My query is not working in deleteartikel.php, it doesn't delete anything out of the database.
In form.php I made a delete button but it doesn't delete the row itself. I can't find the mistake.
form.php
<?php
include 'dbconnect.php';
$sql = "SELECT * FROM artikel";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr>";
echo "<td>".$row['Productcode']."</td>";
echo "<td>".$row['Product']."</td>";
echo "<td>".$row['Type']."</td>";
echo "<td>".$row['Fabriekcode']."</td>";
echo "<td>".$row['Inkoopprijs']."</td>";
echo "<td>".$row['Verkoopprijs']."</td>";
echo "<td><form action='deleteartikel.php' method='post'>
<input type='submit' name='delete' value='delete'>
</form></td>";
}
} else {
echo "0 results";
}
$conn->close();
?>
</tbody>
</table>
</div>
<!-- Footer navigatie -->
<footer>©ToolsForEver 2017 alle rechten voorbehouden.</footer>
</body>
</html>
deleteartikel.php
<?php
if(isset($_POST['delete'])) {
include('dbconnect.php');
$productcode = $_POST['Productcode'];
$conn->query("DELETE FROM artikel WHERE Productcode = '$productcode'");
header('Location: artikel.php');
}
?>
You never post the product code so the query fails, there is no value sent. You have to add a hidden field to your form:
echo "<form action='deleteartikel.php' method='post'>
<input type='hidden' name='Productcode' value='". $row['Productcode'] ."'>
<input type='submit' name='delete' value='delete'>
</form>";
Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it?
In addition, as Fred pointed out above, a form cannot be the child of a table cell, so you need to refactor your code such that you have a form containing a table for each row.
Error checking in deleteartikel.php would have revealed the issue with the missing value for your query. Without error checking in the script you can find the errors in your web server's error logs.
Related
I have data in my PHPMYADMIN in a few columns and rows.
Via PHP I read the Data out of my SQL Table and print it into a table.
The last of my table is a action button. So the whole table is a echo and within the table there's a html form in the last , but only with a submit button (input type="hidden") but the value should be the "id" out of my SQL table.
Here's the problem. How can I get the id of one row into the value of an input field? . $row["id"]. doesn't work. How can I fix this problem?
This is for a Website where the user can vote a table row up and then with the html form it is sending via http post to another page where it overrides the current number in the database with +1
$sql = "SELECT * FROM votingpoll ORDER BY votecount DESC";
$result = $conn->query($sql);
echo "$id";
echo "<table>";
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr>
<td>
<form action='vote.php' method='post'>
<input type='text' name='id' value='$id'>
<input type='submit' value='VOTE'>
</form>
</td>
</tr>";
}
} else {
echo "0 results";
}
Thank you!!!
You can do $row[id] i.e. leave the quotes off when the array reference is used inside a double quoted string.
$sql = "SELECT * FROM votingpoll ORDER BY votecount DESC";
$result = $conn->query($sql);
// remove this it does not appear to do anything useful here
//echo "$id";
echo "<table>";
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr>
<td>
<form action='vote.php' method='post'>
<input type='text' name='id' value='$row[id]'>
<input type='submit' value='VOTE'>
</form>
</td>
</tr>";
}
} else {
echo "0 results";
}
Or if you prefer you could use
<input type='text' name='id' value='{$row['id']}'>
It looks like you aren't setting $id anywhere. Try setting it from the results like $id = $row["id"];
Full example:
while($row = $result->fetch_assoc()) {
$id = $row["id"];
echo "<tr>
<td>
<form action='vote.php' method='post'>
<input type='text' name='id' value='$id'>
<input type='submit' value='VOTE'>
</form>
</td>
</tr>";
}
I have this delete function in my system but first I need the server needs to know which table he has to delete that is why I am sending a data when the user click the delete button into the server which is the ID of the data I want to delete..first I need to try and get that data being sent by the form but the problem is sending data is not working in my part I tried to echo out the ID just to see if I have a result but it works fine but when I send it to the server it doesn't print anything.. Here is my code where I fetch the scheduleID and the form
if ($strand<>""){
$query1 = mysqli_query($conn,"SELECT * from schedule natural join instructor where day = 'm' and schedule.strand= '$strand' and timeID ='$id' and grade = '$grade' and semester = '$semester'");
}
$row1 = mysqli_fetch_array($query1);
$schedID = $row['scheduleID'];
$id = $row1 ['scheduleID'];
$count=mysqli_num_rows($query1);
if ($count==0)//checking
{
//echo "<td></td>";
}
else
{
//print
echo "<div class='show'>";
echo "<ul>
<li class='options' style='display:inline'>
<span style='float:left;'><a href='sched_edit.php?id=$id1' class='edit' title='Edit'>Edit</a></span>
<span class='action'><a href='#' id='$id1' class='delete' title='Delete'>Remove</a></span>
</li>";
echo "<form class = 'delete' method = 'post' action ='../functions/delete.php'>";
echo "<li class='showme'>";
echo " <input type='hidden' name='delete' value='$id'>";
echo "<button type='submit' name='delete' class='btn btn-danger'>Display Schedule</button>";
echo $row1['subject'];
echo "</li>";
echo "<li class='$displayc'>$row1[strand]";
echo "<li class='$displaym'>$row1[fname], $row1[lname]</li>";
echo "<li class='$displayr'>Room $row1[room]</li>";
echo "</form>";
echo "</ul>";
echo "</div>";
}
?>
</td>
I tried the hidden attribute in some of my forms and it work there but I don't know why it won't in this form, the $id is working also I tried echoing that inside in this page but the data sent is not printing in the server, here's my server
<?php
session_start();
include 'database.php';
if (isset($_POST['delete'])){
$ID = $_POST['delete'];
}
thanks in advance
The problem here is that you have 2 form elements using the same name attribute, so PHP is only keeping the last value, which is not defined.
See both the <input> and the <button> have the same name! The button is last and has no value; that is what is being used by PHP.
<input type='hidden' name='delete' value='$id'>
<button type='submit' name='delete' class='btn btn-danger'>Display Schedule</button>
So you can just remove the name from the button or change it to something other than delete :-)
I want to show all of the data from my MySQL database to this PHP file. However, when I run the code, all of the data shows up, but the first data from the database is not showing up. I wonder is there any mistake in the code?
<?php
session_start();
include "db.php";
echo'<table class="table table-bordered" >';
echo"<tr>";
echo"<td>No.</td>";
echo"<td>Nama Masakan</td>";
echo"<td>Jumlah</td>";
echo"<td>Keterangan</td>";
echo"<td></td>";
echo"<td></td>";
echo"<td></td>";
echo"</tr>";
$query= mysql_query("SELECT * FROM `".$_SESSION["tabel"]."`");
if($row=mysql_fetch_row($query)>0){
$i=1;
while($row = mysql_fetch_array($query))
{
echo"<tr>";
echo"<td>";
echo $i;
echo"</td>";
echo"<td>{$row['nama_masakan']}</td>";
echo"<td><input type='text' name='jumlah[]' id='jumlah$i' disabled='true' value='{$row['jumlah']}'/> </td>";
echo"<td><input type='text' name='keterangan[]' id='keterangan$i' disabled='true' value='{$row['keterangan']}'/></td>";
echo"<td><button type='button' name='edit' id='edit$i' onClick='edit($i)'>Edit</button></td>";
echo"<td><button type='button' name='save' id='save$i' disabled='true' onClick='save($i)'>Save</button></td>";
echo"<td><button type='button' name='delete' id='del$i' onClick='del($i)'>Del</button></td>";
echo"</tr>";
$i++;
}
} else{
echo "Tidak ada Pesanan Makanan";
}
echo"</Table>";
?>
</div>
Obligatory chastisement: don't use the mysql API. It's deprecated and lacks numerous crucial features. Now on to my answer...
Each time you call mysql_fetch_* it retrieves the next row from the result. You call mysql_fetch_row once in your if (which fetches the first row) then again in your while (which fetches the second row) before you do anything with the row you've fetched.
In your if, instead of fetch you should be checking mysql_num_rows to determine whether you have any data:
if (mysql_num_rows($query) > 0)
{
$i=1;
while($row = mysql_fetch_array($query))
{
Once you have that change working, you would be well-served to read up on the mysqli API and begin converting your code.
I've created a simple query of retrieving records from my database and passing it to a html. I want to add an edit/view button for each row so after some research, I ended up with this:
$query = mysqli_query($con, "SELECT * FROM mytable") or die(mysqli_error($con));
if(mysqli_num_rows($query) > 0) {
while($row = mysqli_fetch_array($query)) {
echo "<tr><td>".$row['pId']."</td>";
echo "<td>".$row['data1']."</td>";
echo "<td>".$row['data2']."</td>";
echo "<td><form action='detailform.php' method='POST'><input type='hidden' name='tempId' value='".$row["pId"]."'/><input type='submit' name='submit-btn' value='View/Update Details' /><form></td>";
}
}
This works fine for 1 record. But if I have 2 or more, the latest record is always retrieved regardless of which record you selected. For example, if you have 5 records and you select any record, the 5th record will always be selected so I am unable to update the previous records. Why is this is happening? Am I missing something?
Not sure if this helps my case but here's my the basic logic of my detailform.php:
if(isset($_POST["tempId"]){
//pass data using post then update. Here's where I keep getting only the latest record regardless of selected record from previous page
} else { //add data }
Close the form:
echo "<td><form action='detailform.php' method='POST'><input type='hidden' name='tempId' value='".$row["pId"]."'/><input type='submit' name='submit-btn' value='View/Update Details' /></form></td></tr>";
The first one is sent correctly because it is the closest to the submit button, the rest will be closer to the last submit button
try this
while($row = mysql_fetch_assoc($query)) {
echo "<tr><td>".$row['pId']."</td>";
echo "<td>".$row['data1']."</td>";
echo "<td>".$row['data2']."</td>";
echo "<td><form action='detailform.php' method='POST'><input type='hidden' name='tempId' value='".$row["pId"]."'/><input type='submit' name='submit-btn' value='View/Update Details' /></form></td></tr>";
}
PHP problem here, I've made a login/logout kind code, with a insert and delete function that stand by login and logout.
So the problem is that after I insert the the text I simply cannot delete it, cause the delete button is like a simple
turn back botton, and doesn't make his work, nothing
in the if(isset($_POST['delete'])) condition seems to work.
May the problem be that I'm using two void action
that refer to the same page? cause the first button
work and the second not.
Anyone can understand why?
<html>
<header></header>
<body>
<!-- START PHP -->
<?php
//If not submit i put the submit form
if(!isset($_POST['send'])){
echo "<form name='send' action='' method='POST'>
<input type='text' name='text' value=''/>
<input type='submit' name='send' value='send' />
</form>";
}<!-- IF END -->
//If submit was set I insert $text into the db and I render
//the delete button
else {
$conn= mysql_connect('localhost','root','');
mysql_select_db('db_try',$conn ) or die(mysql_error());
$dato=$_POST['dato'];
mysql_query(" INSERT INTO test (value) VALUES ('$text') ") or die(mysql_error());
echo "Operation complete";
//Now i render the delete submit button...
echo "<form name='delete' action='' method='POST'>
<input type='submit' name='delete' value='delete' />
</form>";
//...and if i push it NOTHING, like it's only
//a return to the first form button
if(isset($_POST['delete'])){
mysql_query(" DELETE FROM test WHERE value='$text' ") or die(mysql_error());
echo "<br>Text'".$text."' deleted";
}
}<!-- ELSE END-->
?><!-- END PHP -->
</body>
</html>
There is a logic problem with your code. When the delete button is clicked, the script runs again. The first condition you have - if(!isset($_POST['send'])) will now pass, since the send button is no longer set, and so it goes into the if statement and never runs your delete code.
Your script also appears to be vulnerable to SQL injection.
Here is the right way to do this, it is a quick tip, you need to work a little more on mysql insert security etc.
<html>
<header>
<body>
<?php
$conn= mysql_connect('localhost','root','');
mysql_select_db('db_try',$conn ) or die(mysql_error());
if(isset($_POST['send'])){
$text = $_REQUEST['text'];
mysql_query(" INSERT INTO test (value) VALUES ('$text') ") or die(mysql_error());
$answer = "Operation complete";
$form = "<form name='delete' action='' method='POST'>
<input type='submit' name='delete' value='delete' />
</form>";
}
else if(isset($_POST['delete'])){
mysql_query(" DELETE FROM test WHERE value='$text' ") or die(mysql_error());
$answer = "Text'".$text."' deleted";
}
else {
$form = "<form name='send' action='' method='POST'>
<input type='text' name='text' value=''/>
<input type='submit' name='send' value='send' />
</form>";
}
print "<h1>" . $answer . "</h1>";
print $form;
?>
</body>
</header>
</html>
I think it may also work...
if (!isset($_POST['submit']) || isa($_POST['submit'] != 'login'))