Dear all, I have the following codes: http://php.davesolution.com/lihat_data_jur.php I wish I know how to delete the first line of harizontal datas. Whenever I click the delete button in the action column, it takes me to the next empty page. You can see the kode in the URL. I try to capture that code in order the distinguish it from the other harizontal line. How to do that? I have tried to capture it by using $_POST or $_GET and print it to the next page, and it have not give me any result yet. This is the code that I have for the next page after you click the delete button: <html> <head><title>Delete Data Jurusan</title></head> <body> <? include ("server.php"); include ("menu.php"); $koneksi= mysql_connect ($host, $user, $pass) or die (mysql_error()); mysql_select_db($db, $koneksi); if ($koneksi) echo "Sukses terhubung ke database MySql"; else echo "Gagal terhubung ke database MySql"; echo "<br>"; $kode = $_GET('kode'); echo "$kode"; // Menghapus pada tabel jurusan mysql_query ("DELETE from jurusan WHERE kode_jurusan='$kode'", $koneksi); // Menghapus pada tabel mhs mysql_query ("DELETE from mhs WHERE jurusan='$kode'", $koneksi); ?> </body> </html> PHP:
not very secure if you ask me. http://my.php?kode=';+truncate+jurusan; just one example of what can happen. im sure there are plenty other ways to do it better but... you need to validate ALL user input. no matter who it is from. even yourself.
Notice: Array to string conversion in /home/davenet/public_html/php/delete_data_jur.php on line 31 Fatal error: Call to undefined function: array() in /home/davenet/public_html/php/delete_data_jur.php on line 31 Line 31 is: $kode = $_GET('kode'); If you click the delete button next to Acc or Che the above error message appear. Perhaps because I'm using $_GET. what should I replace that to so that the delete function would works? Thanks for the suggestion.
well $_GET isn't a function. it's a global associative array. so... it would be $_GET[], not $_GET(). http://us.php.net/manual/en/reserved.variables.php#reserved.variables.get