0

I have a script that prints in the screen all the data of a table. Associated to each row of data, I have a delete button, and I would like that, when a button of any row is cliked, the row is deleted. To do so, I have got the following code:

$con = mysqli_connect("","","","");

$result = mysqli_query($con,"SELECT * FROM `clientes_pmt`");

while($row = mysqli_fetch_array($result)){
    ?> <button name="delete" value="<?php echo $row['id']; ?>" type="submit"><img src="paginas/borrar.jpg" /></button>
    <a href="page<?php echo $row['nombre']; ?>">
        <div><p><?php echo $row['nombre']; ?></p></div>
        <div><p><?php echo $row['pais']; ?></p></div>
    </a>
    <section class="clearboth"></section><br><?php
}

if(isset($_POST['delete'])){
    $id = $_POST['delete'];
    $result = mysqli_query($con,"DELETE FROM `clientes_pmt` WHERE id = '$id'");
}

mysqli_close($con);

I receive no errors but the row is not being deleted.

alberzyzz
  • 277
  • 2
  • 15
  • 1
    where is your `
    ` tag and `action and method` ?
     – Bibhudatta Sahoo Jul 10 '17 at 08:07
  • Just seen it. Thank you, I knew it was something really stupid – alberzyzz Jul 10 '17 at 08:08
  • 1
    you are welcome. – Bibhudatta Sahoo Jul 10 '17 at 08:09
  • To prevent SQL injections it would be wise to read up on PDO prepared statements. [More on preventing SQL injections](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). [Are they sufficient to prevent SQL injection?](https://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection) – JiFus Jul 10 '17 at 08:10
  • also in delete query it should be `id = $id`, as it will not be string – Jigar Shah Jul 10 '17 at 08:10
  • make sure to check whether the POSTed "id" indeed belongs to current logged-in user before deleting the record – Prashant Jul 10 '17 at 08:12

5 Answers5

3

Enclose the button inside a form element and set appropriate action and method attributes, something like:

<form action="/delete.php" method="POST">
  <button ...> [your button]
</form>
Prashant
  • 5,331
  • 10
  • 44
  • 59
0

You have to modify these line

$con = mysqli_connect("localhost","root","","YOUR DATABASE NAME");
Kap
  • 11
  • 2
0

To see the result you can put a header() to the end of this part of code:

if(isset($_POST['delete'])){
    $id = $_POST['delete'];
    $result = mysqli_query($con,"DELETE FROM `clientes_pmt` WHERE id = '$id'");

    header('location:your_page_where_the_rows_are.php');
}
David
  • 354
  • 6
  • 19
0

I think it may be because the $id was not getting added into the query. Try bellow?

if(isset($_POST['delete'])){ $id = $_POST['delete']; $result = mysqli_query($con,"DELETE FROM clientes_pmt WHERE id = '".$id."'); }

GrimeO
  • 1
0

Use Form tag and Header for redirect your page on same page. Try This -

<?php
$con = mysqli_connect("","","","");

$result = mysqli_query($con,"SELECT * FROM `clientes_pmt`");

while($row = mysqli_fetch_array($result)){
    ?> 
    <form action="" method="post" >
    <button name="delete" value="<?php echo $row['id']; ?>" type="submit"><img src="paginas/borrar.jpg" /></button>
    </form>
    <a href="page<?php echo $row['nombre']; ?>">
        <div><p><?php echo $row['nombre']; ?></p></div>
        <div><p><?php echo $row['pais']; ?></p></div>
    </a>
    <section class="clearboth"></section><br><?php
}

if(isset($_POST['delete'])){
    $id = $_POST['delete'];
    $result = mysqli_query($con,"DELETE FROM `clientes_pmt` WHERE id = '$id'");
    header('location:'.$_SERVER['PHP_SELF']);
}

mysqli_close($con);
?>
Sunil Rajput
  • 960
  • 9
  • 19