Trying to remove an item from a db with a form

Geypens

Hello,

I have a page which has to add and remove licenses from a table from my db.
Adding licenses works perfect, but I have a problem to delete from the db.

*First of all : $companycheck is the variable you become from the login, it contains the company-name.

*In my table from my db, there are 3 columns : ID, license and company.

*First form (called form2) : this is to display the licenses from the company.

*Second form (called form3) : this is to remove the licenses (you have to type the license which has to be removed).

*Third form (called form1) : Here you can add licenses.

When I try to add a license, it works perfect : it adds the license to my table and shows it directly (in form2), but when I want to delete a license, I get the following error :

You have an error in your SQL syntax near '(company, license) VALUES (NULL, NULL)' at line 1

Can someone please help me ?

Thanks a lot !!!!

<?php require_once('../../Connections/fisherintranet.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
  $editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}

if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO licenties (company, license) VALUES (%s, %s)",
                       GetSQLValueString($HTTP_POST_VARS['company'], "text"),
                       GetSQLValueString($HTTP_POST_VARS['license'], "text"));

  mysql_select_db($database_fisherintranet, $fisherintranet);
  $Result1 = mysql_query($insertSQL, $fisherintranet) or die(mysql_error());
}

session_start();
if ($HTTP_SESSION_VARS["statusCheck"] != "Admin")
  header("Location: menu.php");
$lala_licenties = "1";
if (isset($HTTP_SESSION_VARS['companyCheck'])) {
  $lala_licenties = (get_magic_quotes_gpc()) ? $HTTP_SESSION_VARS['companyCheck'] : addslashes($HTTP_SESSION_VARS['companyCheck']);
}
mysql_select_db($database_fisherintranet, $fisherintranet);
$query_licenties = sprintf("SELECT license FROM licenties WHERE company = '%s' ORDER BY license ASC", $lala_licenties);
$licenties = mysql_query($query_licenties, $fisherintranet) or die(mysql_error());
$row_licenties = mysql_fetch_assoc($licenties);
$totalRows_licenties = mysql_num_rows($licenties);
?>


<?php
function GetSQLValueStringx($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
  $editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}

if ((isset($HTTP_POST_VARS["MM_remove"])) && ($HTTP_POST_VARS["MM_remove"] == "form3")) {
  $removeSQL = sprintf("DELETE FROM licenties (company, license) VALUES (%s, %s)",
                       GetSQLValueStringx($HTTP_POST_VARS['company'], "text"),
                       GetSQLValueStringx($HTTP_POST_VARS['license'], "text"));

  mysql_select_db($database_fisherintranet, $fisherintranet);
  $Result1 = mysql_query($removeSQL, $fisherintranet) or die(mysql_error());
}

session_start();
if ($HTTP_SESSION_VARS["statusCheck"] != "Admin")
  header("Location: menu.php");
$colname_licenties = "1";
if (isset($HTTP_SESSION_VARS['companyCheck'])) {
  $colname_licenties = (get_magic_quotes_gpc()) ? $HTTP_SESSION_VARS['companyCheck'] : addslashes($HTTP_SESSION_VARS['companyCheck']);
}
mysql_select_db($database_fisherintranet, $fisherintranet);
$query_licenties = sprintf("SELECT license FROM licenties WHERE company = '%s' ORDER BY license ASC", $colname_licenties);
$licenties = mysql_query($query_licenties, $fisherintranet) or die(mysql_error());
$row_licenties = mysql_fetch_assoc($licenties);
$totalRows_licenties = mysql_num_rows($licenties);
?>


<html
<style type="text/css">
	BODY { font-family:"Verdana, Arial, Helvetica, sans-serif"; font-size:90%;}

DIV#divMenuBar { background-color:#006699; }
TABLE#tblMenuBar TD { font-size:80%; color:#FFFFFF; padding:0px 5px 0px 5px; cursor:default; }
TABLE#tblMenuBar TD.clsMenuBarItem { font-weight:bold; cursor:default; }

/* These two style rules added for links in MenuBar */
TABLE#tblMenuBar TD.clsMenuBarItem A { text-decoration:none; color:#CCCCCC; font-weight:bold; }
TABLE#tblMenuBar TD.clsMenuBarItem A:hover { color:#9999FF; }
DIV.clsMenu { 
	font-size:90%; background-color:#006699;
	position:absolute; visibility:hidden; width:130px; 
	padding:5px 5px 5px 8px; border-top:1 white solid; 
}
DIV.clsMenu A { text-decoration:none; color:#CCCCCC; font-weight:bold; }
DIV.clsMenu A:hover { color:#9999FF; }
</style>
<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->
</head>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<p> </p>
<p align="center">These are the licenses from <?php echo $companyCheck; ?></p>


<form name="form2" method="post" action="">
  <table width="30%" border="1" align="center" cellpadding="0" cellspacing="0" bgcolor="#999966">
    <tr> 
      <td colspan="2" bgcolor="#999900"><div align="center"> <font color="#FFFFFF" face="Times New Roman, Times, serif"><strong>licenses</strong></font></div></td>
    </tr>
    <?php do { ?>
    <tr> 
      <td><div align="center"> 
          <p> 
            <input name="<?php echo $row_licenties['ID']; ?>"             <font color="#FFFFFF"> </font></p>
        </div></td>
      <td><div align="center"> 
          <p><font color="#FFFFFF"><?php echo $row_licenties['license']; ?></font></p>
        </div></td>
    </tr>
    <?php } while ($row_licenties = mysql_fetch_assoc($licenties)); ?>
  </table>
  <p> </p>
  <p align="center"> 
    <input type="submit" name="Submit" value="Remove selected license">
  </p>
</form>


<form action="<?php echo $editFormAction; ?>" method="post" name="form3" id="form3">
  <table width="40%" align="center">
    <tr valign="baseline"> 
      <td nowrap align="right"> </td>
      <td><input type="hidden" name="company2" value="<?php echo $companyCheck; ?>" size="32"></td>
    </tr>
    <tr valign="baseline" bgcolor="#999966"> 
      <td align="right" nowrap bgcolor="#999900"><div align="center"><font color="#FFFFFF"><strong>License:</strong></font></div></td>
      <td><div align="center"> 
          <input type="text" name="license2" value="" size="32">
        </div></td>
    </tr>
    <tr valign="baseline" bgcolor="#999966"> 
      <td align="right" nowrap> </td>
      <td><div align="center"> 
          <input name="submit" type="submit" value="Remove License">
        </div></td>
    </tr>
  </table>
  <input name="MM_remove" type="hidden" id="MM_remove" value="form3">
</form>
<p> </p>


<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
  <table width="40%" align="center">
    <tr valign="baseline"> 
      <td nowrap align="right"> </td>
      <td><input type="hidden" name="company" value="<?php echo $companyCheck; ?>" size="32"></td>
    </tr>
    <tr valign="baseline" bgcolor="#999966"> 
      <td align="right" nowrap bgcolor="#999900"><div align="center"><font color="#FFFFFF"><strong>License:</strong></font></div></td>
      <td><div align="center"> 
          <input type="text" name="license" value="" size="32">
        </div></td>
    </tr>
    <tr valign="baseline" bgcolor="#999966"> 
      <td align="right" nowrap> </td>
      <td><div align="center"> 
          <input type="submit" value="Add License">
        </div></td>
    </tr>
  </table>
  <input type="hidden" name="MM_insert" value="form1">
</form>
<p align="center"> </p>
<p align="center"><a href="menu.php">Back to menu</a></p>
<!-- InstanceEndEditable --> 
<p> </p>
</body>
<!-- InstanceEnd --></html>
<?php
mysql_free_result($licenties);
?>

😕

John_Canyon

$removeSQL = sprintf("DELETE FROM licenties (company, license) VALUES (%s, %s)",
GetSQLValueStringx($HTTP_POST_VARS['company'], "text"),
GetSQLValueStringx($HTTP_POST_VARS['license'], "text"));

Should read something like this.

DELETE FROM licenties WHERE license='".$HTTP_POST_VARS['license']."'");