Everybody! This is important. In a few days, these forums will be moving over to using the totally sweet Discourse platform. To ensure this migration happens smoothly with no loss of content, these forums are currently in a read-only mode. I do apologize for the inconvenience.

There is never a good time to turn the forums off for an extended period of time, but I promise the new forums will be a billion times better. I'm pretty sure of it.

See you all on the other side in a few days, and if you have any (non-technical) questions, please e-mail me at kirupa@kirupa.com. For technical questions, try to find a tutorial that corresponds to what you are looking for and post in the comments section of that page.

Cheers,
Kirupa

Results 1 to 4 of 4

Thread: PHP mySQL LOOPY!

  1. #1

    PHP mySQL LOOPY!

    Hya Guys.... the script below deletes a file from the server and then deletes its corresponding mySQL entry.

    What im trying to do next is sort all the remaing SQL entires from lowest to highest (by track number) and then remnumber them so that there are no gaps:


    [php]
    <?
    //DELETE THE PHYSICAL FILE AND ITS DB ENTRY - renumber all tracks
    if (isset($_POST['deletetrack'
    ])){
    $filename = $_POST['filename'
    ];
    $tracknum = $_POST['tracknum'
    ];
    $address = "../../audiofiles/$filename"
    ;
    include (
    "../../includes/dbconnect.php"
    );

    $select = "DELETE FROM tracks WHERE url = '$filename'"
    ;
    $delete = mysql_query($select
    );
    unlink ("$address"
    );

    $whatsleft = "SELECT * FROM tracks ORDER BY tracknums ASC"
    ;
    $run = MYSQL_QUERY($whatsleft
    );
    $rows = MYSQL_NUM_ROWS($run
    );
    $fixi = 1
    ;
    WHILE (
    MYSQL_FETCH_ARRAY($run
    )){
    $update = "UPDATE tracks SET tracknums='$fixi'"
    ;
    $doupdate = mysql_query($update
    );
    $fixi
    ++;
    }

    echo (
    "File $filename - has been removed!"
    );
    $con->close
    ;
    include (
    "upload.php"
    );
    }
    ?>


    [php]
    At the moment all it does is set them to the total number of tracks that are in the db....can anyone help?

  2. #2
    PHP Code:
    for($i=i$i<=$run$i++){ 
    $update "UPDATE tracks SET tracknums=$i"
    $doupdate mysql_query($update); 

    replace that instead of your while loop


  3. #3
    Thansk man...I thougth my post had been ignored and ended up usign a much more long winded approach thansk for your help ill be switich to your script

  4. #4
    I hate to make this sort of post, but it's a pet peeve of mine.

    Your PHP code is waiting to be hacked. It's VERY insecure. For example, if I set $_POST['filename'] to the following string:

    1'; DROP TABLE tracks ; SELECT FROM tracks WHERE tracknums='1
    It's going to delete the whole database. You may say "What type of jackass would do that?" The answer, of course, is that there are thousands of people with far too much time on their hands just looking for sites to harass

    Please, if this is for a client, or if it's going to be publicly viewable, use mysql_escape_string() and think about how a bad guy might break your site.

    (What happens if, for example, $_POST['filename'] = '*' ?)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Home About kirupa.com Meet the Moderators Advertise

 Link to Us

 Credits

Copyright 1999 - 2012