Problem with a $_POST in a while (POST sent by a JS pop up)

Question

I have a problem, I want to create a popup for my forum which says "Are you sure you want to delete on category?" and if click on yes, delete the category. But I have a problem, my sql request deletes all categories and not only one. Can you help me?

The code (Commented for you):

    while ($c = mysqli_fetch_assoc($result)) { // The wile
        if (isset($_SESSION['steamid'])) { // Check if user connected
            include('../script/steamlogin/userInfo.php');
            if (IsAdmin($steamprofile['steamid'])) { // Check if user is an admin
        ?>
            <p class="cat tooltip"><?=$c['name']?> <a href="#" class="tooltiptext whitebar remove_openpopup">Remove</a> </p> <!-- Button which open the popup -->
            <div id="popup" class="popup"> <!-- The popup -->
              <div class="popup_content">
                <p>Are you sure you want to delete this category?</p>
                <button class="button_popup close_button">No</button>
                <button class="button_popup close_button" onclick='document.getElementById("remove").submit()'>Yes</button>
              </div>
            </div>
            <form id="remove" method="post"><input type="hidden" name="remove" /></form> <!-- The form affected by the popup -->
            <script type="text/javascript" src="../style/js/popup.js"></script> 
        <?php

            if (isset($_POST['remove'])) { // The remove script
                if (isset($_SESSION['steamid'])) {
                    include('../script/steamlogin/userInfo.php');
                    if (IsAdmin($steamprofile['steamid'])) {
                        mysqli_query($base, 'DELETE FROM `forum_categories` WHERE `id`="'.$c['id'].'"');
                        header('Location: index.php');
                    }
                }
            }

JS:

var modal = document.getElementById("popup");
var btns = Array.prototype.slice.call(document.querySelectorAll(".remove_openpopup"));
var span = document.querySelectorAll(".close_button")[0];

btns.forEach(function(btn) {
  btn.onclick = function() {
    modal.style.display = "block";
  }
});
span.onclick = function() {
  modal.style.display = "none";
}

window.onclick = function(event) {
  if (event.target == modal) {
    modal.style.display = "none";
  }
}

I think its cause of the unique name remove, I think fix this with a array variable but how can I make and unlimited array value?

My idea:

$name = array('1' => 'remove1', '2' => 'remove2', '3' => 'remove3');

And after:

$c[$name][$VARIABLE WHICH COUNT THE WHILE]

Do you see what I mean? Have you got an idea? (For make the array unlimited)

Hey, I think you must add hidden filed for categori id in form html. when user press submit button then you need to get id in $_POST['id'] then pass it to mysqli_query($base, 'DELETE FROM `forum_categories` WHERE `id`="'.$_POST['id'].'"'); — Rajveer gangwar, Jun 03 '19 at 15:18
Possible duplicate of [What is the difference between client-side and server-side programming?](https://stackoverflow.com/questions/13840429/what-is-the-difference-between-client-side-and-server-side-programming) — miken32, Jun 03 '19 at 16:54
You are placing the code that is supposed to handle deletions inside the code that is outputting your form. For every single row, you're running a delete command on your database. — miken32, Jun 03 '19 at 16:59

score -1 · Answer 1 · answered Jun 03 '19 at 15:30

you must create a saparate file to delete the categorie and proper validation with session

then you need to call this file from jquery in ajax call.

Example for ajax call is given below

To make ajax request using jQuery you can do this by following code

HTML:

<form id="foo">
    <label for="bar">A bar</label>
    <input id="bar" name="id" type="hidden" value="" />
    <input type="submit" value="Send" />
</form>

JavaScript:

/* Get from elements values */
var values = $(this).serialize();
$.ajax({
  url: "delete.php",
  type: "post",
  data: values,
  success: function(response) {
      // you will get resp`enter code here`onse from your php page (what you echo or print)                 
   },
 error: function(jqXHR, textStatus, errorThrown) {
       console.log(textStatus, errorThrown);
  }   });

In delete.php write your delete logic.

 <?php

    if (isset($_POST['remove'])) { // The remove script
        if (isset($_SESSION['steamid'])) {
            include('../script/steamlogin/userInfo.php');
            if (IsAdmin($steamprofile['steamid'])) {
                mysqli_query($base, 'DELETE FROM `forum_categories` WHERE `id`="' . $_POST['id'] . '"');
                echo "delete";
            } else {
                echo "something went wrong";
            }
        }
    }
    ?>

Hope this will help you

Hello it doesn't work for me ? I put the form in my popup and js etc and it doesn't work — One 4046, Jun 03 '19 at 16:27

Problem with a $_POST in a while (POST sent by a JS pop up)

1 Answers1