0

im rather amateur with php and even more so with js. I have created a database table with an edit & delete button, as shown in the screenshot. (if anyone is also able to see why there is a gap between my header and body of table that would be great, i have no clue why this is cropping up, doesnt seem to be css).

The idea is to just click the delete button, pass the 'AwbNo' over to the delete.php page in order to delete the entire row from the database, and then automatically return to the page to see the updated table, if redirection can be avoided, even better just to make the operation smoother. Any help would be greatly appreciated, hope my code below is enough for aid

so select a row to delete>click delete>confirmation>row deleted from db. That is the process i am aiming to achieve

example database screenshot

<table class="table">
                <thead>
                  <tr>
                    <th>Awb Number</th>
                    <th>Vessel</th>
                    <th>Client</th>
                    <th>Pieces</th>
                    <th>Total Weight</th>
                    <th>Carrier</th>
                    <th>Sender</th>
                    <th>Status</th>
                    <th>Arrival Date</th>
                    <th>Action</th>
                  </tr>
                </thead>
                <tbody>
                    <?php               //BEGINNING OF PHP
                    include("login/dbinfo.inc.php");
                    $comm=@mysql_connect(localhost,$username,$password);
                    $rs=@mysql_select_db($database) or die( "Unable to select database"); 

                    $sql="SELECT AwbNo, VesselName, ClientCode, Pieces, Weight, Carrier, Sender, Status, DATE_FORMAT(ArrivalDate, '%d-%m-%yyyy') FROM tbl_import";
                    $result = mysql_query($sql) or die("SELECT Error: ".mysql_error());
                    $num_rows = mysql_num_rows($result);
                    echo "<p>There are $num_rows records in the Customer table.</p>";
                    echo "<table class=\"table\">\n";
                    while ($get_info = mysql_fetch_array($result))
                    {
                        echo ("<tr>\n");
                        echo ("<td>".$get_info["AwbNo"]."</td>");
                        echo ("<td>".$get_info["VesselName"]."</td>");
                        echo ("<td>".$get_info["ClientCode"]."</td>");
                        echo ("<td>".$get_info["Pieces"]."</td>");
                        echo ("<td>".$get_info["Weight"]."</td>");
                        echo ("<td>".$get_info["Carrier"]."</td>");
                        echo ("<td>".$get_info["Sender"]."</td>");
                        echo ("<td>".$get_info["Status"]."</td>");
                        echo ("<td>".$get_info["ArrivalDate"]."</td>");
                        ?>
                            <td>
                            <div id="outer">
                                <div class="inner"><button type="submit" class="msgBtn" onClick="goToURL()" > Edit </button></div>
                                <div class="inner"><button type="submit" class="msgBtn2" onClick="goToURL1()"> Delete </button></div>
                                </div> 
                            </td>
                        <?php
                        echo ("</tr>\n");
                    }
                    echo "</table>\n";
                    mysql_close();
                    ?>                  <!--END OF PHP-->
                </tbody>
                </table>

Below is the js script to redirect user page when clicking on the 'edit' or 'delete' button.

<script>
function goToURL() {
window.open('php/edit.php');
}
function goToURL1() {
  window.open('php/delete.php');
}
</script>

And below is the supposing 'delete.php' page to delete the record from the db on a live server, this is only an example, im not exactly sure if it is correct.

<?php
        include("dbinfo.inc.php");
        $comm=@mysql_connect(localhost,$username,$password);
        $rs=@mysql_select_db($database) or die( "Unable to select database"); 
        $AwbNo=$_POST['AwbNo'];
        $sql="DELETE FROM  tbl_import where AwbNo=$AwbNo";
        mysql_query($sql)or die("Delete Error: ".mysql_error());
        mysql_close();
        echo "Record was successfully deleted.\n";
        ?>
sanitizer
  • 95
  • 3
  • 14
  • Can you post your form code? – Jay Blanchard Jan 25 '17 at 16:48
  • Hi Christian, welcome to StackOverflow! Your question does not have a clear problem statement. Please describe what IS happening, and where any problems are, as well as what you've tried. – random_user_name Jan 25 '17 at 16:48
  • 4
    ***Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php).*** [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Jan 25 '17 at 16:49
  • 3
    [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***. Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Jan 25 '17 at 16:49
  • 3
    I recognise this question from earlier today. Do we have to do it all again# – RiggsFolly Jan 25 '17 at 16:50
  • @RiggsFolly - do you have dupe close hammer? Yes, yes you do!... use it.. use it... :) – random_user_name Jan 25 '17 at 16:51
  • The previous was already deleted. – Jay Blanchard Jan 25 '17 at 16:52
  • @cale_b Yes but the previous question has been deleted – RiggsFolly Jan 25 '17 at 16:52
  • Well, I rally to close as off topic due to lack of MVCE / clear problem statement... – random_user_name Jan 25 '17 at 16:53
  • @cale_b Way ahead of you Sir – RiggsFolly Jan 25 '17 at 16:53
  • Christain: You dont appear to understand how web pages work. Could I respectfully suggest you read a book or do a few online tutorials rather than keep asking the same question hoping someone here will do it all for you – RiggsFolly Jan 25 '17 at 16:55
  • I suggest you to clean and keep your code in good indentation which will help you to debug the error quickly. Its not a recommended way of writing like this `echo ("".$get_info["Weight"]."");` insisted use `` this looks cleaner. Try to correct your `HTML` tags your code has 2 opening `` tag used in nested.
     – Pavan Baddi Jan 25 '17 at 17:09
  • Hi pavan, thanks for the recommended code, will try & clean up the code. – sanitizer Jan 25 '17 at 18:21

1 Answers1

0

The issue your having is because you need to pass the primary key that AwbNo in you case, along with the Edit /Delete link, so that the correct record is selected from DB. This is not happening in your case.

The code for the table needs to look something like mentioned below for the edit & delete links.

echo '<td><a href="edit.php?id='.$get_info['AwbNo']. '">&nbspEdit&nbsp</a></td>';
echo '<td><a href="javascript:delete_user('.$get_info['AwbNo']. ')">&nbspDelete&nbsp</a></td>'

Also add this script in same page.

 <script>
        function delete_user(uid)
        {
            if (confirm('Are You Sure to Delete this Record?'))
            {
                window.location.href = 'delete.php?id=' + uid;
            }
        }
    </script>

delete.php can have just this code:

  <?php
    
        include("dbinfo.inc.php");
        $comm=@mysql_connect(localhost,$username,$password);
        $rs=@mysql_select_db($database) or die( "Unable to select database"); 
        $id = $_GET['id']; // $id is now defined
        mysqli_query($conn,"DELETE FROM tbl_import where AwbNo='".$id."'");
        mysqli_close($conn);
        header("Location: index.php"); //redirect to relevant page
        
    ?>
Dharman
  • 30,962
  • 25
  • 85
  • 135
Neha Parab
  • 76
  • 7
  • Thank you Neha for pointing me in the right direction, i can understand the above and see how the primary key is being passed on. Confirmation page etc works, but when i click 'Ok' to delete the record, im redirected to an error 404 : file or directory not found. i assume the delete.php page isnt picking up the id? or is it the url "delete.php?id=159847263" – sanitizer Jan 25 '17 at 17:57
  • The `id` is getting passed correctly. You need to pint the redirect page here: `header("Location: index.php"); //redirect to relevant page` . I did not know whats your redirect page so i just pointed it to `index.php` – Neha Parab Jan 25 '17 at 18:00
  • Found the problem, had to change the redirect in the script. Runs through perfectly, but not having an effect on my database, the record doesnt get deleted as it should – sanitizer Jan 25 '17 at 18:06
  • try `Location:livedashboard.php"`. I thing it just needs the filename unless the redirect file is a different folder location – Neha Parab Jan 25 '17 at 18:14
  • sry edited my previous in hopes of doing it before you read the previous version. All works, just the deletion isnt happening server side – sanitizer Jan 25 '17 at 18:19
  • Fixed it, just a little sql code change in the delete.php and it worked perfectly, thank you for the aid Neha – sanitizer Jan 25 '17 at 18:27