SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Confirming Deletion?

    I am doing an exercise from the book Build Your Own Database Driven Website Using PHP & MySQL.

    In one assignment we are asked to create some kind of confirmation for the deletion of a record. Since the book do not give the solution do anyone have a suggestion?

    On the Author page for instance I see:

    Daniel Lamarche [ Edit ] [ Delete ]

    Clicking the Delete link will confirm the deletion. Is there a way to display a form first asking "Are you sure?" when the user clicks the "Submit" button the deletion would proceed.

    I do not wish to have the complete solution. Just an approach, a hint in the right direction. The author suggest using a multipurpose page for the confirmation and the deletion.

    Thanks for your help.

    D. Lamarche

  2. #2
    SitePoint Evangelist -T-'s Avatar
    Join Date
    Jun 2002
    Posts
    444
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Two ways of doing this, either use javascript to make a messagebox asking if you are sure or not, or when the delete function is called make a form that asks you if you are sure ^^
    chrome is a wrapper that combines a browser with spyware

  3. #3
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok -T- now that is a ... little bit of help. Thanks. Let's see now.

    Would something like this work?

    At the top of my page I would have something like:

    <?php if (isset($_POST['submitted'])):
    ...
    Here is the code to delete the record.
    ...

    ?>

    <XHTML link to return to the previous page>

    <?php else: ?>
    <form> asking to confirm using <label> only I suppose.
    <input type="submit" value="Submit" />
    <input type="hidden" name="submitted" value="TRUE" />
    </form>

    <?php endif; ?>

    <end of XHTML>

    Would that make sense? I am not sure and I know nothing of Javascript.

    D. Lamarche

  4. #4
    SitePoint Evangelist -T-'s Avatar
    Join Date
    Jun 2002
    Posts
    444
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yupp that works ^^

    or you could shorten it down a little like this

    PHP Code:
    <?php
     
    if($_POST) {
      
    // delete code goes here

     
    } else {
      
      echo 
    "<form action=\"\" method=\"POST\">";
        echo 
    "Are you sure you want to delete name? <input type=\"submit\" name=\"confirm\" value=\"confirm\" />";
      echo 
    "</form>";
     
     }
    ?>
    chrome is a wrapper that combines a browser with spyware

  5. #5
    SitePoint Enthusiast jagat_21's Avatar
    Join Date
    Jun 2007
    Location
    Ahmedabad,India
    Posts
    55
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Confirming Deletion

    For asking user confirmation while deleting record u can call following Javascript :

    function confirmdelete(id)
    {
    var deletestatus = confirm('Are you sure you want to delete ? ');
    if(deletestatus == true)
    {
    document.frmname.formvar.value=id;
    document.frmname.submit();
    }
    }

    And the above function can be called as below in html or php page :

    <a href="#" onClick="confirmdelete(<?=$rec['id']?>);">Delete</a>


  6. #6
    SitePoint Member
    Join Date
    Jun 2007
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you very much -T- it works well. Also thanks to jagat_21. One day I will try this.

    One last thing -T- I would like to specify the name of the author in the delete message. So I thought I would pass the name of the Author as an additional parameter after the ?id=$id but there seem to be a problem sending it. If I want to specify more than one parameter after the ? do I use a comma or another ? I tried a few things but it does not work when I use the $_GET['authorname'] in the other form.

    Presently I use:

    echo "<a href='deleteauthor.php?id=$id'>[Delete]</a>"

    So how can I add the author name stored in $authorname after the ?id=$id so that the next form can display Are you sure to want to delete Daniel Lamarche from your database?

    Thank you soo much for your time.

    D. Lamarche

  7. #7
    SitePoint Evangelist -T-'s Avatar
    Join Date
    Jun 2002
    Posts
    444
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Personally I would just use the id and do a database call to get the author name. It's generally a bad idea to display input from url/forms on your website as it opens up for XSS exploits.

    Of course you have to check the id if it has been tampered with. Easiest way of doing that is to check if it's an integer (if your ID is integer that is)

    to check if it's integer do this:
    PHP Code:
    if ( ctype_digit$_GET['id'] ) === false ) {

      
    // we have an error, tell the user and stop the script


    chrome is a wrapper that combines a browser with spyware


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •