CODEWITHSUNDEEP
phphtmlmysql
Mpampis sougidis
Mpampis sougidis

Reputation: 1

Php I can't delete a row of a table

I can't delete a row that I choose with the input delete. I think that I have to set other parameters in the querydelete but i dont know exactly what.

Can anyone help me because Im a beginner? Is there another way to do something like that?

My purpose is to push the delete input and then delete the customer with the specific id (in the same raw with the delete input).

Can anyone give me a link with an example?

 <!DOCTYPE html>
 <html>
 <head>
 <title>Table with database</title>
<style>
 table {
  border-collapse: collapse;
 width: 100%;
  color: #588c7e;
  font-family: monospace;
  font-size: 25px;
  text-align: left;
   } 
th {
  background-color: #588c7e;
  color: white;
   }
 tr:nth-child(even) {background-color: #f2f2f2}
  </style>
  </head>
  <body>
  <table>
  <tr>
  <th>ID</th> 
  <th>Room</th> 
  <th>Name</th>
  <th>Check In</th> 
  <th>Check Out</th> 
   </tr>

 <?php

  include('db_connection.php');
  $conn = OpenCon();

    //SQL query 
     $query = "Select * from ergazomenos"; 

    if(isset($_POST['delete'])){
    $querydelete = "delete from ergazomenos where trim(ID) 
    ='$_POST[hidden]'";
   $queryexee = mysqli_query($conn, $querydelete);

    }

    $result = mysqli_query($conn, $query); 

    if (!$result){
       echo("Error description: " . mysqli_error($conn));
    }


    //query database 

    while($rows = mysqli_fetch_array($result)){

         $ID = $rows['ID'] ;
            $Room = $rows['Room'] ;
         $Name = $rows['Name'];
         $CheckIn = $rows['Check In'] ;
         $CheckOut = $rows['Check Out'] ;




        //echo "</td><td>" . $ID. "</td><td>" "<input type=hidden ID=hidden 
value=" . $rows['ID'] . $Room. "</td><td>". $Name. "</td><td>" . $CheckIn. " 
</td><td>" . $CheckOut. "</td><td>";


            echo "</td><td>" . $ID. "</td><td>" . $Room. "</td><td>". $Name. 
  "</td><td>" . $CheckIn. "</td><td>" . $CheckOut. "</td><td>"; 
            </td>";


        echo ("<form action=delete.php method=post>");
        echo ("<tr><td><div align=\"center\"> $ID </div>" . "<input 
        type=hidden name=hidden value=".$rows['ID'] . "</td> <td><div 
        align=\"center\"> 
      $Room </div></td> <td><div align=\"center\"> $Name </div></td> <td><div 
  align=\"center\"> $CheckIn </div></td> <td><div align=\"center\"> $CheckOut 
  </div></td> <td><div align=\"center\">  <td><div   ");    
        echo ("<td>" . "<input type=submit name=delete value=delete"  . " 
  </td>");      
        //    
          echo ($rows['ID']);
                //echo '<td><input type="button" name="delete" 
  value="delete"></td>';
                echo ("</tr>");
       echo ($_POST['hidden']);
      }  


  CloseCon($conn);



   ?> 

    </table>


  <button type="button" onclick="alert('Hello world!')">Insert</button>
  <button type="button" onclick="alert('Hello world!')">Update</button>


</body>
</html>

Upvotes: 0

Views: 62

Answers (4)

igniz87
igniz87

Reputation: 194

You should using prepare statement to prevent SQL injection

<?php
$link = mysqli_connect("localhost", "my_user", "my_password", "world");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$id = $_POST['hidden'];

// if you are using ID, make sure variable is number
if (is_numeric(id)) {

delete from ergazomenos where trim(ID) 
    ='$_POST[hidden]'

/* create a prepared statement */
if ($stmt = mysqli_prepare($link, "DELETE FROM ergazomenos WHERE trim(ID) = ?")) {

    /* bind parameters for markers */
    mysqli_stmt_bind_param($stmt, "s", $id);

    /* execute query */
    mysqli_stmt_execute($stmt);

    /* close statement */
    mysqli_stmt_close($stmt);
}

/* close connection */
mysqli_close($link);
}
?>

it's more secure this way.

Upvotes: 1

Naveed Ramzan
Naveed Ramzan

Reputation: 3593

Sharing my style.

Create a column in grid named Action and along each db driven record.

<td>
    <a href="delete.php?id=<?php echo $rows['ID'];?>">Delete</a>
</td>

In delete.php file:

include('connection.php');
$id = $_GET['id'];
$query= "delete from table where id = '$id'";
mysqli_query($conn, $query); // or $dbConn->query($query);

Redirect to grid page.

Upvotes: 0

Johannes
Johannes

Reputation: 67748

You have to use (single or escaped double) quotes for the attribute values in your input tag/s:

<input type='hidden' name='hidden' [etc.]

Upvotes: 0

Nikola
Nikola

Reputation: 381

Try with changing the $querydelete from:

$querydelete = "delete from ergazomenos where trim(ID) 
='$_POST[hidden]'";

to

$querydelete = "delete from ergazomenos where trim(ID)=". $_POST['hidden'];

This should help. I didn't test the code, tho.

Upvotes: 0

Related Questions