php code

Ask about general coding issues or problems here.

Moderators: egami, macek, gesf

Post Reply
User avatar
php-forum GURU
php-forum GURU
Posts: 2192
Joined: Wed Oct 06, 2010 11:19 am
Location: Happy Valley, UT

Wed Sep 26, 2012 1:56 pm

Code: Select all


include ('connectdb.php');

if (isset($_GET['id']) && $_GET['id'] == preg_replace('/[^0-9]/','',$_GET['id']))
  $id = $_GET['id']; // I can inject beautiful code here to really screw you over... so, better to do it this way
  $id = preg_replace('/[^0-9]/','',$_GET['id']); // yes, processor intense, but saves dolphins lives.
  // and actually, if you leave the above "IF" statement, you can remove the above line all together.

  $query = "DELETE FROM fotos WHERE id='$id'";
  //$result = mysql_query($query); // The actual query to call and delete.. Uncomment this when ready
  header("Location: listar.php");
} else { 
  echo "Either the ID was not submitted, or the ID was improperly formatted. Goodbye.";

Post Reply
  • Information
  • Who is online

    Users browsing this forum: No registered users and 1 guest