0

I'm trying to delete data from a MySQL table. The data is inserted in a form and when the user presses submit, it should delete the data from table. This is my code,but it doesn't work. It's always showing up the error message, however, if I use id instead of key, it works just fine. Can someone help? 

<?php
   include("config.php");
   session_start();

   if($_SERVER["REQUEST_METHOD"] == "POST") {

      $mykey = $_POST['proxyKey'];
      $sql = "DELETE FROM privateKeys WHERE key = '$mykey'";

    if(mysqli_query($db,$sql)) 
    {         
        header("location: PrivateList.php");
    }
    else 
    {
        $error = "Your Key is not valid";
    }
   }
?>


<html>
<head>
<title>Private Proxies</title>
<style type = "text/css">
    body 
    {
        font-family:"Lucida Console";
        font-size:25px;
        color:#f9fbff;
    }
   .box
    {
        border:#666666 solid 1px;
        width:240px;
        height:30px;
    }
</style>
</head>


<body bgcolor=#1b1b1c>

<div align = "center">
    <div style = "width:300px; border: solid 1px #333333; " align = "left">
        <div style = "background-color:#333333; color:#FFFFFF; padding:3px;"><b>Insert private Key</b></div>    
        <div style = "margin:30px">

            <form action = "" method = "post">
                <label>Key  :</label><input type = "text" name = "proxyKey" class = "box"/><br /><br />
                    <input type = "submit" value = " Submit "/><br />
            </form>
            <div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php echo $error; ?></div>

         </div>

    </div>

</div>

</body>
</html>
Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
Catalin
  • 147
  • 1
  • 2
  • 11
  • 1
    What is the error? – Ahmad Mobaraki Jan 08 '17 at 07:20
  • It's always displaying the $error = "Your Key is not valid"; even if the value inserted is correct – Catalin Jan 08 '17 at 07:21
  • 1
    Also note that your code is vulnerable for SQL injection. – Giel Berkers Jan 08 '17 at 08:29
  • @GielBerkers how can i fix that ? – Catalin Jan 08 '17 at 19:00
  • @Catalin First, look up the basics of SQL injection. Secondly: `$myKey` is loaded directly from the POST variables and injected into the SQL query. If I POST a parameter like `1' OR '1'='1`, all private keys get deleted since the resulting SQL would become: `DELETE FROM privateKeys WHERE key = '1' OR '1'='1';`. If I POST a parameter like `1'; DROP TABLE users` then (depending on your SQL driver) the table users can be dropped. Escaping the URL, validating the input or using prepared statements can fix this vulnerability. Always make sure that any external input gets checked and sanitized! – Giel Berkers Jan 09 '17 at 07:30
  • thanks for your help ! – Catalin Jan 09 '17 at 20:37

1 Answers1

3

key is a reserved keyword in MySQL and needs to be escaped by backticks.

DELETE FROM privateKeys WHERE `key` = '$mykey'
          here----------------^---^
juergen d
  • 201,996
  • 37
  • 293
  • 362
  • Oh, wow. It was that easy. Thanks a lot ! I am new to php and mysql, i feel stupid now haha. thanks again! – Catalin Jan 08 '17 at 07:23