-2

I am trying to have the following script run when a button is pressed within a php page. The script is supposed to delete a row from a MySQL database table.

I have read from other previous questions that you cannot utilize a php within a javascript within a php page as the php runs along with the page load. Now as it currently sits, the data is indeed deleted, but that is when the page loads.

What is the proper way of having the following query run when a button is pressed in a php page? (FYI, I am using sweetalert)

<script>
    function alertdelete() {
        {
            swal({
                    title: "Are you sure?",
                    text: "This delete is permanent!",
                    icon: "warning",
                    buttons: true,
                    dangerMode: true,
                })
                .then((willDelete) => {
                    if (willDelete == true) {
                        <?php
                            mysqli_query($db, "DELETE FROM employee WHERE EMPNO='$id'");
                        ?>
                        swal("The employee has been deleted!", {
                            icon: "success",
                        });
                    } else {
                        swal("Ok, the employee will not be deleted!");
                        return;
                    }
                    <?php
                        openPage("employees.php",3000);
                    ?>
                });
        }
    }
</script>
Roshana Pitigala
  • 8,437
  • 8
  • 49
  • 80
termlim
  • 865
  • 1
  • 6
  • 13
  • 2
    try to use ajax – pinoyCoder Mar 10 '18 at 09:07
  • What you trying to do is absolutely wrong. You couldn't run php code within a client-side script. You can use jquery for the problem. – NIKHIL NEDIYODATH Mar 10 '18 at 09:10
  • 2
    Read: [What is the difference between client-side and server-side programming?](https://stackoverflow.com/questions/13840429/what-is-the-difference-between-client-side-and-server-side-programming) & [How can I prevent SQL injection in PHP?](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1) before going any further. – Lawrence Cherone Mar 10 '18 at 09:14
  • Never write SQL queries in client side. Clients can easily change the query. They can even delete your whole database! – Roshana Pitigala Mar 10 '18 at 09:18

3 Answers3

1

use a ajax to send request to a php file which has a function to delete the image 

   var xhttp = new XMLHttpRequest();
  xhttp.open("POST", "deletePage.php", true);
  xhttp.send();

If you don't want to use xmlHttpRequest method you can use fetch api

fetch('url',{method: "POST",body="param=val"}).then((res)=>{//do something with response})

learn about fetch

"DONT FORGET TO CHECK FOR A POST REQUEST WHEN CREATING DELETING FUNCTION IF YOU ACCIDENTLY VISIT THE PAGE IT WILL DELETE"

janaravi
  • 106
  • 1
  • 8
0

I would create a deleteRow.php page with your query in it. Make sure to use proper validation before your actually send your query.

Use AJAX in your js file to trigger the delteRow.php page.

Here is a link for the AJAX: http://api.jquery.com/jquery.ajax/

Joseph_J
  • 3,654
  • 2
  • 13
  • 22
0

Use ajax ( better way to do is using JQuery rather than plain javascript ) like below:

<script>
    function alertdelete() {
        {
            swal({
                    title: "Are you sure?",
                    text: "This delete is permanent!",
                    icon: "warning",
                    buttons: true,
                    dangerMode: true,
                })
                .then((willDelete) => {
                    if (willDelete == true) {
                        var sendArray = {"id": YOUR_ROW_ID};
                        $.post("db_action.php", sendArray, function() {
                            swal("The employee has been deleted!", {
                                icon: "success",
                            });
                        });
                    } else {
                        swal("Ok, the employee will not be deleted!");
                        return;
                    }
                });
        }
    }
</script>

And for the file db_action.php you can have code below:

<?php
      mysqli_query($db, "DELETE FROM employee WHERE EMPNO='$_POST[id]'");
?>
Shadow4Kill
  • 178
  • 1
  • 9