Delete function doesn't work???

[Hozzer]

The session file is an SSI

function deleteSubscriptions(){
global $database;
$q="DELETE FROM subscriptions WHERE userID = ('".$_SESSION['userid']."' AND promoCode = '".$_GET['pc']."')";
if (!mysql_query($q))
{
die('Error: ' . mysql_error($q));
}
}

Is there anything wrong with the syntax?

 

[vacunita]

Yes, what's with the parenthesis?

I highly doubt UserId would be equal to:
[red]([/red]'".$_SESSION['userid']."' AND promoCode = '".$_GET['pc']."'[red])[/red]

I'm assuming you want to full fill 2 conditions to delete, not have userid be equal to the result of the evaluation of 2 things

So perhaps:

  $q="DELETE FROM subscriptions WHERE userID =  '".$_SESSION['userid']."' AND promoCode = '".$_GET['pc']."'";

Additionally you should be cleansing your GET variable, to avoid SQL injection.




----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.