Deleting from 2 MSQL tables with one button

[BadChough]

As I have been able to add data to two mysql tables with a single button I imagine I should be able to delete both entries in a similar manner, but I can't seem to make it happen. The code is largely written by DreamW and I have only the dimmest inkling of the meaning of the php, so please be patient in any explanation as to where I am going wrong!
At present the entry to the table chk_sixmonth is being deleted, but at table cel_contents incorrect records are being deleted.
The relevant code is, I think;
if ((isset($_POST['ck_pk'])) && ($_POST['ck_pk'] != "") && (isset($_POST['gone']))) {
$deleteSQL = sprintf("DELETE FROM chk_sixmonth WHERE ck_pk=%s",
GetSQLValueString($_POST['ck_pk'], "int"));

mysql_select_db($database_tormented3, $tormented3);
$Result1 = mysql_query($deleteSQL, $tormented3) or die(mysql_error());

$deleteGoTo = "chk_insert.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}

if ((isset($_POST['cel_pk'])) && ($_POST['cel_pk'] != "") && (isset($_POST['gone']))) {
$deleteSQL = sprintf("DELETE FROM cel_contents WHERE cel_pk=%s",
GetSQLValueString($_POST['cel_pk'], "int"));

mysql_select_db($database_tormented3, $tormented3);
$Result1 = mysql_query($deleteSQL, $tormented3) or die(mysql_error());

$deleteGoTo = "chk_insert.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}

$colname_rstSix = "1";
if (isset($_GET['scrap'])) {
$colname_rstSix = (get_magic_quotes_gpc()) ? $_GET['scrap'] : addslashes($_GET['scrap']);
}
mysql_select_db($database_tormented3, $tormented3);
$query_rstSix = sprintf("SELECT * FROM chk_sixmonth WHERE ck_pk = %s", $colname_rstSix);
$rstSix = mysql_query($query_rstSix, $tormented3) or die(mysql_error());
$row_rstSix = mysql_fetch_assoc($rstSix);
$totalRows_rstSix = mysql_num_rows($rstSix);

$colname_rstCont = "1";
if (isset($_GET['scrap2'])) {
$colname_rstCont = (get_magic_quotes_gpc()) ? $_GET['scrap2'] : addslashes($_GET['scrap2']);
}
mysql_select_db($database_tormented3, $tormented3);
$query_rstCont = sprintf("SELECT * FROM cel_contents WHERE cel_pk = %s", $colname_rstCont);
$rstCont = mysql_query($query_rstCont, $tormented3) or die(mysql_error());
$row_rstCont = mysql_fetch_assoc($rstCont);
$totalRows_rstCont = mysql_num_rows($rstCont);
?>
<!DOCTYPE etc ......

<form action="" method="post" name="scrap" id="scrap">
<input name="gone" type="checkbox" id="gone" value="gone" />
<input type="submit" name="Submit" value="Delete" />

<input name="ck_pk" type="hidden" id="ck_pk" value="<?php echo $row_rstSix['ck_pk']; ?>" />
<input name="cel_pk" type="hidden" id="cel_pk" value="<?php echo $row_rstCont['cel_pk']; ?>" />
</form>
Thanks for any help

 

[jpadie]

i suspect it's because you are redirecting after the first delete.

try this cleaned up code

<?php
//we might need to delete stuff
if (isset($_POST['gone'])){
	//connect to database instance
	mysql_select_db($database_tormented3, $tormented3) or die (mysql_error());
	
	//build queries
	$sql = array();
	if ( !empty ($_POST['ck_pk']) ){
		$sql[] = sprintf(	"DELETE FROM chk_sixmonth WHERE ck_pk=%s",
							GetSQLValueString($_POST['ck_pk'], "int"));
	}
	
	if (!empty($_POST['cel_pk'])){
		$sql[] = sprintf("DELETE FROM cel_contents WHERE cel_pk=%s",
				GetSQLValueString($_POST['cel_pk'], "int"));

	}
	
	//run the queries
	foreach ($sql as $_query){
		$flag=true; //use this later
		mysql_query($_query, $tormented3) or die(mysql_error());
	}

	//if we've had to do any deletions
	if (isset($flag)){
		//configure url for redirect
		$deleteGoTo = "chk_insert.php";
		
		if (isset($_SERVER['QUERY_STRING'])) {
			$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
			$deleteGoTo .= $_SERVER['QUERY_STRING'];
		}
		
		header(sprintf("Location: %s", $deleteGoTo));
		
		//it's best to exit expressly after a redirect
		exit(); 
	}
}

$colname_rstSix = "1";
mysql_select_db($database_tormented3, $tormented3);

if (isset($_GET['scrap'])) {
	$colname_rstSix = clean(($_GET['scrap']);
	$query_rstSix = sprintf("SELECT * FROM chk_sixmonth WHERE ck_pk = %s", $colname_rstSix);
	$rstSix = mysql_query($query_rstSix, $tormented3) or die(mysql_error());
	$row_rstSix = mysql_fetch_assoc($rstSix);
	$totalRows_rstSix = mysql_num_rows($rstSix);
}
$colname_rstCont = "1";
if (isset($_GET['scrap2'])) {
	$colname_rstCont = clean ($_GET['scrap2']);
	$query_rstCont = sprintf("SELECT * FROM cel_contents WHERE cel_pk = %s", $colname_rstCont);
	$rstCont = mysql_query($query_rstCont, $tormented3) or die(mysql_error());
	$row_rstCont = mysql_fetch_assoc($rstCont);
	$totalRows_rstCont = mysql_num_rows($rstCont);
}
/**
 * helper function to cleanse data for use in mysql expressions
 * @return string
 * @param $var string
 */
function clean($var){
	magic_quotes_runtime(0);
	if (get_magic_quotes_gpc()){
		$var = stripslashes($var);
	}
	$_var = @mysql_real_escape_string($var); //if no connection is established this will generate a bool false
	if ($_var !== false) {
		return $_var;
	} else {
		return mysql_escape_string($var);
	}
}

and be sure in future to post code within [ignore]

tags[/ignore]

 

[BadChough]

Thanks for dong all that, jpadie!
I've substituted the code (presumably for the old code before the "<!DOCTYPE etc ......")
I get the following error message:

Parse error: syntax error, unexpected ';' in /homepages/9/d96073226/htdocs/torment_new/chk_data/chk_delete.php on line 73

Any ideas?

 

[jpadie]

line 73 appears to be the line

if ($_var !== false) {

i can see no error in this line or the lines immediately around it.

please make sure that the comment (the bit after //) on line 72 has not broken onto two lines. it should all trail on the same line.

 

[BadChough]

The comment is fine, but you are not aware of previous code. The whole of the code to the top of the HTML page is as follows,

<?php require_once('../../Connections/tormented3.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

//we might need to delete stuff
if (isset($_POST['gone'])){
    //connect to database instance
    mysql_select_db($database_tormented3, $tormented3) or die (mysql_error());
    
    //build queries
    $sql = array();
    if ( !empty ($_POST['ck_pk']) ){
        $sql[] = sprintf(    "DELETE FROM chk_sixmonth WHERE ck_pk=%s",
                            GetSQLValueString($_POST['ck_pk'], "int"));
    }
    
    if (!empty($_POST['cel_pk'])){
        $sql[] = sprintf("DELETE FROM cel_contents WHERE cel_pk=%s",
                GetSQLValueString($_POST['cel_pk'], "int"));

    }
    
    //run the queries
    foreach ($sql as $_query){
        $flag=true; //use this later
        mysql_query($_query, $tormented3) or die(mysql_error());
    }

    //if we've had to do any deletions
    if (isset($flag)){
        //configure url for redirect
        $deleteGoTo = "chk_insert.php";
        
        if (isset($_SERVER['QUERY_STRING'])) {
            $deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
            $deleteGoTo .= $_SERVER['QUERY_STRING'];
        }
        
        header(sprintf("Location: %s", $deleteGoTo));
        
        //it's best to exit expressly after a redirect
        exit();
    }
}

$colname_rstSix = "1";
mysql_select_db($database_tormented3, $tormented3);

if (isset($_GET['scrap'])) {
    $colname_rstSix = clean(($_GET['scrap']);
    $query_rstSix = sprintf("SELECT * FROM chk_sixmonth WHERE ck_pk = %s", $colname_rstSix);
    $rstSix = mysql_query($query_rstSix, $tormented3) or die(mysql_error());
    $row_rstSix = mysql_fetch_assoc($rstSix);
    $totalRows_rstSix = mysql_num_rows($rstSix);
}
$colname_rstCont = "1";
if (isset($_GET['scrap2'])) {
    $colname_rstCont = clean ($_GET['scrap2']);
    $query_rstCont = sprintf("SELECT * FROM cel_contents WHERE cel_pk = %s", $colname_rstCont);
    $rstCont = mysql_query($query_rstCont, $tormented3) or die(mysql_error());
    $row_rstCont = mysql_fetch_assoc($rstCont);
    $totalRows_rstCont = mysql_num_rows($rstCont);
}
/**
 * helper function to cleanse data for use in mysql expressions
 * @return string
 * @param $var string
 */
function clean($var){
    magic_quotes_runtime(0);
    if (get_magic_quotes_gpc()){
        $var = stripslashes($var);
    }
    $_var = @mysql_real_escape_string($var); //if no connection is established this will generate a bool false
    if ($_var !== false) {
        return $_var;
    } else {
        return mysql_escape_string($var);
    }
}
?>
<!DOCTYPE html PUBLIC "

and DW gives

if (isset($_GET['scrap'])) {
    $colname_rstSix = clean(($_GET['scrap']);
    $query_rstSix = sprintf("SELECT * FROM chk_sixmonth WHERE ck_pk = %s", $colname_rstSix);

as about line 73. Thanks again.

 

[jpadie]

add a bracket as follows

$colname_rstSix = clean(($_GET['scrap'])[red])[/red];

 

[jpadie]

or even better remove the first open bracket ....

 

[BadChough]

Thanks jpadie.
With your help, and a little more tinkering I seem to have got the *!?* thing to do what I want. The good thing is I have been force to learn a thing or two about the coding.