How to delete multiple data entries using checkboxes in PHP?

Question

Ok I know this question has been asked before and we have run through a lot of different answers... However we still can't get this working right.

This is higher up in the code where the threads are displayed. It is also nested inside of an echo that is displaying the table. Except for the that is marked by comments, all the others are not next to code like they are shown. I wanted the code to highlight the right way.

 <?php //More code here~

while ($x = $s->fetch_object()){

$c = $c==1?2:1;

echo '<tr>
<td style="border: 1px solid #1f2a19; padding-left: 5px; padding-right: 5px; " class="color1" width="1%" nowrap>
<input type="checkbox" class="check" name="check[]" value="'.($x->id).'" /></td> 
//More displaying table code here.
';

}$s->close(); ?>

Lower down in the code near where the buttons appear at the end of the page we have this.

<?php
if (u::isstaff())  {
?> <!--This is here because the file is an .php and most of the code is php. 
   Very little HTML is used.-->

    <input type="submit" name="delete" value="Delete"/>


<?php // Same with this one. It is in the code.
if(isset($_POST['delete']))
{
 $cnt=array();
$cnt=count($_POST['check']);
 for($i=0;$i<$cnt;$i++)
  {
     $del_id=$_POST['check'][$i];
     $query=("delete from forumposts where 'thread'='$del_id'");
    mysql_query($query);
    $query=("delete from forumthreads where 'id'='$del_id'");

    mysql_query($query);
  } //for
} //ispost delete
} //isstaff ?>

The goal of this code to is grab the Thread id number from the checkboxes and run it through a deletion function when a button is pressed. Giving staff members the power to delete multi threads in a board at once.

This code works only to delete a single thread and is what we are basing the multi delete thread function on. It is in a different file "thread.php"

 <?php if ($_GET['act'] == 'deletethread'){

    if (!u::ismod()) return f::deny();

    $db->query("DELETE FROM forumposts
        WHERE `thread`='{$thread->id}'");

    if ($db->error) die(trigger_error($db->error) );

    $db->query("DELETE FROM forumthreads
        WHERE `id`='{$thread->id}'");

    if ($db->error) die(trigger_error($db->error) );

    s::go('board?i='.$thread->board);
  }?>

========================================================

So I think I have failed on the button... Never learned Java before. This is what the middle section looks like now. I have the feeling that I am still doing the delete part wrong as well.

<input type="submit" name="delete" value="Delete"/>

<?php 
if(isset($_POST['check_list'])){
 $cnt=array();
$cnt=count($_POST['check_list']);
 for($i=0;$i<$cnt;$i++)
  {
    $ids = implode(',', $_POST['check_list']); 
    mysqli_query("delete from forumposts where id in ($ids)");
    mysqli_query($query);
    mysqli_query("delete from forumthreads where id in ($ids)");
    mysqli_query($query);
  } //for
} //ispost delete
} //isstaff
?>

1. **Don't** use the **deprecated and insecure** `mysql_*`-functions. They have been deprecated since PHP 5.5 (in 2013) and were completely removed in PHP 7 (in 2015). Use MySQLi or PDO instead. 2. **You are wide open to [SQL Injections](http://php.net/manual/en/security.database.sql-injection.php)** and should really use [Prepared Statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) instead of concatenating your queries, which can be used if you use the above mentioned MySQLi or PDO. — M. Eriksson, Aug 15 '17 at 06:12
For some reason, you're trying to use the value of the checkbox as an object `{$del_id->id}` while `$del_id` already contains the actual id. — M. Eriksson, Aug 15 '17 at 06:13
In SQL-queries, table names need to be wrapped in back ticks (and only when the table name is the same as a reserved MySQL keyword), not single quotes. [When to use single quotes, double quotes, and backticks in MySQL](https://stackoverflow.com/questions/11321491/when-to-use-single-quotes-double-quotes-and-backticks-in-mysql) — M. Eriksson, Aug 15 '17 at 06:14
Yeah I realized the mysql_ part after I posted the question. I was really tired last night when posting it. So change del_id->id to just del_id. Thank you for the link. — Elizabeth Stout, Aug 15 '17 at 15:05

score 0 · Answer 1 · answered Aug 15 '17 at 06:53

0

echo '<tr>
        <td style="border: 1px solid #1f2a19; padding-left: 5px; padding-right: 5px; " class="color1" width="1%" nowrap>
           <input type="checkbox" class="check" name="check[]" value="'.($x->id).'" />
        </td>

In PHP File:

$ids = implode(',', $_POST['check']); 
mysqli_query("delete from forumposts where id in ($ids)");

answered Aug 15 '17 at 06:53

Naveed Ramzan

3,565
3
25
30

Would I need to repeat the php file line to delete the forumthreads? – Elizabeth Stout Aug 15 '17 at 15:06
No, you need this once. `$ids = implode` this line will get all ids which are checked and then in query we are deleting all records which are in checked. – Naveed Ramzan Aug 15 '17 at 17:12

How to delete multiple data entries using checkboxes in PHP?

1 Answers1