Jump to content

help Deleting a row from a table

iluvbatman27

By iluvbatman27
in PHP Coding Help

 Share

Recommended Posts

iluvbatman27 Newbie

iluvbatman27

Posted
Posted

Hey guys, so my server version is 5.1.62-0ubuntu0.10.04.1 and I'm using HTML and PHP. I'm pretty new to this stuff still.

I am attempting to write a delete.php file so that on my main list/output of the database you can click a link and delete the row that corresponds where the delete button is located. So I'm not quite sure where the code is going wonky, I can go to the delete page that I've created and it will print out my row deleted response but upon returning to the list the information is still there. Somewhere the database is not being accessed and I can't figure out anyway around this problem.

 

I'm currently not receiving any errors at this point, but nothing is actually being deleted. If anyone has an suggestions please let me know. I've lost my marbles over this code.  :confused: (theres a few functions that I'm not currently using but have just left inside the code still) THANKS

 

here is the listtotals.php:

<?php
error_reporting(E_ALL);
?>
<?php
        if ( isset($_GET['sort']) && $_GET['sort']=='date' ) {$_SESSION['sort'] = 'date';}
                else {$_SESSION['sort'] = 'T_name';}

include('dbconnect.php');
?>

<html>
<head>
<title> List of Daily Totals </title>
</head>


<script language="JavaScript">
<!--
function confirmdelete(T_name)
{
        var meow = confirm("Do you really want to delete this Branch's daily totals?");
                if (meow) {
                        window.location="deletetotals.php?id="+T_name;
                }
}
//-->
</script>

<body>

<a href="updatetotals.php">Update Totals</a> | Daily Totals
<h1> Daily Totals </h1>

<table border="0" cellspacing="0" cellpadding="10">
<tr>
<td><strong><?php if ($_SESSION['sort'] !='T_name') {
                        echo '<a href="',$_SERVER['PHP_SELF'],'?sort=T_name">Branch Name</a>'; }
                  else { echo 'Branch Name ↓'; } ?></strong></td>


<td><strong><?php if ($_SESSION['sort'] !='date') {
                        echo '<a href="',$_SERVER['PHP_SELF'],'?sort=date">Date</a>'; }
                  else { echo 'Date ↓'; } ?> </strong></td>

<td><strong>Cash</strong></td>
<td><strong>Checks</strong></td>
<td><strong>Total</strong></td>
<td> </td>

</tr>

<?php
        $query = "SELECT * FROM Totals ORDER BY ".$_SESSION['sort'];
                $result = mysql_query($query);
                $num = mysql_numrows($result);
                $i=0;
                        while ($i < $num) {
                                $f1=mysql_result($result, $i, "T_name");
                                $f2=mysql_result($result, $i, "date");
                                $f3=mysql_result($result, $i, "cash");
                                $f4=mysql_result($result, $i, "checks");
                                $f5=mysql_result($result, $i, "total");
?>

<tr>
<td><?php echo $f1; ?> </td>
<td><?php echo $f2; ?></td>
<td><?php echo $f3; ?></td>
<td><?php echo $f4; ?></td>
<td><?php echo $f5; ?></td>
<td><a href="deletetotals.php?T_name={$row['T_name']}"> Delete </a>
</td>
</tr>

<?php
$i++;
        } //ending for loop !!!
?>

</table>
</body>
</html>

 

and here is my delete.php:

<?php
include('dbconnect.php');
$T_name=$_GET['T_name'];
mysql_query("DELETE FROM 'Totals' WHERE 'T_name' = '$T_name' ");
echo (mysql_affected_rows()) ? "Row deleted. <br/> " : "Nothing deleted. <br/> ";
?>
<a href='listtotals.php'>Back to List</a>

Link to comment
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

That's very dangerous what you're doing there. You aren't validating or escaping the $_GET variable, and it would be very easy for a malicious user to delete every record in your table in one shot.

 

As far as the actual problem you're currently having, you aren't actually echoing a value in the href= attribute in your delete link. Look at the syntax highlighting in the code you posted above.

Link to comment
Share on other sites
iluvbatman27 Newbie

iluvbatman27

Posted
  • Author
Posted

Oh... in order to protect the information, I need to hide the $_GET in the address bar. Right? I'm unsure how to do that correctly.

 

I edited the link on delete to read like this:

<?php echo '<a href="deletetotals.php?T_name=' . $row['T_name'] . '"> Delete </a>' ?>

but the .$row['T_name'] . is giving my errors.

I know that I have to change the $row to something else, I just an unsure what it is.

 

Thank you for your help!

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.