If you're trying to delete a post, shouldn't you delete it using the primary key of the post table (
post_id
)?
If you're UI is giving the user the possibility to try to delete a post posted by another user, consider changing the UI so that this option isn't shown to the user unless it's the same user that posted the post.
If that's not applicable you can still add a condition to the delete statement. Something like:
DELETE FROM postTB
WHERE post_id = @post_id
AND user_id = @user_id