How to delete a message in PHP and MySQL?

Question

How can a user delete a message he sends or the other user sends? Message should be shown only in the conversation of the one who hasn't deleted message.

if($action == 'delete_mess') {

    $hash=$_GET['hash'];
    $mess_id=$_GET['mess_id'];

    $mess_query=mysql_query("SELECT * FROM messages WHERE hash = '$hash'");

    while($check_mess = mysql_fetch_assoc($mess_query)) {

        $from = $check_mess['from_id'];
        $to = $check_mess['to_id'];
    }

    if ($from == $session_user_id) {

        mysql_query("UPDATE messages SET from_del = 1 WHERE `id` = '$mess_id' ");

    } else {

        mysql_query("UPDATE messages SET to_del = 1 WHERE `id` = '$mess_id' ");
    }

    header('location: messages.php?hash='.$hash);
}

Hash is the conversation id started.

**Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. — Quentin, Sep 03 '13 at 23:29
And what exactly is your problem? In your `while` loop you're doing nothing but setting variables, so the `$from` and `$to` variables will only contain the data from the last fetch... I'm guessing you don't want the entire conversation deleted, only a message belonging to that conversation? — Marty McVry, Sep 30 '13 at 20:46

How to delete a message in PHP and MySQL?

0 Answers0