No error message in this code but it doesn't delete the fields

StackOverflow https://stackoverflow.com/questions/23359424

  •  11-07-2023
  •  | 
  •  

Question

In this code I don't have any error messages but it doesn't delete the data. By the way the database has many records and the names of all the fields are correct. 

<?php

if ($connect = mysqli_connect('localhost', 'root', 'adminpass', 'flip'))
    {
    $id = $_GET['id'];
    $sql = "SELECT * FROM threads ORDER BY id DESC";
    $query = mysqli_query($connect, $sql);
    $num = mysqli_num_rows($query);
    }

?>

    <form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST" >

    <table border="1" width="400" cellpadding="0" cellspacing="0">
    <tr>
    <td>#</td>
    <td>id</td>
    <td>subject</td>
    </tr>

    <?php

while ($row = mysqli_fetch_array($query))
    {
?>

    <tr>
    <td> <input type="checkbox" name="checkbox[]" value="<?php echo $row['id'] ?>"></td>
    <td><?php echo $row['id'] ?></td>
    <td><?php echo $row['topic'] ?></td>
    </tr>   

<?php
    }
?>
    <input type="submit" name="delete" value="delete" >

<?php

if (isset($delete))
    {
    for ($i = 0; $i < $num; $i++)
        {
        $del_id = $checkbox[$i];
        $sql2 = "DELETE FROM threads WHERE id='$del_id'";
        $query2 = mysqli_query($connect, $sql2);
        }

    if ($query2)
        {
        echo "<meta http-equiv=\"refresh\" content=\"0;URL=delete.php\">";
        }
    }

mysqli_close($connect);
?>
</table>

</form>

What is the problem with it?

Was it helpful?

Solution

You can try this:

<?php

/* ESTABLISH CONNECTION */

$connect=mysqli_connect("localhost","root","adminpass","flip");

if(mysqli_connect_errno()){

echo "Error".mysqli_connect_error();
}

if(isset($_POST['delete'])){ /* IF DELETE IS CLICKED */

$checkbox=$_POST['checkbox'];
$hiddencounter=mysqli_real_escape_string($connect,$_POST['hiddencounter']); /* PREVENT A BIT OF SQL INJECTION */

for($i=0;$i<$hiddencounter;$i++){ /* FOR LOOP BASED ON THE NUMROWS BELOW */

   if(!empty($checkbox[$i])){ /* IF THE CHECKBOX IS TICKED */
        $del_id=mysqli_real_escape_string($connect,$checkbox[$i]);  /* PREVENT A BIT OF SQL INJECTION */
        $sql2="DELETE FROM threads WHERE id='$del_id'";
        $query2=mysqli_query($connect,$sql2); /* IMPLEMENT THE DELETE QUERY */

   }

} /* END OF FOR LOOP */

echo "<meta http-equiv=\"refresh\" content=\"0;URL=delete.php\">";

} /* END OF ISSET DELETE */

?>

<form action="" method="POST" > <?php /* YOU CAN LEAVE THE ACTION BLANK, TO SUBMIT THE FORM ON THE PAGE ITSELF */ ?>

<table border="1" width="400" cellpadding="0" cellspacing="0">
<tr>
<td>#</td>
<td>id</td>
<td>subject</td>
</tr>

<?

$sql="SELECT * FROM threads ORDER BY id DESC";
$query=mysqli_query($connect,$sql);
$num=mysqli_num_rows($query);

/* SUBMIT THE NUMBER OF ROWS QUERIED THROUGH HIDDEN INPUT */
echo "<input type='hidden' name='hiddencounter' value='$num'>";

while($row=mysqli_fetch_array($query)){ /* FETCH DATA */

?>

<tr>
<td><input type="checkbox" name="checkbox[]" value="<?php echo $row['id'] ?>"></td>
<td><?php echo $row['id'] ?></td>
<td><?php echo $row['topic'] ?></td>

</tr>   

<?
} /* END OF WHILE LOOP $QUERY */
?>

<input type="submit" name="delete" value="delete" >

<?php

mysqli_close($connect);

?>
</table>

</form>

Explanation why your code did not work:

  • Your isset($delete): where does $delete variable came from?
  • Your for loop doesn't determine if the checkboxes submitted has values or not.
  • Your <meta> redirect. It redirects to delete.php after the for loop, so that is the reason you don't see any errors. But I'm pretty sure you would see some errors if you remove the <meta> redirect.
  • Even if the delete is working, you wouldn't see the result right after because the delete query is after your fetching of data.

OTHER TIPS

You have an error in your Variable:

if (isset($delete))

Should be:

   if (isset($_POST['$delete']))

I don't see where $delete variable is ever set in your code. At the moment $delete is not set, therefor if(isset($delete)) is false.

To me it would appear you are trying to use Registered Globals. Or you just forgot to set $delete to one of your $_GET[] or $_POST[] variables.

"Warning This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0."

PHP manual - Security Globals

Predefined Variables

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top