-1

I wish to display the record to the user that I am deleting in PHP?

I am trying to display the record in a form that I want to delete but only the input type = text values are being displayed and the radio button values are not being displayed?

<?php

    require('/home/s3022041/sqlC/dbConnect.php');
    if(isset($_POST['search']))
    {
        $search = mysqli_real_escape_string($connection, $_POST['id']);
        $id = $_POST['id'];

        $stp1 = preg_replace("/[^a-zA-Z0-9]/", "", $id); //grab only the alphanumerics
         $stp2 = strtoupper($stp1); //Make all alphabets uppercase
            $stp3 = preg_replace('/\d+/', '',$stp2); //extract the alphabets part
                $newsearchid = str_replace($stp3,"-".$stp3."-",$stp2); //put hyphens before and after the alphabet part

        $query = "SELECT * FROM cars WHERE Registration_Number = '$newsearchid' ";
        $query_run = mysqli_query($connection, $query);

        while($row = mysqli_fetch_array($query_run))
        {
            ?>

            <form action="delete_process.php" method="POST" class="form">
                    <h2>Car Registration Form</h2>
                    <div class="mb-3">


                        <input type="radio" name="Car" id="Toyota" value=" <?php echo $row['make']; ?>" />

                        <label for="Toyota" class="form-label">Toyota</label>
                        <select name="Models[Toyota]" class="form-control" value=" <?php echo $row['model']; ?>">
                            <option value="">None</option>
                            <option value="Camri">Camri</option>
                            <option value="Corolla">Corolla</option>
                            <option value="Estima">Estima</option>
                        </select><br>

                        <input type="radio" name="Car" id="Nissan" value=" <?php echo $row['make']; ?>"/>

                        <label for="Nissan" class="form-label">Nissan</label>
                        <select name="Models[Nissan]" class="form-control" value=" <?php echo $row['model']; ?>">
                            <option value="">None</option>
                            <option value="Micra">Micra</option>
                            <option value="roller">roller</option>
                            <option value="fushe">fushe</option>
                        </select><br>

                        <input type="radio" name="Car" id="Mercedez" value=" <?php echo $row['make']; ?>"/>

                        <label for="Mercedez" class="form-label">Mercedez</label>
                        <select name="Models[Mercedez]" class="form-control" value=" <?php echo $row['model']; ?>">
                            <option value="">None</option>
                            <option value="5series">5series</option>
                            <option value="x7">x7</option>
                            <option value="x5">x5</option>
                        </select><br>



                        <label for="vehicleidentificationnumber" class="form-label">vehicle identification
                            number(VIN)</label>
                        <input type="text" disabled="disabled" name="vehicleidentificationnumber" class="form-control" maxlength=20 value=" <?php echo $row['VIN']; ?>" required >
                        <br>

                        <label for="ManufacturingYear" class="form-label">Manufacturing Year</label>
                        <input type="text" name="Manufacture_Year" class="form-control" maxlength=20 value=" <?php echo $row['Manufacture_Year']; ?>" required >

                        <label for="Enginesize" class="form-label">Engine size</label>
                        <input type="text" name="Engine_Size" class="form-control" maxlength=20 value=" <?php echo $row['Engine_Size']; ?>" required>

                        <label for="TransmissionType" class="form-label">TransmissionType</label><br>
                        <input type="radio" name="Transmission_Type" id="TransmissionType" value=" <?php echo $row['Transmission_Type']; ?>" />
                        <label for="Automatic" class="form-label">Automatic</label><br>

                        <input type="radio" name="Transmission_Type" id="TransmissionType" value=" <?php echo $row['Transmission_Type']; ?>" />
                        <label for="Manual" class="form-label">Manual</label><br>

                        <input type="radio" name="Transmission_Type" id="TransmissionType" value=" <?php echo $row['Transmission_Type']; ?>" />
                        <label for="SemiAutomatic" class="form-label">Semi-Automatic</label><br>

                        <label for="NoofSeats" class="form-label">No. of Seats</label>
                        <input type="number" name="NoOfSeats" class="form-control" value="<?php echo $row['NoOfSeats']; ?>" maxlength=20 required>

                        <label for="Noofdoors" class="form-label">No. of doors</label>
                        <input type="number" name="NoOfDoors" class="form-control" maxlength=20 value="<?php echo $row['NoOfDoors']; ?>" required>

                        <label for="Fueltype" class="form-label">Fuel type</label>
                        <input type="text" name="Fuel_Type" class="form-control" maxlength=20 value=" <?php echo $row['Fuel_Type']; ?>" required>

                        <label for="Colour" class="form-label">Colour</label>
                        <input type="text" name="Colour" class="form-control" maxlength=20 value=" <?php echo $row['Colour']; ?>" required>

                        <label for="RegistrationNumber" class="form-label">Registration Number (use Dublin
                            registration) </label>
                        <input type="hidden" disabled="disabled" name="Registration_Number" class="form-control" maxlength=20 value=" <?php echo $row['Registration_Number']; ?>" required>

                        <label for="Dateoffirstregistration" class="form-label">Date of first registration</label>
                        <input type="date" name="DateOfRegestration" class="form-control" maxlength=20 value=" <?php echo $row['DateOfRegestration']; ?>" required>

                    </div>

                    
                    <button type="submit" name="search" class="btn btn-primary">Delete</button>

        </form>

            <?php
        }
        
        
    }
    else{
        echo "<h1> No records found </h1>";
        echo "<a href='index.php'>home</a>";
    }
   

?>

            </div>
            <div class="modal-footer">

                </form>

Here I am trying to delete the above record that is displayed but it says deleted successfully but when I go and check the records it is not deleted it's still there?

<?php
require('/home/s3022041/sqlC/dbConnect.php');
if(isset($_POST['search']))
{
    $search = mysqli_real_escape_string($connection, $_POST['search']);
    $id = $_POST['Registration_Number'];

    $query = "DELETE FROM `cars` WHERE Registration_Number='$id' ";
    $query_run = mysqli_query($connection, $query) or die ("not done");

    if($query_run)
    {
        echo "<h1> deleted successfully</h1>";
         echo "<a href='index.php'>home</a>";
         
    }
    else
    {
        echo "<h1> not deleted </h1>";
        echo "<a href='index.php'>home</a>";
        echo 'Error! ' . mysqli_error($connection);
    }
}
Dharman
  • 30,962
  • 25
  • 85
  • 135
user15499013
  • 9
  • 4
  • fyi, ` – brombeer Apr 14 '21 at 16:51
  • i've removed that but same issue? – user15499013 Apr 14 '21 at 16:56
  • Are you sure that you want to 'hard delete' data? – Strawberry Apr 14 '21 at 16:56
  • yes i wish to delete it – user15499013 Apr 14 '21 at 16:58
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman Apr 14 '21 at 17:08
  • dump $id from the secondth php – Kevin Gales Apr 14 '21 at 20:57
  • what do you mean by that? – user15499013 Apr 15 '21 at 00:06
  • do var_dump($id) so you can see what's in there... – Kevin Gales Apr 15 '21 at 20:40

1 Answers1

0

Change

1. Form

<input type="radio" name="Car" id="Toyota" value="<?=$row['make']; ?>" />

to

<input type="radio" name="Car" id="Toyota" <?=($row['make'] == 'Toyota' ? 'value="'.$row['make'].'" checked':NULL); ?> />

<!-- or better yet -->
<input type="radio" name="Car" id="Toyota" value="Toyota" <?=($row['make'] == 'Toyota' ? 'checked':NULL); ?> />

2. Database

File: delete_process.php

// Change
if($query_run) // << This only tell the script the sql statement run with no errors

// To
if(mysql_affected_rows()<=1) // << This confirms that one or more rows where changed by the sql statement

Explained

PHP Shorthand If/Else Using Ternary Operators (?:)

/* basic usage */
$var = 5;
$var_is_greater_than_two = ($var > 2 ? true : false); // returns true

Reason for error

If a radio button are not being displayed, it most-likely an 'Undefined variable' when getting $row['make'].

Other thing, remove the white spacing from. As this may play a part when using a MYSQL Statement.

<!-- From -->
value=" <?php echo $row['Registration_Number']; ?>"

<!-- To -->
value="<?=$row['Registration_Number']; ?>"

*Shorthand one line echo/print <?=

Unknown_uID
  • 1
  • 2