deleting item from database table using id in php

Question

so i have this code :

echo "<h1>Books</h1>";
        echo "<table cellpadding=5 border=1>";
            echo "<tr><th>Title</th><th>Author</th><th>Year</th><th>Deleting</th></tr>";
            foreach ($array as $value) {
                echo "<tr><td>".$value['title']."</td>";
                echo "<td>".$value['author']."</td>";
                echo "<td>".$value['year']."</td>";
                echo "<td><input type='button' id='".$value['id']."' value='delete' name='delete'></td></tr>";
            }
        echo "</table>";

and i am using this for deleting it from my database:

 if(isset($_GET['delete'])){
           $deleted = $_GET['id'];
            $new ="DELETE FROM `book`.`book` WHERE `book`.`id` = $deleted;";
            $dbh->query($new);
        }

I am using PDO as a connection string to mysql database. In database i have ID,Title,Author,Year columns.

So what happens is, when i click on newly formed table with button "delete" nothing happens. What am i doing wrong?

Thanks!

Answer 1

Since you're using type="button", it will not submit the form.

Use type="submit" to submit the form with the button tag, then set $value['id'] as the value="" :

echo "<td><button type='submit' value='".$value['id']."' name='delete'>Delete</button</td></tr>";

If you haven't set it yet, make sure that the <form> tag wraps the <table> and has a method type that corresponds to your PHP:

<form method="GET">

And since you're using PDO, why not use prepared statements:

if(isset($_GET['delete'])){
    $deleted = $_GET['delete'];
    $new ="DELETE FROM `book`.`book` WHERE `book`.`id` = :id";
    $delete = $dbh->prepare($new);
    $delete->bindParam(':id', $deleted, PDO::PARAM_INT);
    $delete->execute();
}

_{Assuming you're already connected.}