
{
echo "The ID was deleted with success.";
}
else
{
echo "Couldn't delete the index.";
}
$result->close();
$con->close();
It has to be something simple but I cannot figure it out.
Solution
You're using the wrong type of quotes in your SQL. To escape a table or column name that contains a reserved word, you use backticks. And if you're using bind_param, you have to put ? in the query where the parameter will be substituted.
$sql = "DELETE FROM mytable WHERE `index` = ?";
OTHER TIPS
Replace the following line in your delete.php file:
$sql = "DELETE FROM mytable WHERE 'index' = " . $_GET['id'];
with:
$sql = "DELETE FROM mytable WHERE `index` = ?";
Changes in the suggested replacement statement include:
index with backticks. Note that MySQL escape character is a backtick not single quotes. delete query but further down you are attempting to bind an integer parameter. 