Reputation: 6679
As you can see, on every comment there is a button but it deletes every comment when I click one button. I only want it to delete the comment it belongs to. I may get why it deletes everything since it deletes all the variables in the column comment_id
from the $sql_result2
query, but I have no idea how to fix it.
Should I change my $sql_result2
? What am I doing wrong here?
$sql_result2 = $mysqli2->query("SELECT * FROM comments WHERE thread_id = '".$thread_id."'");
while ($comments = mysqli_fetch_assoc($sql_result2)) {
echo " <div id='comments' >{$comments['comment']}</br>";
echo "<div id='name_and_date'><a href=profile.php?comment_username={$comments['username']}>{$comments['username']}</a></br>";
echo "{$comments['date_made']}</div></div>";
echo <<<EOT
<table style='margin-left:42% ;'>
<form action="?" method="post">
<td><input name="delete_comment" type="submit" value="delete"></td>
<table>
EOT;
if ( isset( $_POST['delete_comment'] ) ) {
$sqldeletecomment=$mysqli2->query("delete from comments WHERE comment_id = '".$comments['comment_id']."'");
header("Location: thread.php");
}
}
Upvotes: 0
Views: 161
Reputation: 6346
You have it within the while
loop, so the following code is getting executed for each comment:
if ( isset( $_POST['delete_comment'] ) ) {
$sqldeletecomment=$mysqli2->query("delete from comments WHERE comment_id = '".$comments['comment_id']."'");
header("Location: thread.php");
}
You should remove that from the while loop, and replace $comments['comment_id']
with a valid get/post variable.
For example:
if ( isset( $_POST['delete_comment'] ) ) {
$sqldeletecomment=$mysqli2->query("delete from comments WHERE comment_id = '".$_POST['comment_id']."'");
header("Location: thread.php");
exit();
}
$sql_result2 = $mysqli2->query("SELECT * FROM comments WHERE thread_id = '".$thread_id."'");
while ($comments = mysqli_fetch_assoc($sql_result2)) {
echo " <div id='comments' >{$comments['comment']}</br>";
echo "<div id='name_and_date'><a href=profile.php?comment_username={$comments['username']}>{$comments['username']}</a></br>";
echo "{$comments['date_made']}</div></div>";
echo <<<EOT
<table style='margin-left:42% ;'>
<td><form action="?" method="post">
<input name="delete_comment" type="submit" value="delete">
<input name="comment_id" type="hidden" value="{$comments['comment_id']}">
</form></td>
<table>
EOT;
}
but you should really look at tidying up the rest of the code. There are tags that aren't ending in the HTML, and its vulnerable to SQL injection.
Upvotes: 3
Reputation: 556
this is happening because header function does not works if any thing is echoed before this and you put it in a while loop so once the condition isset( $_POST['delete_comment'] ) is true it will be true for all records in the loop hence deleting all records.
if ( isset( $_POST['delete_comment'] ) ) {
$sqldeletecomment=$mysqli2->query("delete from comments WHERE comment_id = '".$comments['comment_id']."'");
header("Location: thread.php");
}
there seems to be a problem in your logic as well to delete only once record. you are just setting a general flag not a particular comment_id to be deleted
Upvotes: 0
Reputation: 480
i dont actually get what you're trying to do here, but it seems like you're to pass variable using a post method.. and delete a data using the variable as a filter...
you need to create an input element or any element which will allow you to pass your variable in a post method..
<table style='margin-left:42% ;'>
<form action="?" method="post">
<td><input name="delete_comment" type="submit" value="<?php echo $comments['comment_id']; ?>"></td>
<table>
just like this... i used your submit button since it has no other use than to check if its already clicked..
Upvotes: 0