0

i want to delete a row of data for example userid number 4 when i click on the delete button but nothing happen.It just pop out "Are you sure you want to delete '4undefine" Can someone help?

index.php

<?php
  $connection = mysqli_connect("localhost","root","","userdatabase");
  mysqli_select_db($connection, "userdatabase");
  $sql_query="SELECT * FROM user";
  $result_set=mysqli_query($connection,$sql_query);
  if(isset($_GET['delete_id']))
  {
    $sql_query="DELETE FROM user WHERE userid=".$_GET['delete_id'];
    mysqli_query($sql_query);
    header("Location: $_SERVER[PHP_SELF]");
  }
?>

This is the confirmation

<script type="text/javascript">
function delete_id(userid,username,password,email,workplace,role)
{
  if(confirm("Are you sure you want to delete '" +userid+username))
  {
    window.location.href='adminhome.php?delete_id='+userid;
  }
}
</script>




<?php
 if(mysqli_num_rows($result_set)>0)
 {
    while($row=mysqli_fetch_row($result_set))
    {
        $userid = $row[0];
        $username = $row[1];
        $password = $row[2];
        $email = $row[3];
        $workplace = $row[4];
        $role = $row[5];
        ?>
        <tr>
        <td><?php echo $userid; ?></td>
        <td><?php echo $username; ?></td>
        <td><?php echo $password; ?></td>
        <td><?php echo $email; ?></td>
        <td><?php echo $workplace; ?></td>
        <td><?php echo $role; ?></td>

        <td align="center"><a href="javascript:delete_id(<?php echo $row[0]; ?>)"><img src="RemoveUser.png" alt="Delete" /></a></td>
        </tr>
        <?php
    }
  }
wogsland
  • 9,106
  • 19
  • 57
  • 93
Tris
  • 13
  • 3
  • 1
    Look at this very closely `mysqli_query($sql_query);` what's different from your other query? *Teach a person HOW to fish*, I always say. One thing wrong with it. So once you fix that JS, that query won't delete without one important bit. – Funk Forty Niner Nov 27 '15 at 18:10
  • where you are passing another paramerters username,password,email,workplace,role? It's javascript problem use browser inspector to solve it. – siddhesh Nov 27 '15 at 18:10
  • for username so it is get as 4 undefined – siddhesh Nov 27 '15 at 18:11

1 Answers1

0

So your first problem is that you've defined your function like this:

function delete_id(userid,username,password,email,workplace,role)

But are calling it like this:

delete_id(<?php echo $row[0]; ?>)

Is it any wonder that username is undefined? Then your syntax is incorrect on your call to mysqli_query(), as pointed out in the comments above. It takes two parameters in the procedural style you're using.

Next thing you need to worry about is what would happen if someone went to http://your.site/adminhome.php?delete_id=4%20or%201=1. I suggest you learn about preventing SQL injections ASAP.

Community
  • 1
  • 1
miken32
  • 42,008
  • 16
  • 111
  • 154
  • after i changed to $sql_query=mysqli_query($connection,"DELETE FROM user WHERE userid=".$_GET['delete_id']); it works! i do really appreciate all the comments and suggestion above! – Tris Nov 28 '15 at 00:48