Broomer Broomer - 2 years ago 64
HTML Question

delete from database not working using php

$Team = $_POST['Team'];
echo "$Team" ;
$sql = "DELETE FROM championsleauge WHERE Team = $Team ";
if($con->query($sql) === TRUE)
echo "New delete successfully";


the delete is not working. it does echo the team name to be deleted any ideas?

Answer Source

This does not answer your question, but it can open your eyes!

DELETE FROM championsleauge WHERE Team = $Team

Send this value to your POST variable named Team

5 OR 1=1

It will become

DELETE FROM championsleauge WHERE Team = 5 OR 1=1

And there you go, no more champion leagues!

BTW, your error is a simple typo. String values need to be quoted. Then you have no error checking at all. Then you need to go through

How can I prevent SQL-injection in PHP?

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download