I've recently made a PHP, that should; if click a link delete a certain row within one of my MYSQL tables.
The script below has everything but the link [href=delete_ac.php?id etc...] leads to the page but when the page activates it echo ERROR instead of deleting the row.
<h1>Members</h1>
<table>
<tr>
<th>ID</th>
<th>Username</th>
<th>E-Mail Address</th>
<th></th>
</tr>
<?php foreach($rows as $row): ?>
<tr>
<td><?php echo $row['id']; ?></td>
<td><?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($row['email'], ENT_QUOTES, 'UTF-8'); ?></td>
<td>delete</td>
</tr>
<?php endforeach; ?>
</table>
delete_ac.php
The script below is what should delete it but it isn't
<?php
require("../php/bp-connectionAdmin.php");
$id=$_GET['id'];
$query = "DELETE FROM `users` WHERE `id` = $id";
$result = mysql_query($query);
if ($result) {
echo "Successful";
} else {
echo "ERROR";
}
?>
Is the ID numeric only? Would the addition of quote marks around $id not help?
$query = "DELETE FROM `users` WHERE `id`='$id'";
mysql_query($query);
Not sure...but give it a go!
Put on the line after $query = "DELETE ..
An
echo "DELETE FROM `users` WHERE `id` = $id";
die;
Then you will see what goes wrong.
Personally i would remove the ', assuming that the id=integer, and you will have:
$query = "DELETE FROM users WHERE id=$id";
If not, try that echood query directly in your Database window and you will see what is wrong.
Most probably you should change your line into
$id=intval($_GET['id']);
which is also much more secure!
Related
I am working on some code for a php assignment, I get the correct id from the URL, the table displays all the correct records that correspond to that person, my delete button does not however work right, I either delete records in the table pertaining to the person or I get errors.
My PHP Portion above the head
<?php require "config/config.php"; ?>
<?php
if(isset($_GET['upd'])){
$id = $_GET['upd'];
$query = "SELECT * FROM persons WHERE id=$id";
$fire = mysqli_query($con,$query) or die("Can not fetch the data.".mysqli_error($con));
$user = mysqli_fetch_assoc($fire);
}
?>
My delete Portion above the head
<?php
if(isset($_GET['delweight'])){
$weightid = ($_GET['weightid']);
$query = "DELETE FROM personweight WHERE weightid = $weightid";
$fire = mysqli_query($con,$query) or die("Can not delete the data from database.". mysqli_error($con));
if($fire) echo "Data deleted from database";
}
?>
My Table with the delete record
<table class="table table-striped table-dark" id="weightTable">
<thead>
<tr><th>weightid</th><th>Weight</th><th>Date</th><th>Delete</th></tr>
</thead>
<tbody>
<?php
$query = "SELECT * FROM personweight WHERE id=$id";
$fire = mysqli_query($con,$query) or die("can not fetch data from datase ".mysqli_error($con));
if(mysqli_num_rows($fire)>0){
while($user = mysqli_fetch_assoc($fire)){ ?>
</tr>
<td><?php echo $user['weightid'] ?></td>
<td><?php echo $user['weight'] ?></td>
<td><?php echo $user['added'] ?></td>
<td>
Delete
</td>
</tr>
<?php }} ?>
</tbody>
</table>
So I have a table named realtimeusage it contains ID, KWH, UnitValue, AccessTIME I want to fetch usage only for the Current user by his "id" any suggestion for my code
<?php
session_start();
require_once('connect.php');
$_SESSION['id'] = $id;
// For display Current user realtimeusage
$displayquery = "SELECT * ";
$displayquery .= "FROM realtimeusage WHERE `id` = '".$_SESSION['id']."'";
$displayresult = mysqli_query($connection, $displayquery);
if (!$displayresult){
die("database query failed");
}
?>
the table to fetch data:
<table>
<thead>
<tr>
<th> AccountID</th>
<th> KWH</th>
<th>UnitValue</th>
<th>AccessTIME</th>
</tr>
</thead>
<tbody>
<?php
while ($rows= mysqli_fetch_assoc($displayresult)) {
?>
<!--id-->
<td><?php echo $rows["ID"]; ?></td>
<!--User name-->
<td><?php echo $rows["KWH"]; ?></td>
<!--Full name-->
<td><?php echo $rows["UnitValue"]; ?></td>
<!-- Roles-->
<td><?php echo $rows["AccessTIME"]; ?></td>
</tbody>
<?php } ?>
</table>
when I run this code it shows all usage in the table
<?php
session_start();
require_once('connect.php');
$username = $_SESSION['username'];
$roles = $_SESSION['roles'];
// For display realtimeusage
$displayquery = "SELECT * ";
$displayquery .= "FROM realtimeusage";
$displayresult = mysqli_query($connection, $displayquery);
if (!$displayresult){
die("database query failed");
}
?>
From where are you getting the value of id? I guess id is in $_SESSION['id'], if user is logged in, and to use that id you need to change the assignment statement as
$id=$_SESSION['id'];
And use $id in query
$displayquery .= "FROM `realtimeusage` WHERE `id` = '".$id."'";
l have created an application using php,html and mysql. The application can store a user's information such as id, name, bio, and date created into the database and display in html table. The id is an auto increment value which increases with every data entered by the user. The insert part of the application works fine but when l try to delete a record nothing happens. An html form is part of the code which l have intentionally decided not to include. Here is a snapshot of my code:
$records = array();
if(!empty($_POST)) {
if(isset($_POST['firstName'],$_POST['lastName'], $_POST['bio'])){
$firstName = trim($_POST['firstName']);
$lastName = trim($_POST['lastName']);
$bio = trim($_POST['bio']);
if(!empty($firstName) && !empty($lastName) && !empty($bio)) {
$insert = $db->prepare("INSERT INTO people (firstName, lastName,
bio, created) VALUES (?, ?,?, NOW())");
$insert->bind_param('sss', $firstName, $lastName, $bio);
if($insert->execute()){
header('Location: addressbook.php');
die();
}
}
}
}
if($results = $db->query("SELECT * FROM people")){
if($results->num_rows){
while($row = $results->fetch_object()){
$records[] = $row;
}
$results->free();
}
}
?>
<!DOCTYPE html>
<html>
<head></head>
<body>
<div class = "container">
<?php
if(!count($records)){
echo 'No records found';
}
else{
?>
<table class="table">
<thead>
<tr>
<th>ID</th>
<th>First Name</th>
<th>Last Name</th>
<th>Bio</th>
<th>Created</th>
<th>Delete</th>
</tr>
</thead>
<tbody>
<?php
foreach ($records as $r) {
?>
<tr>
<td><?php echo escape($r->id);?></td>
<td><?php echo escape($r->firstName); ?></td>
<td><?php echo escape($r->lastName); ?></td>
<td><?php echo escape($r->bio); ?></td>
<td><?php echo escape($r->created); ?></td>
<td>
<a onclick="return confirm('Do you want to delete the
record')" href="addressbook.php?idd=<?php echo $row['id'] ?>"
class="btn btn-
danger">Delete</a></td>
<?php
}
?>
</tr>
//My guess is the problem is with this code down here for deleting
<?php
if(isset($_POST['idd'])){
$idd = $_POST['idd'];
$results = $db->query("DELETE FROM people WHERE id=$idd");
if($results){
header('Location: addressbook.php');
}
}
?>
</tbody>
</table>
<?php
}
?>
you need to use $_GET because by default href tag sends the data with GET method.
your code should be
if(isset($_GET['idd'])){
$idd = $_GET['idd'];
$results = $db->query("DELETE FROM people WHERE id='$idd'");
if($results){
header('Location: addressbook.php');
}
}
NOTE- use prepared statement for avoiding sql injection attack
`
<?php
//database connectivity
$con=mysqli_connect("localhost","root","");
mysqli_select_db($con,"<db_name>");
$idd = $_REQUEST['idd'];
$sql= "DELETE FROM people WHERE id='$idd' ";
$result = mysqli_query($con,$sql) or die(mysql_error());
header("refresh:0.1; addressbook.php");
?>`
if(isset($_GET['idd'])){
$idd = $_GET['idd'];
$results = $db->query("DELETE FROM people WHERE id='{$idd}'");
Try adding a single quote.
If it still doesn't work, please see if the $_POST is actually posting correctly.
Try $results = $db->query("DELETE * FROM people WHERE id=$idd"); instead of $results = $db->query("DELETE FROM people WHERE id=$idd"); in the delete User Function :)
I'll try to explain the problem straight away. I have one HTML form which takes input just like a comment form and it saves the xyz data into a MySQL database using PHP. Now, what I want is to create and display links for those comments on a page.
I mean the comments which have been saved including the user's email and name, should be opened by clicking a link.
I don't want to display all the details on a single page from the database for all the users. There should be a page on which links are shown, when a user click a link, the full post should be displayed in next page.
There is not something which I know about this process. Please help me out.
// $rows = set of result from your database query
foreach($rows as $row){
echo '<a'
. ' href="my_link_to_display_comment?id='.$row['id'].'">'
. 'Comment from '.$row['user_name']
. '</a>';
}
First a page to display all the links like the below example -
$result = mysql_query("SELECT * FROM calendar WHERE sort_month='11'");
while($row = mysql_fetch_array($result))
{echo
"".$row['event_name'].""
;}
and then in event.php(the next page after clicking link)
$id = $_GET['id'];
$sql = "select * from calendar where id = $id";
$result = mysql_query($sql, $con);
if ($result){
$row = mysql_fetch_row($result);
$title = $row[12];
$content = $row[7];} ?>
<?php echo $title ?>
<?php echo $content ?>
If you want to show details of a single user just do this.
You can make a search box by using a form.
eg. like if I want to display a details of a student, I will search him by using his roll number and run these queries.
<?php //to search student
require_once './secure.inc.php';
$status = 0;
if(isset($_POST['submit'])){
$roll_number = $_POST['roll_number'];
$query = "select * from students where roll_number=$role_number";
require_once '../includes/db.inc.php';
$result = mysql_query($query);
if(mysql_num_rows($result)==1){
$status = 1;
$row = mysql_fetch_assoc($result); //mysql_fetch_array - both numeric and key index
}else{
$status=2;
}
}
?>
//to display
<?php } else if($status==1) { ?>
<table>
<tbody>
<tr>
<td>Roll Number : </td>
<td><?php echo $row['roll_number']; ?></td>
</tr>
<tr>
<td>Name : </td>
<td><?php echo $row['name']; ?></td>
</tr>
<tr>
<td>Gender : </td>
<td><?php echo $row['gender']; ?></td>
</tr>
<tr>
<td>Email : </td>
<td><?php echo $row['email']; ?></td>
</tr>
<tr>
<td>Mobile Number : </td>
<td><?php echo $row['mobile_number']; ?></td>
</tr>
<tr>
<td>Course : </td>
<td><?php echo $row['course']; ?></td>
</tr>
</tbody>
</table>
<?php } ?>
My idea is to click 'Delete' link and it will pass the id to another PHP page (deleteSession.php), and then execute the query in deleteSession.php. but I couldn't seems to get the id from manageSession.php
In manageSession.php,
<table align='center' border='1' cellpadding='5' cellspacing='0'>
<tr>
<th>Session Id</th>
<th>Type</th>
<th>Date & Time</th>
<th>Venue</th>
<th>Pax</th>
<th>Delete</th>
<th>Edit</th>
</tr>
<?php
$sql = "SELECT booking_id, booking_types, dates_sessions, venue_available, room_count FROM bookings_available ORDER BY dates_sessions asc";
$result = mysqli_query($link, $sql) or die(mysqli_error($link));
//mysqli_close($link);
while ($row = mysqli_fetch_array($result)) {
?>
<tr>
<td><?php echo $row['booking_id']; ?></td>
<td><?php echo $row['booking_types']; ?></td>
<td><?php echo $row['dates_sessions']; ?></td>
<td><?php echo $row['venue_available']; ?></td>
<td><?php echo $row['room_count']; ?></td>
<td><input type="button" value="Delete"/></td>
<td><input type="button" value="Edit"/></td>
</tr>
<?php } ?>
</table>
In deleteSession.php,
<?php
include "dbFunctions.php";
include "manageSession.php";
//$sql = "SELECT booking_id, booking_types, dates_sessions, venue_available, room_count FROM bookings_available";
//$result = mysqli_query($link, $sql) or die(mysqli_error($link));
$bookingId = filter_input(INPUT_GET, 'booking_id');
$deleteQuery = "DELETE FROM bookings_available WHERE booking_id = '$bookingId'";
?>
I think in deleteSession.php file code should be as follows.
$bookingId = filter_input(INPUT_GET, 'id');
OR
$bookingId = $_GET['id'];
Because you are passing get parameter as follows.
deleteSession.php?id=
And also keep anchor as follows.
Delete
In the deleteSession.php you can try and replace:
$bookingId = filter_input(INPUT_GET, 'booking_id');
with the below code:
$bookingId = $_REQUEST['id'];
Finally at the last line you have to execute the query which is stored in $deleteQuery variable, which is not executed yet by using below code:
$qry = mysql_query("DELETE FROM bookings_available WHERE booking_id = '$bookingId'");
//will show you error if not able to delete
if(!$qry)
die("Error: ".mysql_error());
Added this at line 3 and it works:
mysqli_select_db($link ,$DB);
Because in the code I have not selected the mysql database and also the query was not executing as the first parameter $link was missing.