-2

while i click submit button it updated the same id of one table and delete the same id of another table field. How it will perform kindly provide me the solutions.

if($_POST['submit']=='update'){     
    $detail=mysql_real_escape_string($_POST['detail']);   
    $status='open';   
    $sid=$_POST['sid'];    

$sql=mysql_query("UPDATE project_sheeting_production_dispatch SET status='$status' where sid=$sid") or die("Insertion Failed:" . mysql_error()); 

$sql1=mysql_query("DELETE project_sheeting_production_delivered where sid=$sid") or die("Insertion Failed:" . mysql_error());
NewOnStackoverflow
  • 69
  • 1
  • 13
Sixth Star Technologies
  • 11
  • 3
  • Not entirely sure what your question is. Does this not do what you want, are you getting any errors? (Also - [Why shouldn't I use mysql_* functions in PHP?](https://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php)) – Nigel Ren Mar 27 '19 at 07:28
  • Also note that it's `DELETE FROM...`. – Nigel Ren Mar 27 '19 at 07:29
  • yes i got an error,,,error will mention below as "Insertion Failed:You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where sid=1' at line 1" – Sixth Star Technologies Mar 27 '19 at 07:30
  • Use procedures to do this task – MjM Mar 27 '19 at 07:30
  • You should upgrade your API to mysqli_ or PDO and use [prepared statements](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Nigel Ren Mar 27 '19 at 07:32

1 Answers1

0

Use mysqli and parameters as a good practice

if($_POST['submit'] == 'update'){     
    $detail = mysql_real_escape_string($_POST['detail']);   
    $status = 'open';   
    $sid = trim($_POST['sid']);    


$sql = $this->db_connect->prepare("UPDATE project_sheeting_production_dispatch SET status=? where sid=?");
if($sql === FALSE)
{
 die('Error Update');
}
else
{
$sql->bind_param('ss',$status, $sid);
$sql->execute();
}

$sql2 = $this->db_connect->prepare("DELETE project_sheeting_production_delivered where sid=?");
if($sql2 === FALSE)
{
die('Error Delete');
}
else
{
$sql2->bind_param('s', $sid);
$sql2->execute();
}

$this->db_connect is your db connection.

Bundhoo Nadeem M.
  • 77
  • 1
  • 5