[wp-hackers] Delete Row - Refreshes Page but not DB

Sat Oct 19 17:53:23 UTC 2013

Yep, I had to add true.  So all this is executing based on the values of
this button:
 <button type="submit" name="deleteItem" value="<?php echo $row['id']; ?>"
file="<?php echo $row['file']; ?>" class="delete-box"><span
class="glyphicon glyphicon-remove"></span></button>

But couldnt someone just change the values of the fileid or rowid and
delete other peoples content?

On Sat, Oct 19, 2013 at 10:40 AM, J.D. Grimes <jdg at codesymphony.co> wrote:

> Hey man, that's tough. I'm glad you've got the code working though.
>
> > I finally got JDs code working but I have to place this in my functions
> for
> > ajax to work:
> >
> > add_action('wp_head','custom_head');
> >
> > function custom_head()
> > {
> >       echo '';
> > }
> >
> >
> > Is that alright?  Otherwise I get ajaxurl undefined error.
>
> I'm not sure why this would have an effect… If you are using the code on
> the front end of your site, ajaxurl won't be defined - it is only defined
> by default in the administration panels. You would need to use
> wp_localize_script().
>
> > Additionally, the json response works too! However one query always
> fails.
> >
> > $file = $_POST['file'];
> > $del_image = wp_delete_attachment( $row['file'] ); - fail
> >
> > I also tried this as an sql query:
> >
> > $file = $_POST['file'];
> > $fileQry = $wpdb->prepare("DELETE FROM wp_posts WHERE id = %s", $file);
> > $go_fileQry = $wpdb->query($fileQry);
> >
> > It still fails.  It IS possible to run multiple queries this way right?
>
> Is it completely failing? The wp_delete_attachment() call will only move
> the attachment to the trash by default -if you want to delete it
> permanently you need to set the second parameter to true.
>
> -J.D.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>