-6

Hello I have little problem with this:

require_once("dbconnect.php");
mysql_query('set names utf8');

    $query = ('DELETE FROM `gallery` WHERE `id` = 16') or die("failed");

It not delete record from DB. Can you help me? Thanks. dbconnect.php is correct.

Karol Jankiewicz
  • 153
  • 1
  • 12
  • 1
    your `$query = ('DEL...` needs to be `$query = mysql_query('DELETE...`. Also -1, question shows no effort. – castis Jul 06 '16 at 19:28
  • 2
    [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***. Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Jul 06 '16 at 19:31
  • 2
    ***Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php).*** [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Jul 06 '16 at 19:31

1 Answers1

3

All you did was declare a variable $query, but you did not run it. You have to run it is $query = mysql_query('DELETE FROM `gallery` WHERE `id` = 16')

Edit: Having said that, do not use mysql_ functions. They allow for SQL injection, which is very dangerous. Instead it is better to use

$mysqli = new mysqli(HOST, USERNAME, PASSWORD, DATABASE);
$query = $mysqli->query('DELETE FROM `gallery` WHERE `id` = 16');
Eli Sadoff
  • 7,173
  • 6
  • 33
  • 61