DELETE unknown column 'int value' in 'where clause'

Question

I have a table that has got one A_I column named link_id. When I run like that:

$link_id = 32;
$query1 = "DELETE FROM links WHERE link_id = $link_id";
if(!mysql_query($query1,$connection));
{
    die(mysql_error($connection));
}

It works succesfully but when I try this with C# WebRequest:

WebRequest request = WebRequest.Create("http://www.mywebsite.com/deleteLink.php");
request.Method = "POST";
string post = "link_id=" + id //type string;
byte[] postBytes = Encoding.UTF8.GetBytes(post);
request.ContentLength = postBytes.Length;
request.ContentType = "application/x-www-form-urlencoded";
Stream dataStream = await request.GetRequestStreamAsync();
dataStream.Write(postBytes, 0, postBytes.Length);
WebResponse response = await request.GetResponseAsync();
return new StreamReader(response.GetResponseStream()).ReadToEnd();

returns : Unknown column '32' in 'where clause'

Where am I doing wrong? Thanks.

You should correctly parameterize your queries, for security and good practice reasons. It also avoids confusion like in this case. One of many examples [here](http://stackoverflow.com/questions/652978/parameterized-query-for-mysql-with-c-sharp) — Wim Ombelets, Oct 27 '13 at 14:37
I think your thing is only between C# <--> MySQL but I wanna C# <--> PHP <--> MySQL. So I need use webrequests to connect to PHP. — user2770705, Oct 27 '13 at 14:44
@user2770705 please try `byte[] postBytes = ASCIIEncoding.Default.GetBytes(post);` — VladL, Oct 27 '13 at 16:12

score 0 · Answer 1 · answered Oct 27 '13 at 14:32

0

maybe add single quotes around $link_id in your query

$query1 = "DELETE FROM links WHERE link_id = '$link_id'";

answered Oct 27 '13 at 14:32

Chris Wesson

299
1
4

But it's A_I value so it should be integer i think. Also I made it int value on table. – user2770705 Oct 27 '13 at 14:34

DELETE unknown column 'int value' in 'where clause'

1 Answers1