Can't delete data from my table

PHP
1

http://localhost/del.php?$id=$row[Id]

this is showing on server side

My code is

<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>



<body>
<br>
<a class="btn btn-info" href="insert.php">Back to Home</a><br><br>
<?php		
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "registrationform";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 
  $sql  = "SELECT * FROM registrationdb";

  $result = $conn->query($sql);

echo "<table  border='1'>
<tr>
<th>Id</th>
<th>Name</th>
<th>Fathername</th>
<th>Mothername</th>
<th>Address</th>
<th>Email</th>
<th>Birthday</th>
<th>Religion</th>
<th>Nationality</th>
<th>Gender</th>
<th>Action</th>
</tr>";
foreach($result as $row)
{
echo "<tr>";
echo "<td>" . $row['Id'] . "</td>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['fathername'] . "</td>";
echo "<td>" . $row['mothername'] . "</td>";
echo "<td>" . $row['address'] . "</td>";
echo "<td>" . $row['email'] . "</td>";
echo "<td>" . $row['birthday'] . "</td>";
echo "<td>" . $row['religion'] . "</td>";
echo "<td>" . $row['nationality'] . "</td>";
echo "<td>" . $row['gender'] . "</td>";

echo "<td>" . '<a class="btn btn-warning" href="del.php?$id=$row[Id]">Delete</a>'.   '<a class="btn btn-success"href="update.php">Edit</a>'."</td>";            
echo "</tr>";

}
echo "</table>";

$conn->close();	

?>
</body>
</html>

//deleting data

<?php
include_once('show.php');
$id="";
$name="";
$fathername="";
$mothername="";
$address="";
$birthday="";
$age="";
$email="";
$religion="";
$nationality="";
$gender="";
	

$servername = "localhost";
$username = "root";
$password = "";
$dbname = "registrationform";
 
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 

		// keep track post values

	
// sql to delete a record 
 $sql  = "DELETE  FROM registrationdb WHERE Id='$id'";
if ($conn->query($sql) === TRUE) {
    echo "Record deleted successfully";
} else {
    echo "Error deleting record: " . $conn->error;
}
$conn->close();
?>
2

This won’t help:

//deleting data

<?php
include_once('show.php');
$id="";

You pass the id value in as a query parameter (which is a really insecure way to pass stuff in that directly updates the database) but pretty much the first line of code in the delete script (I assume that’s what it is) clears the value of $id. You then don’t get the value of $id from anywhere else (including the query string parameter that you pass it in via) so there is no value in $id.

To test it, add this line just before the query is built:

$id = $_GET['id'];

and you should see that it works. But remember the security issue - anyone can call your delete script and pass “id=anything” from the browser address bar, so you need some validation, some checks and so on.

Also noticed this code in your link:

echo "<td>" . '<a class="btn btn-warning" href="del.php?$id=$row[Id]">Delete</a>'.   '<a class="btn btn-success"href="update.php">Edit</a>'."</td>";

Your link is badly formed, but I can see what you were trying to do. Drop the $ symbol before the variable name, as URL parameters are all passed through as part of the indexed array called $_GET, not specified individually. It needs to look more like:

href="del.php?id=$row['id']">
3

tnkx.it works.

4

Have a read of this wikipedia article as it’s something that you need to always keep in mind when dealing with data that has been submitted by a user:

5

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.