deleting rec - Page 2

Question

diafol

13 Years Ago

my mistake:
should be

echo "conflen: " . strlen($_GET['conf']) . "<br />";

Also the sha256 will give a 64 length:

strlen($_GET['conf']) == 64

Edited 13 Years Ago by diafol because: n/a

diafol

13 Years Ago

Does your url have the following structure:

somepage.php?id=7&conf=01cf9aabf775e82947191410df4c6157c322ebbf8c761ac1b47ffd8673263c24

diafol

13 Years Ago

OK so the incoming data is correct by the looks of it. As seen by the first lot of echoes.

So is it working?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

jemz -1 Master Poster · Answer 1 · 2011-09-24T00:16:13+00:00

Yep, just saw that:

...$_GET['conf'] == hash("sha256", $salt1 . $_GET['id'] . $salt2))...

try that

hi ardav,thank you for the reply...still it would not delete...i think there is a problem in the get method and i am confuse of it...can you please look in the link delete inside my while loop and please correct me if i am wrong...Thank you in advance...

the column fields in my table

idno
username
email
password

and here is my edit.php

<?php 

	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
   

  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     $id=$_GET['id'];
     delete($id);
   }
	
	$result = list_rec();
	

?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
				
				
				 while($row = mysql_fetch_array($result))
					{
					   $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
					   $conf=hash('sha256',$input);
						echo '<tr>';
						echo '  <td>' . $row['username'] . '</td>';
						echo '  <td>' . $row['email'] . '</td>';
						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
						echo '</tr>';
					}
			?>
			</table>	
		
			</body>
</html>

This is where i get my functions
conDB.php

<?php
   
		$con=mysql_connect('localhost','root','');
		 if(!$con){die('Not connected to server'.mysql_error());}
		mysql_select_db('findb',$con);
   
        function list_rec()
		{
			$lst="select * from reg_tbl";
			$lstrec=mysql_query($lst);
			return $lstrec;
		}


		function delete($id)
			{
			  
				$sql = "DELETE from mytbl where id = '$id'";
				 mysql_query($sql);
				
				return 'DELETED!!!';
			}

		function register($txtuser,$email,$password)
		{
      
      
			$sql= "insert into reg_tbl
			values(default,'$txtuser','$email',sha2('$password',256))";
			
			mysql_query($sql);	
			
			 
			return 'Succesfully Registered';	
	   
		}	
 ?>

vidjin -3 Newbie Poster · Answer 2 · 2011-09-24T00:42:48+00:00

Hi,

There need to be a Unique Column in your Table, which could be ID or something, Assuming its ID then following can be done with your own code.

<?php
   print "<table border='1'>";	
     while($row = mysql_fetch_array($rlist))
	{
	  echo "<tr>";			    
            echo "<td>{$row['firstname']}</td>";
	    echo "<td>{$row['lastname']}</td>";
            echo "<td><a href='delete.php?id={$row['ID']}'>delete</td>";
	  echo "</tr>";
	}	
	  print "</table>";
?>

Create a delete.php page and delete the record with ID passed from the above page, and redirect back if you want.

Let us know if it helped.

Enjoy :)

diafol · Answer 3 · 2011-09-24T02:41:37+00:00

if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     echo "get worked";
     $id=$_GET['id'];
     delete($id);
   }else{
echo "email: {$_GET['email']}<br />conf: {$_GET['conf']}<br />strlen: " . strlen($_GET['conf']) . "<br />hash: " .hash("sha256",$salt1 . $_GET['id'] . $salt2);

}

see if you get output.

jemz -1 Master Poster · Answer 4 · 2011-09-24T22:33:05+00:00

if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     echo "get worked";
     $id=$_GET['id'];
     delete($id);
   }else{
echo "email: {$_GET['email']}<br />conf: {$_GET['conf']}<br />strlen: " . strlen($_GET['conf']) . "<br />hash: " .hash("sha256",$salt1 . $_GET['id'] . $salt2);

}

see if you get output.

hi ardav,

it will generate error in the else statement...
Notice: Undefined index: conf
Notice: Undefined index: id

@ vidjin still i cannot delete...

Thank you in advance...
Best Regards!

jemz -1 Master Poster · Answer 5 · 2011-09-24T22:47:05+00:00

if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
     echo "get worked";
     $id=$_GET['id'];
     delete($id);
   }else{
echo "email: {$_GET['email']}<br />conf: {$_GET['conf']}<br />strlen: " . strlen($_GET['conf']) . "<br />hash: " .hash("sha256",$salt1 . $_GET['id'] . $salt2);

}

see if you get output.

hi ardav,

I have some question in the while statement...i think it cannot get in the url the idno because we surrounded the idno "mysaltyhash" "anothersalthhash"

and it cannot execute to delete($id)...please correct me if i am wrong...

<?php
                 while($row = mysql_fetch_array($result))
	          {
		     $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
		     $conf=hash('sha256',$input);
		     echo '<tr>';
		     echo '  <td>' . $row['username'] . '</td>';
		     echo '  <td>' . $row['email'] . '</td>';
		     echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
		     echo '</tr>';
		   }
 ?>

Best Regards

diafol · Answer 6 · 2011-09-24T22:54:12+00:00

O dear, you will give the whole game away will that:

$input = "mysaltyhash" . $row['idno']. "anothersaltyhash";

do

$input = $row['idno'];
$conf = hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");

jemz -1 Master Poster · Answer 7 · 2011-09-25T17:25:52+00:00

jemz -1 Master Poster

13 Years Ago

O dear, you will give the whole game away will that:

$input = "mysaltyhash" . $row['idno']. "anothersaltyhash";

do

$input = $row['idno'];
$conf = hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");

hi ardav,

still it won't work, i attache my code so that you can see...please help me.
Thank you in advance and i am hoping for your positive response.

conDB.php (0.68 KB)

<?php
   
		$con=mysql_connect('localhost','root','');
		 if(!$con){die('Not connected to server'.mysql_error());}
		mysql_select_db('findb',$con);
   
        function list_rec()
		{
			$lst="select * from reg_tbl";
			$lstrec=mysql_query($lst);
			return $lstrec;
		}


		function delete($id)
			{
			  
				$sql = "DELETE from mytbl where id = '$id'";
				 mysql_query($sql);
				
				return 'DELETED!!!';
			}

		function register($txtuser,$email,$password)
		{
      
      
			$sql= "insert into reg_tbl
			values(default,'$txtuser','$email',sha2('$password',256))";
			
			mysql_query($sql);	
			
			 
			return 'Succesfully Registered';	
	   
		}	
 ?>

edit.php (0.99 KB)

<?php 

	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
   

  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
 // if(isset($_GET['id'])&& isset($_GET['conf']))
   {
     echo'hello';
	 $id = $_GET['id'];
	
     delete($id);
   }
	
	$result = list_rec();
	

?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
				
				
				 while($row = mysql_fetch_array($result))
					{
					  // $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
					      $input = $row['idno'];
					   $conf=hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
						echo '<tr>';
						echo '  <td>' . $row['username'] . '</td>';
						echo '  <td>' . $row['email'] . '</td>';
						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
						echo '</tr>';
					}
			?>
			</table>	
		
			</body>
</html>

Reg.php (1.62 KB)

<?php

	include_once('conDB.php');
		
	$txtuser='';
	$email='';
	$password='';
    $msg='';
	$msg1='';
	$msg2='';
	$msg3='';

	
	if(isset($_POST['register']))
	{	
	   $txtuser = trim($_POST['txtuser']);
	   $email = trim($_POST['email']);
	   $password = trim($_POST['password']);
   	
	   if($txtuser=='')
			$msg1='User name is required';
	   elseif($email=='')
             $msg2='Email is required';
       elseif($password=='')
            $msg3='Password required';	   
	   else	
	   $msg=register($txtuser,$email,$password);
		
	}

      

 ?>


<html>
	
	<head>
		<title>Register</title>
	</head>
	<body>
	<h1>Register</h1>
	<form method="post" >
    	<table> 
			<tr>
				<td ><label style="color:blue;font-weight:bold;">User Name</label></td>
				<td><input type="text" id="user"  name="txtuser"></input></td>
				<td><div style="color:red;font-weight:bold;"><?php echo $msg1; ?></div></td>
			</tr>
			<tr>
				<td ><label style="color:blue;font-weight:bold;">Email</label></td>
				<td><input type="text" id="email" name="email"></input></td>
				<td><div style="color:red;font-weight:bold;"><?php echo $msg2; ?></div></td>
			</tr>
			<tr>
				<td><label style="color:blue;font-weight:bold;">Password</label></td>
				<td><input type="password" id="pwd" name="password"></input></td>
				<td><div style="color:red;font-weight:bold;"><?php echo $msg3; ?></div></td>
		</table>
		</br>
		
		<input type="submit" id="reg" name="register" value="register"></input>
		
	</form>

	  <div style="color:red;font-weight:bold;">
	      <?php echo $msg; ?>
	  </div>
	</body>
	
	
</html>

diafol · Answer 8 · 2011-09-25T17:59:31+00:00

do you get 'hello'?

<?php 



	include_once('conDB.php');

	$salt1="mysaltyhash";

	$salt2="anothersaltyhash";

   



  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

 // if(isset($_GET['id'])&& isset($_GET['conf']))

   {

     echo'hello';

	 $id = $_GET['id'];

	

     delete($id);

   }

	

	$result = list_rec();

	



?>

<html>

	<title>Delete</title>

		<head></head>

			<body>

			<table border="1">

			<?php

				

				

				 while($row = mysql_fetch_array($result))

					{

					   $input = $row['idno'];

					   $conf=hash('sha256',$salt1 . $input. $salt2);

						echo '<tr>';

						echo '  <td>' . $row['username'] . '</td>';

						echo '  <td>' . $row['email'] . '</td>';

						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";

						echo '</tr>';

					}

			?>

			</table>	

		

			</body>

</html>

<?php

   

		$con=mysql_connect('localhost','root','');

		 if(!$con){die('Not connected to server'.mysql_error());}

		mysql_select_db('findb',$con);

   

        function list_rec()

		{

			$lst="select * from reg_tbl";

			$lstrec=mysql_query($lst);

			return $lstrec;

		}





		function delete($id)

			{

			  

				$sql = "DELETE from mytbl where id = '$id'";

				 mysql_query($sql);

				

				return 'DELETED!!!';

			}




 ?>

the mytbl - shouldn't that be reg_tbl?

I got rid of the register code - ti was all wrong with the sha stuff as you know.

jemz -1 Master Poster · Answer 9 · 2011-09-25T22:08:45+00:00

do you get 'hello'?

<?php 



	include_once('conDB.php');

	$salt1="mysaltyhash";

	$salt2="anothersaltyhash";

   



  if(isset($_GET['email']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

 // if(isset($_GET['id'])&& isset($_GET['conf']))

   {

     echo'hello';

	 $id = $_GET['id'];

	

     delete($id);

   }

	

	$result = list_rec();

	



?>

<html>

	<title>Delete</title>

		<head></head>

			<body>

			<table border="1">

			<?php

				

				

				 while($row = mysql_fetch_array($result))

					{

					   $input = $row['idno'];

					   $conf=hash('sha256',$salt1 . $input. $salt2);

						echo '<tr>';

						echo '  <td>' . $row['username'] . '</td>';

						echo '  <td>' . $row['email'] . '</td>';

						echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";

						echo '</tr>';

					}

			?>

			</table>	

		

			</body>

</html>

<?php

   

		$con=mysql_connect('localhost','root','');

		 if(!$con){die('Not connected to server'.mysql_error());}

		mysql_select_db('findb',$con);

   

        function list_rec()

		{

			$lst="select * from reg_tbl";

			$lstrec=mysql_query($lst);

			return $lstrec;

		}





		function delete($id)

			{

			  

				$sql = "DELETE from mytbl where id = '$id'";

				 mysql_query($sql);

				

				return 'DELETED!!!';

			}




 ?>

the mytbl - shouldn't that be reg_tbl?

I got rid of the register code - ti was all wrong with the sha stuff as you know.

hi sir,

Nope, i did not get the echo 'hello'...thank you for correcting my table in delete function....sir,so my register code is wrong? why it is wrong sir in my sha2?so what is the proper way in encrypting the password or using the code...please help me.

Thank you in advance.

diafol · Answer 10 · 2011-09-25T22:18:29+00:00

This has already been covered:

hash("sha256", $salt1 . $whatever . $salt2))

if(isset([B]$_GET['email'][/B]) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

You're checking for 'email'? I thought this was 'id' now?

jemz -1 Master Poster · Answer 11 · 2011-09-26T11:03:47+00:00

This has already been covered:
hash("sha256", $salt1 . $whatever . $salt2))
if(isset([B]$_GET['email'][/B]) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
You're checking for 'email'? I thought this was 'id' now?

hi ardav,

sorry for that email,i forgot to return it to checking id...by the way in my function register you told me that all is wrong in sha2,but how can i encrypt the password and save it to my reg_tbl...i want the password to be encrypt in my reg_tbl

function register($txtuser,$email,$password)
		{
      
      
			$sql= "insert into reg_tbl
			values(default,'$txtuser','$email',sha2('$password',256))";
			
			mysql_query($sql);	 
			return 'Succesfully Registered';	
	   
		}

I am really confuse sir why is it that it will not delete i already change it to cheking in id

<?php 

	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
   

  if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
 // if(isset($_GET['id'])&& isset($_GET['conf']))
   {
     echo'hello';
	 $id = $_GET['id'];
	
     delete($id);
   }
	
	$result = list_rec();
	

?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
				
				
	while($row = mysql_fetch_array($result))
	  {
	    // $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
	    $input = $row['idno'];
	     $conf=hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
	     echo '<tr>';
	    echo '  <td>' . $row['username'] . '</td>';
     	    echo '  <td>' . $row['email'] . '</td>';
	    echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
	    echo '</tr>';
	}
	?>
	</table>	
		
	</body>
</html>

Thank you in advance.

diafol · Answer 12 · 2011-09-26T18:05:59+00:00

This is my last post on this thread, I'm losing the will to live.

Echo out each bit of the

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

to see what it gives you:

echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Good luck with it.

jemz -1 Master Poster · Answer 13 · 2011-09-28T21:26:02+00:00

This is my last post on this thread, I'm losing the will to live.

Echo out each bit of the

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

to see what it gives you:

echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Good luck with it.

hi ardav,

i just want to inform you that i cannot echo this,it i will not get inside in the if statement....thank you for helping in a couple of time.

diafol · Answer 14 · 2011-09-28T22:21:12+00:00

OK, seriously last post...:)

You place the echo before the if statement.

include_once('conDB.php');
$salt1="mysaltyhash";
$salt2="anothersaltyhash";
echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);
if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

jemz -1 Master Poster · Answer 15 · 2011-09-28T23:13:33+00:00

This is my last post on this thread, I'm losing the will to live.

Echo out each bit of the

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

to see what it gives you:

echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Good luck with it.

Hi ardav,

Sir i did not surrender...and i figure it out why this will not get inside into the if statement it's because you put this in if statement which could lead to exit in if statement.

if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

I remove this function strlen

this function strlen($_GET['conf']) == 256

and now it would delete...

jemz -1 Master Poster · Answer 16 · 2011-09-28T23:20:48+00:00

OK, seriously last post...:)

You place the echo before the if statement.

include_once('conDB.php');
$salt1="mysaltyhash";
$salt2="anothersaltyhash";
echo "id: " . $_GET['id'] . "<br />";
echo "conf: " . $_GET['conf'] . "<br />";
echo "conflen: " . strlen($_GET['id']) . "<br />";
echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);
if(isset($_GET['id']) && isset($_GET['conf'])  && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))

Nope, this will get undefined index...:idea:

jemz -1 Master Poster · Answer 17 · 2011-09-28T23:48:58+00:00

my mistake:
should be
echo "conflen: " . strlen($_GET['conf']) . "<br />";
Also the sha256 will give a 64 length:
strlen($_GET['conf']) == 64

Hi Ardav,it's working now i put back the strlen function and it would delete now...

about this echo,it would always undefined index because it cannot get the id,conf,conf,id
and i don't know why.but if you can enlighten my mind about this error it would be greatly appreciated....

echo "id: " . $_GET['id'] . "<br />";
	echo "conf: " . $_GET['conf'] . "<br />";
	echo "conflen: " . strlen($_GET['conf']) . "<br />";
	echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);

Kindly Regards,

Jemz

jemz -1 Master Poster · Answer 18 · 2011-09-29T10:46:12+00:00

Does your url have the following structure:
somepage.php?id=7&conf=01cf9aabf775e82947191410df4c6157c322ebbf8c761ac1b47ffd8673263c24

Hello Ardav,

http://localhost/edit/edit.php?id=28&conf=aa97eb7e347388cd290373f3807af654e91bd45af4b96438a552914c2587cdd9

here is the echo i put in the inside in if statement

<?php 
 
	include_once('conDB.php');
	$salt1="mysaltyhash";
	$salt2="anothersaltyhash";
  
   
	


 
  if(isset($_GET['id']) && isset($_GET['conf']) && strlen($_GET['conf'])==64 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
   {
        echo'hello';
	echo "id: " . $_GET['id'] . "<br />";
	echo "conf: " . $_GET['conf'] . "<br />";
	echo "conflen: " . strlen($_GET['conf']) . "<br />";
	echo "hash: " . hash("sha256",$salt1 . $_GET['id'] . $salt2);
	
	 $id = $_GET['id'];
 
     delete($id);
   }
 
	$result = list_rec();
 
 
?>
<html>
	<title>Delete</title>
		<head></head>
			<body>
			<table border="1">
			<?php
 
 
	while($row = mysql_fetch_array($result))
	  {
	    // $input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
	     $input = $row['idno'];
	     $conf=hash('sha256',"mysaltyhash" . $input. "anothersaltyhash");
	     echo '<tr>';
	    echo '  <td>' . $row['username'] . '</td>';
     	    echo '  <td>' . $row['email'] . '</td>';
	    echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
	    echo '</tr>';
	}
	?>
	</table>	
 
	</body>
</html>

please see the screen shot...
Thank you...

jemz -1 Master Poster · Answer 19 · 2011-09-29T17:33:41+00:00

OK so the incoming data is correct by the looks of it. As seen by the first lot of echoes.
So is it working?

Yes,it is working...it will delete now...:icon_cheesygrin:

I am going to mark this solved now...thank to you ardav...