0

I'm a bit new in php, and when I applied the codes in a video tutorial, I saw an error like this I can't pull the "id" part when deleting the data from the following database.

my code;

function introsil($vt){

    $introid=$_GET["id"];

    $verial=self::sorgum($vt,"select * from intro where id=$introid",1);

    echo'<div class="row text-center">
                <div class="col-lg-12">';

    //delete docs
    unlink("../".$verial["resimyol"]);


    // delete my database
    self::sorgum($vt,"delete from intro where id=$introid",0);


    echo'<div class="alert alert-success mt-5 font-weight-bold">Docs delete success.<i class="ti-alert ml-2"></i></div>';

    echo'</div></div>';
}

my ""sorgum"" functions is here;

function sorgum($vt,$sorgu,$tercih=0){
    $al=$vt->prepare($sorgu);
    $al->execute();

    if($tercih==1):
        return $al->fetch();

    elseif ($tercih==2):
        return $al;

    endif;

}

my error code

Yunus Karatas
  • 1
  • 1

1 Answers1

0

Firstly, the security side of me needs to let you know that if you are going to use $_GET['id'] to enter directly in to a query, you need to sanitize and escape it otherwise, you will be subject to an SQL Injection attack.

In regards to retrieving the ID, I would be inclined to advise that you submit it to the function:

function introsil($vt, $id){

    $introid = $id;

    $verial = self::sorgum($vt,"select * from intro where id=$introid",1);

    echo '<div class="row text-center">
                <div class="col-lg-12">';

    //delete docs
    unlink("../".$verial["resimyol"]);


    // delete my database
    self::sorgum($vt,"delete from intro where id=$introid",0);


    echo '<div class="alert alert-success mt-5 font-weight-bold">Docs delete success.<i class="ti-alert ml-2"></i></div>';

    echo '</div></div>';
}

This can be then called like so:

<?php
    introsil($vt,  $_GET['id']);

I have not sanitized or escaped the $id variable in my examples. I recommend you check out this link for information on how to safely do this.

Peter B
  • 437
  • 4
  • 14