issue while deleting row in database by php

Tags: , ,



Hello I have a table in my database called files and I want to delete a row by its id but whenever I run the code I get the response “Successfully Deleted” but it does not delete the row. This is my code. I would appreciate any help.

<?php

require "conn.php";

$id = $_POST["id"];

if($conn){

$sql = "SELECT * FROM files WHERE id LIKE '$id'";
$query = mysqli_query($conn,$sql);
if (mysqli_num_rows($query)>0) {
    $sqlDelete = "DELETE FROM files WHERE id LIKE '$id'";
    echo "Successfully Deleted";
} else {
    echo "Failed to delete";
}

} else {
    echo "Connection Error";
}

?>

I guess the issue is because id in database is Int but I’m passing Strings to it so how should I solve this problem?

Answer

After you assign

$sqlDelete = "DELETE FROM files WHERE id LIKE '$id'";  

you need to

if (mysqli_query($conn, $sqlDelete))
{
 echo "Successfully Deleted";
}

in order to execute the delete query. BTW the select statement is redundant.

Please note that your code is very unsafe and SQLi prone. Use prepared statements instead of text substitution.



Source: stackoverflow