How to display and delete data from database?

Question

I'm new at PHP and try to display the data from database and also delete it

this for view the data

<?php
require_once 'config.php';
$que="SELECT `Fname`, `Lname` FROM `students`";
$myRun=  mysql_query($que);
$numOfRows=mysql_num_rows($myRun);
if ($numOfRows> 0) {

    while($row = mysql_fetch_array($myRun)) {
        echo "First Name: " . $row['Fname']. "  -  Last Name: " . $row['Lname'];
        echo '  <a href="update.php?id="/>Edit</a>
            <a href="delete.php?id="/>Delete</a><br/>';
    }
} else {
    echo "There isn't data to be viewed";
  }
?>

this part for deleting , but i don't know how to get the ID

<?php
require_once 'config.php';
if(isset($_GET['ID'])){
    $id=$_GET['ID'];
    $sql="DELETE FROM `students` WHERE `ID`=$id";
    $myquery=  mysql_query($sql);
    if($myquery){
        echo 'The Student #'.$id.'has beed deledted!';
    }
}
?>

what i've to do for getting the id and can delete it ?

In other words, change `$_GET['ID']` to `$_GET['id']` they are case-sensitive. — Funk Forty Niner, Nov 18 '14 at 18:52
Using error reporting to the top of your file(s) right after your opening ` — Funk Forty Niner, Nov 18 '14 at 18:53
[id] i sent it to delete page , to be able to delete the row of this id — Haredy, Nov 18 '14 at 18:53
On a side note, you will want, at the very least, to check that your `$_GET['ID']` (or `$_GET['id']`, which ever is correct) is not only set, but that it's also a numeric (`is_numeric()`) or you will have a whole host of other potential problems. — Rasclatt, Nov 18 '14 at 18:54
Please, [don't use `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php), They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://us1.php.net/pdo) or [MySQLi](http://us1.php.net/mysqli). You will also want to [Prevent SQL Injection!](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Jay Blanchard, Nov 18 '14 at 18:54

score 0 · Answer 1 · answered Nov 18 '14 at 18:52

0

'id' != 'ID' Try

if(isset($_GET['id'])){
    $id = (int) $_GET['id'];
    if ($id > 0)
        $myquery=  mysql_query($sql);
}

answered Nov 18 '14 at 18:52

Ushakov Stanislav

24
3

when i use it , i got this message "The Student #0 has beed deledted!" however there isn't any data its ID=0 – Haredy Nov 18 '14 at 18:59

Dale · Accepted Answer · 2014-11-18T19:04:30.097

First issue I see is you didn't query the Id from the database. Change your first query to:

$que="SELECT `ID`, `Fname`, `Lname` FROM `students`";

If the students table has no id, alter the table to give it one, and probably make it primary key and auto-incrementing.

Then change your delete link to this:

<a href="delete.php?ID=<?php echo $row['ID'];?>">Delete</a>

Then Change your comment to this:

echo 'The Student #'.$_GET['ID'].'has been deleted!';

You may wish instead of commenting with an id, to pass in the first and last name too, and say the student "Bob Smith" has been deleted. To do that you would change your delete link to the following

<a href="delete.php?ID=<?php echo $row['ID'];?>&Fname=<?php echo $row['Fname'];?>&Lname=<?php echo $_GET['Lname'];?>">Delete</a>

Now you will have the first and last name as GET variables with the same name as their database equivalents, allowing you to do this:

echo 'The Student #'.$_GET['ID'].' ('.$_GET['Fname'].' '.$_GET['Lname'].') has been deleted!';

Lastly, as mentioned in a comment above, you will want to clean the ID before you delete it, so as to avoid sql injection.

Your delete line should be:

$sql="DELETE FROM `students` WHERE `ID`=".(int)$_GET['ID'];

You could also avoid passing the student name in through the URL by querying it from the database given the $_GET['ID'] that you passed in, which would maybe be a bit cleaner, but would have the additional overhead of a database query. — Dale, Nov 18 '14 at 18:59

score 0 · Answer 3 · answered Nov 18 '14 at 18:59

Probably this help, take in mind if your showing links they must have the id:

$que="SELECT `ID`, `Fname`, `Lname` FROM `students`";
//more code...

  while($row = mysql_fetch_array($myRun)) {
      echo "First Name: " . $row['Fname']. "  -  Last Name: " . $row['Lname'];
      echo '  <a href="update.php?id="'.$row['ID'].'>Edit</a>
        <a href="delete.php?id="'.$row['ID'].'>Delete</a><br/>';
  }

From comments (@Rasclatt):

if(isset($_GET['id']) && is_numeric($_GET['id'])){
    $id=$_GET['id'];

Then you can change to PDO or mysqli (PDO as suggestion)

score 0 · Answer 4 · edited Nov 18 '14 at 19:17

You need to pass the ID parameter to your script in the URL. That is what the $_GET['ID'] part is looking for.

So your URL would be something like http://website.com/delete_student.php?ID=5

Then your $id variable will be set correctly and your query should work.

You could also use $_POST['ID'] if the ID value is coming from a form.

You should also consider using the mysql_real_escape_string function to make your code more secure http://php.net/manual/en/function.mysql-real-escape-string.php

How to display and delete data from database?

4 Answers4