Checking if textbox is empty returns empty even to I have entered and input on my PHP/HTML

Question

This is my form from my html

<form action="Belo_Connect2.php" method="POST">
<center>
Name:<input type="text" name="namefordelete">

    <p> //button that submits to php file
        <button><a href="Belo_Connect2.php" target="_self" style="text-decoration: none" method="POST">DELETE</a></button>
    </p>
</center>

Now below is my php file that returns Name is empty but I definitely input text when running it on my localhost. Can you guys help me to pinpoint my error here? Thank you so much. And please note if im deleting things right way here. Thank you again



$name = filter_input(INPUT_POST,'namefordelete');


if(!empty($name)){

     $host = "localhost";
     $dbusername = "root";
     $dbpassword = "";
     $dbname = "studentInfoDB";

     $conn = new mysqli($host, $dbusername, $dbpassword, $dbname);

         if(mysqli_connect_error()){
            die('Connect Error('.mysqli_connect_errno().')'.mysqli_connect_error());
          }

        //my delete query
       else{
       $sql = "DELETE FROM studentTbl WHERE Name = '$name'";

            if($conn->query($sql)){
             echo "One record Deleted!";
             }   

            else{
            echo "Error:".$sql."<br>".$conn->error;
            }

   $conn -> close();
  }


}

//this always return even I have an input on my input box from html file name=namefordelete
else{
echo "Name should not be Empty";
die();
}


?>

Please add some proper code indention. It's very hard to follow the flow when it's all left aligned. — M. Eriksson, Dec 07 '20 at 10:10
Do a `var_dump($_POST);` and after your filter_input(), also add `var_dump($name);` to see what those variables actually contain. — M. Eriksson, Dec 07 '20 at 10:13
@MagnusEriksson there are no POST datas, the submit "button" won't work, it's just a link — Cid, Dec 07 '20 at 10:14
Does this answer your question? [Make a link use POST instead of GET](https://stackoverflow.com/questions/3915917/make-a-link-use-post-instead-of-get) — Cid, Dec 07 '20 at 10:15
**Warning!** You are wide open for [SQL injection](https://owasp.org/www-community/attacks/SQL_Injection) attacks! You should use parameterized [prepared statements](https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php) instead of passing in manually (and insufficient) escaped user data directly in your queries like that. — M. Eriksson, Dec 07 '20 at 10:18

score 0 · Answer 1 · answered Dec 07 '20 at 10:54

If you are having a link directly to the php screen by [A hyperlink], it will not submit the data in the namefordelete inputbox.

Hence please try to amend as follows:

<form action="Belo_Connect2.php" method="POST">
<center>
Name:<input type="text" name="namefordelete">

        <input type="submit" value="delete">
    </form>
</center>

Checking if textbox is empty returns empty even to I have entered and input on my PHP/HTML

1 Answers1