How to delete row in MySQL table whereby PHP HTML form

deotpit · August 25, 2016, 10:26am

Hi Everyone,
MySQL table nemed “test” is onsisted of 2 fields as shown at the screenshot hereby:

The above table contains 4 rows as shown at thescreenshot above.

My php code uploads a table that browses the above table’s rows. At the end of each row in the PHP page there is
a “submit button” to delete the current row as it shows on the following screenshot:

As you can see at the above screenshot, when I tap the “Delete” button I get an error that says that the delete
query is missing the “where” “counter” key.
I try to set the current row’s “counter” value but i’m afraid I dont know how to do so…
Here is the code:

<?php // to_forum.php
$MyHOST = 'localhost';
$MyUSER = 'user';
$MyPASS = 'pass';
$MyDB = 'test';
$MyCONNECTION = NEW MYSQLI($MyHOST,$MyUSER,$MyPASS,$MyDB);
IF(!$MyCONNECTION)
DIE('Gevald' .MYSQLI_CONNECT_ERROR());
MYSQLI_SET_CHARSET($MyCONNECTION,'UTF8');

if (isset($_POST['delete']) && isset($_POST['MyCOUNTER']))
{
	$MyCOUNT = get_post($MyCONNECTION, 'MyCOUNTER');
	$MyQUE = "DELETE FROM test WHERE counter = '$MyCOUNT'";
	
	$MyRESULT = $MyCONNECTION->query($MyQUE);
	if ($MyRESULT) echo "DELETE failed: $MyQUE <br>" . $MyCONNECTION->error . "<br><br>";
}

echo <<<_END
<form action="to_forum1.php" method="post">
Id <input type="number" name="MyID">
<input type="submit" value="ADD ID">
</form>
_END;

$MyQUE = "SELECT  counter, id FROM test ";

$MyRESULT = $MyCONNECTION->query($MyQUE);
if (!$MyRESULT) die ("Database access failed: " . $MyCONNECTION->error);
$numOfRows = $MyRESULT->num_rows;

echo <<<_END
<style>
table, th, td {border-collapse: collapse;}
th {background-color: #f1f1c1;border: 1px solid black;}
td {border: 1px solid black;}
</style>
<table style="width:100%; border: 1px solid black;">
<caption>IDs</caption>
  <tr>
    <th>COUNTER</th>
	<th>ID</th>
	<th>action</th>
  </tr>
_END;
for ($j = 0 ; $j < $numOfRows ; $j++)
{
$MyRESULT->data_seek($j);
$row = $MyRESULT->fetch_array(MYSQLI_NUM);
echo <<<_END
  <tr>
    <td>$row[0]</td> 
	<td>$row[1]</td> 
	<td><form action="to_forum1.php" method="post">
  <input type="hidden" name="delete" value="yes">
  <input type="hidden" name="MyCOUNTER">
  <input type="submit" value="Delete"></form>
  </td> 
  </tr>
_END;
}
echo "</table>";
$MyRESULT->close();
$MyCONNECTION->close();

function get_post($conn, $var)
{
return $conn->real_escape_string($_POST[$var]);
}
?>

Could anyone show me please how to set the current row’s counter value to the “Delete” query?
Thanks a lot !

SamA74 · August 25, 2016, 10:33am

The input named “MyCounter” has no value set.

<input type="hidden" name="MyCOUNTER">

You need to insert the relevant value to the input, eg:-

<input type="hidden" name="MyCOUNTER" value="$row['counter']">

deotpit · August 25, 2016, 11:05am

So I did and it worked !
Thanks a lot Sama74 !!

ahundiak · August 25, 2016, 12:21pm

Glad it is working.

Now before moving on, please divert for a bit and change your code to use prepared statements: http://php.net/manual/en/mysqli.prepare.php

It is not difficult and will help protect your code from sql injections. The quicker you learn how to use prepared statements the better off you will be.

deotpit · August 25, 2016, 5:09pm

Hi ahundiak,
Thanks for your advice and the link added.
I read the article to find out that where i stand right now with PHP is not a stable basis to advance to “prepared statements”. I keep your notification as well as others and once I feel I can handle it I’ll read it again and try to implement it.
Thanks a lot !

felgall · August 25, 2016, 10:48pm

that makes switching to prepare statements even more urgent than if your PHP were written properly

system · November 25, 2016, 5:48am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.