How to delete a row in php?

Question

I made from in php. When I select a class, for example I select the class9, it shows me the table of class9. I also have inserted a row in the table containing the delete button to delete the corresponding row. Now I want to delete a row buy clicking the button which is in the row. how can I do that?
First I choose a class from this option as in the image below ;The image from which we select the class
And then the corresponding table is going to be shown.
This is the image. When I click on the button, the corresponding row should be deleted.

<?php
include "connection.php";
?>

<!doctype html>
<html>
<head>
<title>KDR</title>
</head>

<body>


    <table border="2px" width="50%" height="auto">
    <tr>
        <th>No</th>
        <th>Name</th>
        <th>F/Name</th>
        <th>Age</th>
        <th>Delete</th>
    </tr>
    <?php
    $table = $_POST['formCountry'];
    $sql = "SELECT * FROM $table";
    $result = $conn->query($sql);
    while($row = $result->fetch_assoc())
    {
        echo "<tr>";
        echo "<td>" . $row['id'] . "</td>";
        echo "<td>" . $row['name'] . "</td>";
        echo "<td>" . $row['fname'] . "</td>";
        echo "<td>" . $row['age'] . "</td>";
        echo "<td><form method='POST' ><input type='submit' name='deletestudent' value='Delete'/></form></td>";
        echo "</tr>";
    }
    ?>
 </table>

 </body>

In your form button you should give action and the id of the row.. for example `
` and in `delete_row.php` perform delete. — S.I., Dec 16 '16 at 06:03
Ok , Then what code should be written in the delete_row.php form? — Abdullah Fazli, Dec 16 '16 at 06:05
In `delete_row.php` you should write the MySQL query that deletes the row based on the id that you've passed along with the form. — icecub, Dec 16 '16 at 06:13

score 3 · Accepted Answer · edited Dec 16 '16 at 06:30

Something like this. Maybe will need to adjust it a bit.

Your table button:

echo "<td><form method='POST' action="delete_row.php" ><input type='submit' name='deletestudent' value="'.$row['id'].'"/></form></td>";

In PHP (delete_row.php) you should do the following

<?php
    $servername = "localhost";
    $username = "username";
    $password = "password";
    $dbname = "myDB";

    // Create connection
    $conn = mysqli_connect($servername, $username, $password, $dbname);
    // Check connection
    if (!$conn) {
         die("Connection failed: " . mysqli_connect_error());
    }

   if(isset($_POST['id']) and is_numeric($_POST['id']))
   {

        $delete = $_POST['id']

        $stmt = $conn->prepare("DELETE FROM YOURTABLENAME WHERE id = ?");
        $stmt->bind_param('i', $delete);
        $stmt->execute(); 
        $stmt->close();     
   }

Note: Not tested and I'm using mysqli_* here.

Update: As @icecub suggested you can use also hidden field to get the ID

echo "<td>
          <form method='POST' action='delete_row.php' >
               <input type='hidden' name='deletestudent' value='".$row['id']."'/>
               <input type='submit' value='Delete'/>
          </form>
     </td>";

I would suggest adding a hidden input field to the form instead of putting the id in the buttons value. The value also appears on the button. May look a bit odd. — icecub, Dec 16 '16 at 06:16
Anyway, +1 from me for doing some proper coding with prepared statements. It's a welcome sight between all the `mysql_*` posts :) — icecub, Dec 16 '16 at 06:22

Joel Garcia Nuño · Answer 2 · 2016-12-16T07:04:33.643

0

This is how not to do , see the comments below , important !

Should be send the current id of the element , so when you click the button get the element ID by $_GET['id'];

<td><a href='?id=".$row['id']."'>delete</a></td>

if (isset($_GET['id'])) {
    //Throw query DELETE ... WHERE id = $_GET['id'];
}

edited Dec 16 '16 at 07:04

answered Dec 16 '16 at 06:15

Joel Garcia Nuño

501
6
13

Of course. Because a page that simply deletes database rows based on a GET value isn't a major security risk or anything.. – icecub Dec 16 '16 at 06:17
Yes but you can make some control with $_SESSION – Joel Garcia Nuño Dec 16 '16 at 06:23
i mean , if isset an exactly session for a user , this user can complete de request GET – Joel Garcia Nuño Dec 16 '16 at 06:26
1

I'm not talking about who might do it. I'm talking about putting a GET value directly into a query! – icecub Dec 16 '16 at 06:26
Doesn't matter i think – Joel Garcia Nuño Dec 16 '16 at 06:28
Of course it does. Have you ever heard about [SQL Injection](https://en.wikipedia.org/wiki/SQL_injection)? You should NEVER directly insert a variable into a query. Always use prepared statements! – icecub Dec 16 '16 at 06:32
Because you must make a previous access control for this GET['key'] – Joel Garcia Nuño Dec 16 '16 at 06:34
Access control is important, but it has nothing to do with this. Perhaps you should read my answer to this question: http://stackoverflow.com/questions/31230504/bind-param-only-necessary-on-user-inputted-values-or-all/31230713#31230713 It explains why you should ALWAYS use prepared statements. Even in this case. – icecub Dec 16 '16 at 06:42
I hope you do something with it and educate yourself on it. Because right now you're feeding others the wrong kind of information that will leave them vulnerable! You are answering questions. People trust and rely upon you as a professional! If their entire database gets deleted because you gave them the wrong information, it's on your hands. Not to mention the reliability of Stack Overflow in general as a resource! – icecub Dec 16 '16 at 06:52
I should not comment this post without time for check all mistakes – Joel Garcia Nuño Dec 16 '16 at 06:57
Relax. I'm not here to pick on you mate :) If that's what I wanted, I would've just downvoted your answer and leave it at that. I'm simply trying to teach you something so you'll provide better answers next time. Prepared statements is quite easy to learn. You'll get the hang of it within an hour if you want to :) – icecub Dec 16 '16 at 06:59
I edited the post , for people knows this is not how to do , mate :) – Joel Garcia Nuño Dec 16 '16 at 07:05

How to delete a row in php?

2 Answers2