How i can delete a database record over a link in PHP in the same page?

Question

My Problem is that when i try to delete a database record over this link:

<?php
echo("<a href=\"./termine.php?action=edit&id=$id\">");
?>
            <span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> 
<?php   
    echo("</a>");
?>

its will be reload the page and the page is white. Refer to the snapshot below.

The action code:

<?php
if (isset($_GET['action']) and $_GET['action']=="edit") {
    $editId = $_GET['id'];
    $edit = $db->prepare("UPDATE TABLE_NAME SET EDIT_FIELD = '100' WHERE ID = '" .$editId."' LIMIT 1");
}

?>

Your code is vulnerable to [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection) attacks. You should use prepared statements with bound parameters, via either the [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php) drivers. [**This post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) has some good examples. — Alex Howansky, Nov 21 '17 at 19:21
Also note, in general, you don't want to make any database changes (i.e., UPDATE or DELETE) as a result of a GET request. Pages/URLs that make changes should require POST. — Alex Howansky, Nov 21 '17 at 19:23
_"and the page is white"_ What are you expecting? Your action code doesn't actually *output* anything. — Alex Howansky, Nov 21 '17 at 19:26
The problem is that it is the same page (.../termine.php) as the one from which the link was clicked, only this time the page should be reloaded with the appropriate parameter. By the if query, he should then "deleted" the record from the table (he updated only the Livestate (a column) which ensures that the record is no longer displayed on the website. The action code is only part of the code from the termine.php file. — Laberkopf, Nov 21 '17 at 20:03

How i can delete a database record over a link in PHP in the same page?

0 Answers0