-1

I have been trying to delete a record from a table using delete sql statement but I found it difficult. Can you please look at my code and see what might be wrong?

<?php 
     $name=$_REQUEST['student_id'];

     $query=mysql_query ("delete   from  studentmark
 where studentmark.CODE='$code'  AND studentmark.student_id='$name'");  
 header('location:homet.php?action=studentsubject'); 
     ?>


CREATE TABLE IF NOT EXISTS `studentmark` (
  `YEAR` int(4) NOT NULL,
  `TERM` varchar(15) NOT NULL,
  `CODE` varchar(7) NOT NULL,
  `STUDENT_ID` varchar(255) NOT NULL,
  `TEST` int(3) DEFAULT NULL,
  `EXAM` int(3) DEFAULT NULL,
  `TNAME` varchar(15) NOT NULL,
  PRIMARY KEY (`CODE`,`STUDENT_ID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
user5189527
  • 9
  • 2
  • 2
    You are vulnerable to [sql injection attacks](http://bobby-tables.com), and exactly **HOW** is this not working? other than `$code` being undefined... – Marc B Aug 06 '15 at 14:58
  • As an addition to what @MarcB said, you're using deprecated code. – Daan Aug 06 '15 at 15:01
  • What do you get if you change `delete from` to `select * from`? If you get no rows, then your `where` clause is not matching any rows. Please explain what's going wrong. – O. Jones Aug 06 '15 at 15:10

1 Answers1

0

I was able to solve this problem by making use of the code below.

<?php


include('../connection.php');
$id=$_GET['student_id'];


mysql_query("delete    from  studentmark
 where  student_id='$id'") or die(mysql_error());


 header('location:homet.php?action=studentsubject'); 
$conn->close();
 ?> 
 <div class='footer'>
  <p><center>


<a href=deletestudentsubject.php?student_id='.$fetch['student_id'].'><img src="../images/edit-icon.png" width=20 height=20 title=DELETE_RECORD /></a></td></tr>';
user5189527
  • 9
  • 2