How do I undo a submition after the value has been sent to database with ajax?

Question

0.00/5 (No votes)

See more:

I am implementing a like and unlike system to my project. I followed this tutorial to make things works. I trying to make an undo like/dislike function if I click again on the same button, but I can't figure out, what should I modify or add to codes.

What I have tried:

I have tried to check if the record is exist in the database then if yes, delete it, but nothing happens:

$query = "SELECT * FROM like_unlike WHERE type='1' and userid = '$userid' and postid='$postid'";
$result = mysqli_query($conn,$query);
$fetchliked = mysqli_fetch_array($result);
$liked = $fetchliked['type'];
if ($liked == '1') {
    $deletequery = "DELETE FROM like_unlike WHERE type='1' userid='$userid' and postid='$postid'";
    mysqli_query($conn,$deletequery);
}

Posted 24-May-19 8:39am

Galarist_00

Updated 24-May-19 9:18am

v5

Add a Solution

Comments

Richard Deeming 24-May-19 15:12pm

Your code is almost certainly vulnerable to SQL Injection[^]. NEVER use string concatenation (or interpolation) to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]
PHP: Prepared statements and stored procedures - Manual[^]

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Answer 1 · 2019-05-24T09:17:00

Solution 2

Quote:

$deletequery = "DELETE FROM like_unlike WHERE type='1' where userid='$userid' and postid='$postid'";

You've got two WHERE clauses in your DELETE statement. Unless it's a MySql-special, you should only have one:

$deletequery = "DELETE FROM like_unlike WHERE type='1' and userid='$userid' and postid='$postid'";

But you really need to fix the SQL Injection[^] vulnerabilities. :)

Posted 24-May-19 9:17am

Richard Deeming

Comments

Galarist_00 24-May-19 15:19pm

Yeah I realised that. Even tho I have fixed that. It still not working...

Galarist_00 24-May-19 15:20pm

Probably I need to change something in the AJAX as well

Gerry Schmitz · Answer 2 · 2019-05-24T09:13:00

Solution 1

You're interpreting "postid" differently in the SELECT and DELETE "where" clauses; a literal in the one case (DELETE) and something else in the other.

Posted 24-May-19 9:13am

Gerry Schmitz

Comments

Galarist_00 24-May-19 15:21pm

yeah fixed that one. Still not working...

[no name] 24-May-19 15:29pm

Didn't see your "fix" or what was actually required.

Galarist_00 24-May-19 15:35pm

What do you mean? I fixed that syntax error on the delete query but still not undo the like or unlike if I click again on the same submitted button.