Yep, just saw that:
...$_GET['conf'] == hash("sha256", $salt1 . $_GET['id'] . $salt2))...
try that
hi ardav,thank you for the reply...still it would not delete...i think there is a problem in the get method and i am confuse of it...can you please look in the link delete inside my while loop and please correct me if i am wrong...Thank you in advance...
the column fields in my table
- idno
- username
- password
and here is my edit.php
<?php
include_once('conDB.php');
$salt1="mysaltyhash";
$salt2="anothersaltyhash";
if(isset($_GET['email']) && isset($_GET['conf']) && strlen($_GET['conf']) == 256 && $_GET['conf'] == hash("sha256",$salt1 . $_GET['id'] . $salt2))
{
$id=$_GET['id'];
delete($id);
}
$result = list_rec();
?>
<html>
<title>Delete</title>
<head></head>
<body>
<table border="1">
<?php
while($row = mysql_fetch_array($result))
{
$input = "mysaltyhash" . $row['idno']. "anothersaltyhash";
$conf=hash('sha256',$input);
echo '<tr>';
echo ' <td>' . $row['username'] . '</td>';
echo ' <td>' . $row['email'] . '</td>';
echo "<td><a href=\"?id=$input&conf=$conf\">delete</a></td>";
echo '</tr>';
}
?>
</table>
</body>
</html>
This is where i get my functions
conDB.php
<?php
$con=mysql_connect('localhost','root','');
if(!$con){die('Not connected to server'.mysql_error());}
mysql_select_db('findb',$con);
function list_rec()
{
$lst="select * from reg_tbl";
$lstrec=mysql_query($lst);
return $lstrec;
}
function delete($id)
{
$sql = "DELETE from mytbl where id = '$id'";
mysql_query($sql);
return 'DELETED!!!';
}
function register($txtuser,$email,$password)
{
$sql= "insert into reg_tbl
values(default,'$txtuser','$email',sha2('$password',256))";
mysql_query($sql);
return 'Succesfully Registered';
}
?>