-1

i'm currently running this query to delete messages within a messaging system on my site, when the user hits delete the query runs and updates the table in my database.

deleted_to is updated from '0' to '1'

what i also want to do is capture the user's id and store this in the table under the column 'user_who_deleted'

to do this i am using $_SESSION['user_id'] but am having trouble finding a way to have this inserted into the table.

can someone please show me how to do this. thanks

delete message link code:

<?php  $inbox_set = get_inbox();
while ($inbox = mysql_fetch_array($inbox_set)) { ?>
<a href="delete_message.php?message=<?php echo $inbox['msg_id']; ?>"><div class="message_buttons2">Delete Conversation</div></a>

query that sets deleted_to from 0 to 1 :

function delete_message_to($message, $user) {
    global $connection;
global $_SESSION;
    $query = "UPDATE ptb_messages
              SET deleted_to='1'
              WHERE msg_id='1' ";
    mysql_query($query, $connection);
}

the delete bit works but i am now trying to insert the users $_SESSION['user_id'] into ptb_messages.user_who_deleted

i want this to run as part of the same query if i can. i've tried something like below but it doesnt do anything 

function delete_message_next($message, $user) {
    global $connection;
    global $_SESSION;
    $query = "SELECT user_who_deleted 
              FROM ptb_messages 
              SET user_who_deleted =" . $_SESSION['user_id'] . "";
mysql_query($query, $connection);
}
zessx
  • 68,042
  • 28
  • 135
  • 158
user3080996
  • 29
  • 4
  • 7
  • 3
    [Please, stop using mysql_* functions](http://stackoverflow.com/q/12859942/1238019) in new code, they are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Instead of, have a look on [prepared statements](http://dev.mysql.com/doc/refman/5.0/en/sql-syntax-prepared-statements.html), and use [Mysqli](http://php.net/manual/en/book.mysqli.php) or [PDO](http://php.net/manual/en/book.pdo.php). – zessx Dec 10 '13 at 15:44
  • `UPDATE ptb_messages SET deleted_to='1', user_who_deleted='something' WHERE msg_id=...` ? – andrewsi Dec 10 '13 at 15:46

1 Answers1

0

Unless i misunderstand, don't you just want to do this?

$query = '
    UPDATE 
        ptb_messages
    SET 
        deleted_to=1,
        user_who_deleted = "'.$_SESSION['user_id'].'"
    WHERE 
        msg_id=1';

Ideally, as mentioned, you want to go to mysqli or PDO, and work with prepared statements:

$query = '
    UPDATE 
        ptb_messages
    SET 
        deleted_to= :setDeleted,
        user_who_deleted = :userId
    WHERE 
        msg_id= :msgId';
$stmt = $dbh->prepare($query);
$stmt->bindParam(':setDeleted', 1);
$stmt->bindParam(':userId', $_SESSION['user_id']);
$stmt->bindParam(':msgId', 1);
$stmt->execute();

http://www.php.net/pdo.prepared-statements

Viridis
  • 242
  • 1
  • 10