2

enter image description here

I am working on cake website where user can add cakes in their cart. Then, their cart summary will be displayed in this page.For now, i could only generate summary of cart from database. I need to allow user to click on desired delete button and be able to delete the respective cart row from database.

Php code

// To display the summary

$pick = "SELECT bname,quantity,price,sum FROM cart WHERE user_id LIKE '$search'";
$result1 = mysqli_query($conn, $pick);
$counting = 1;


if (mysqli_num_rows($result1) > 0) {

echo "<table align='center' class='summarytbl'>";
echo "<tr><th>No</th><th>Book Title</th><th>Price</th><th>Quantity</th><th>Total Price</th><th>Delete Order</th></tr>";

while($row = mysqli_fetch_assoc($result1)) {

echo "<tr><td>".$counting."</td><td>".$row['bname']."</td><td>".$row['price']."</td><td>".$row['quantity']."</td><td>".$row['sum']."</td><td><button type='button' class='delete' name=".$row['bname']." value=".$row['quantity'].">Delete</button></td></tr>";


$counting++;
}
    echo"</table><br/><br/><br/>";

echo "<table align='center' class='new'>";
echo "<tr><td>Total Price</td><td>".$total."</td></tr>";
echo "<tr><td>Discount</td><td>".$discount."</td></tr>";
echo "<tr><td>Postage</td><td>".$postage."</td></tr>";
echo "<tr><td><b>Nett Price</b></td><td><b>".$nett."</b></td></tr>";
echo"</table>";


}

i was hoping to use this statement to get button's value(quantity) and name(cake name) to delete row from table. But, it is not working. Please help.Thank you.

if(isset($_POST['delete']))
{
     $command = "DELETE FROM cart WHERE bname= ".$row['bname']." AND    quantity=".$row['quantity'];
    mysqli_query($conn,$command);


}
Gangaraju
  • 4,406
  • 9
  • 45
  • 77
S.k. Surain
  • 53
  • 10
  • 1
    You should first [fix all those SQL injection vulnerabilities](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). – Mike May 29 '16 at 04:38
  • 1
    Next, I don't see any sort of `user` column in your database. What if you have more than one user? If you delete `WHERE bname='something'` you will delete this for **all** users. Also after you do add a `user` field to that query/table what prevents someone from entering another user's ID and adding or deleting from their cart? – Mike May 29 '16 at 04:41
  • Adding the `quantity` to the query is useless because presumably `bname` and `user_id` (or whatever you want to call it) together are unique. So you should add a [unique index](http://stackoverflow.com/questions/635937/how-do-i-specify-unique-constraint-for-multiple-columns-in-mysql) on both of those. – Mike May 29 '16 at 04:44
  • It looks like you are using AJAX to submit the form. In your HTML on the `` element add an attribute like `data-id="`. Then send this in your request like `$(this).closest("tr").attr("data-id")` and use that to delete the value from the database. – Mike May 29 '16 at 04:48
  • Hi mike, thanks for responding. Good point, i could add user id according to Session i saved. For now, my main concern is not knowing how to acquire data such as cake name and quantity from row which button in pressed. Can you give me a hint on that. Thank you. – S.k. Surain May 29 '16 at 04:49
  • Don't use the name, use the cake id. The cake name can change, the ID shouldn't. – Mike May 29 '16 at 04:56
  • okay i changed it. what is data id? i tried implementing your way, but i am not sure about the syntax. mind checking for me? This is my new table: echo "".$counting."".$row['bname']."".$row['price']."".$row['quantity']."".$row['sum'].""; – S.k. Surain May 29 '16 at 05:08
  • Edit your question and add your new code. – Mike May 29 '16 at 05:09
  • okay, i edit and show you – S.k. Surain May 29 '16 at 05:11
  • OK, looking at your code, that's not going to work. In HTML the `id` attribute cannot start with a number. That's why I said to use `data-id` instead. – Mike May 29 '16 at 05:15

1 Answers1

0

You are doing it all wrong. If you have primary in your cart then use these code otherwise add one in your table. Very basic way to do this. 

    <form action="/delete.php" method="post">
     <input type="hidden" name="cart_id" value=".$row['id'].">
    <button type='submit' class='delete' value="Delete">Delete</button>
</form>

delete.php

  // POST method take the input box value by using its name as an index
if(isset($_POST['cart_id']))
{
     $command = "DELETE FROM cart WHERE id= ".$_POST['cart_id'].";
     mysqli_query($conn,$command);

 //Redirect to cart page after this by using header("location")

}

Others ways to do this.

First by using Ajax request to make your page more dynamic and intuitive . When some click the delete button then get the cart id and pass the data to specific url to perform action on this. Make sure to validate that this cart belongs to currently login user.

Or by adding an anchor link on that delete button with url like /cart/delete/id. After performing the action at this url you can redirect user to cart page. It will load page every time when user delete an item from the cart. So it is not a good way to do this.

Ranjeet Singh
  • 588
  • 5
  • 12