php: delete record when button is clicked

Question

I'm a vba developer so I'm getting very confused on how to parse a record ID to isset(). I've looked at various posts here and have tried numerous things but the record will not delete. The page refreshes. The isset must be failing. I tried giving name & value but the combinations I used just did not work.

<?php
session_start();
$user_mail = $_SESSION['username'];
if ($user_mail) {
    include 'database/db.php';
    if(isset($_GET['delete_id'])) {
       $sql_query="DELETE FROM `job_request` WHERE job_request.job_id=".$_GET['delete_id']." AND job_request.Email='$user_mail'";
       mysql_query($sql_query);
       header("Location: applied_jobs.php");
     }
?> etc ...

It is used in this manner:

<?php
$result = mysql_query("SELECT * FROM `jobs` INNER JOIN job_request ON job_request.job_id=jobs.ReqID where job_request.Email='$user_mail' ORDER BY job_request.Applied_Date DESC");
$n = mysql_num_rows($result);
if ($n > 0) {
while ($row = mysql_fetch_array($result)) {
?>
<div id="lb" class="col-md-12" >
<h4 style="color:black;"><?php echo $row['Job_Title'] ?>
<a href="applied_jobs.php?delete_id=<?php echo $row['job_id']; ?>" onclick="return confirm('Delete this record?');" data-placement="top" data-toggle="tooltip" title="Delete Record">
<button class="btn-danger btn-md pull-right" data-title="Delete"> <span class="glyphicon glyphicon-trash"></span></button></a>
</h4>

Thanks In Advance for any insight on setting the job_id variable to delete the record

You are vulnerable to [sql injection attacks](http://bobby-tables.com), and are simply assuming the query will always succeed. At bare minimum, you should have something like `$result = mysql_query(...) or die(mysql_error())` to TELL you if/when something blew up. You also do **NOT** want to put a delete query on a regular URL: you risk having ALL of those records deleted: http://thedailywtf.com/articles/The_Spider_of_Doom — Marc B, Jun 07 '16 at 20:13
At least use `(int)$_GET['delete_id']` to avoid some of your inumerous problems. — Felippe Duarte, Jun 07 '16 at 20:14
Yes, I will add the error handling to the code. I'll lookup the links you posted — PlumpyMa, Jun 07 '16 at 20:18
Please see why you shouldn't use mysql_ functions in php: http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php/12860046?s=7|2.6348#12860046 — Tony Chiboucas, Jun 07 '16 at 20:29
Please use phpPDO! It will probably only take you a couple hours to figure out, and it will save you many hours of headaches: http://www.dreamincode.net/forums/topic/214733-introduction-to-pdo/ — Tony Chiboucas, Jun 07 '16 at 20:34

Tom · Answer 1 · 2016-06-07T20:25:40.210

you can change

mysql_query($sql_query);

to

mysql_query($sql_query) or die(mysql_error());

to get any errors with the query from mysql.

maybe the value is not passed: change:

<a href="applied_jobs.php?delete_id=<?php echo $row['job_id']; ?>" onclick="return confirm('Delete this record?');" data-placement="top" data-toggle="tooltip" title="Delete Record">
<button class="btn-danger btn-md pull-right" data-title="Delete"> <span class="glyphicon glyphicon-trash"></span></button></a>

to:

<a href="applied_jobs.php?delete_id=<?php echo $row['job_id']; ?>" onclick="return confirm('Delete this record?');" data-placement="top" data-toggle="tooltip" title="Delete Record" class="btn-danger btn-md pull-right"> <span class="glyphicon glyphicon-trash"></span></a>

Removing the button and applying the class to the a tag

But the value of 'delete_id' is alphanumeric - thx for ur suggestion — PlumpyMa, Jun 07 '16 at 20:22

php: delete record when button is clicked

1 Answers1