Dynamically delete MySQL data using AJAX and JS

Question

Hi I'm trying dynamically remove database entries using JS and AJAX without refreshing whole page. Here is my data.php file:

<?php
require_once('db.php');

if (isset($_GET['list'])) {
   $query = "SELECT * FROM message";
   mysql_query("SET NAMES 'UTF8'");
   $qq=mysql_query($query);
   $i = 1;
   echo '<div id="rezult">';

while($ff = mysql_fetch_array($qq)){
echo '<div id="id'.$ff['id'].'">'.$i++.'. Name: '.$ff['name'].' Message:'.$ff['message'].'</div>';
}
echo '</div>';
}
?>

With this code I'm retrieving a data from mysql table:

index.php

  function list() { 
$.get('data.php?list=1', function(o) {
            $('#list').html(o);
            });
}

How to dynamically delete desired entry without refreshing a page? tried to add this code below as a link to the entry, but it getting cut javascript:$.post( like that. <a href="javascript:$.post('delete_post.php', { id: '$ff[id]' } );" class='delete_post' title='delete post'>delete post</a>

Thanks for advices

Answer 1

Be careful!, if someone make a call to your php file data.php?list=ANYNUMBER he will be able to delete any row, be sure you are using security tools to avoid that.If you use ajax and Jquery I think it will be easier.

try something like this:

$.ajax({
  type: "POST",
  url: "list.php",
  data: { list: "1", session_id: session_ID }
}).done(function( msg ) {
  alert( "Data deleted: " + msg );
});

where session_id is the value of the field (in your example is 1), session_id is when someone go to your page you assign him a SESSION_ID, after he click the delete button, you compare if the session ID that you assign is equal to the the session_id from the server (you avoid people from another site to call your list.php). If session_id from the ajax is equal to session session_id on the server allow to delete take a look to this: PHP Session Security