Using drop down to delete from Database (mysql)

[ramforinkas]

Hey guys! Fairly new with PHP/MySQL and been working on a website for a class, and having some issues with my drop down not working as intended. What I'm trying to do is simply allow the user to select a name from a drop down field, then after pressing the submit button, would delete the selected name from the database. Here is my code.

<?php

ini_set('display_errors', 'on');
error_reporting(E_ALL);

session_start();		
$_SESSION['title'] = "PEC Menu";			//Opening Session Vars

$currentFile = $_SERVER["PHP_SELF"]; 			//current page for menu 
$currentUser = $_SESSION['currentname']; 		// users account info

include('../../functions/mainmenu.php');		// menu functions
	
//Menu Content,Code / Buttons Goes here
DrawMenu($currentFile, $currentUser);	

//Setting up database
mysql_connect("localhost","root","changeme");
mysql_select_db("certestdb");

$dbLink = mysql_connect("localhost", "root", "changeme");
mysql_query("SET character_set_client=utf8", $dbLink);
mysql_query("SET character_set_connection=utf8", $dbLink);

$result   = mysql_query("SELECT distinct TermID FROM clinical") or die(mysql_error()); 
$result2  = mysql_query("SELECT FullName FROM useraccess") or die(mysql_error());


$options='';
$options2='';

while($row=mysql_fetch_array($result)) {
	if (isset($_POST)) {	
	$TermID=$row["TermID"];
	$options.= '<option value="'.$row['TermID'].'">'.$row['TermID'].'</option>';	
	}
};

while($row=mysql_fetch_array($result2)) {
	if (isset($_POST)) {	
	$FullName=$row["FullName"];
	$options2.= '<option value="'.$row['FullName'].'">'.$row['FullName'].'</option>';	
	}

};

if (isset($_POST)) {
	mysql_query("DELETE FROM useraccess WHERE FullName='$FullName'")  or die(mysql_error());
	echo "Success!";
} else {
	echo "Not successful";
}

?>

<html>
<style>

</style>
<body>

<h4> Add User</h4>

<form name = "AddUser" action="PEC_addUser.php" method= "get" style = "text-align:right;  color: Black;float:left;">
	<input type="submit" value="Add User">
</form><br><br>
	
	<hr size = "5" color = "darkgray">
<h4> Assign User to Course</h4>
	<form name = "AssignUser" action=" " method= "get" style = "text-align:right; float:left; color: darkred;">
		User:
		<select>
			
		</select>
		Course:
		<select>
			
		</select>			
		Term:
		<SELECT NAME= termid>
			<OPTION VALUE=0>Choose</OPTION>
			<?php echo $options; ?>
		</select>
		<input type="submit" value="Assign">
	</form> <br><br>

<hr size = "5" color = "darkgray">

<h4> Assign Student to Instructor </h4>
	<form name = "AssignStudent" action=" " method= "get" style = "text-align:right;  color: darkred;float:left;">

		Student:
		<select>
			<option value = "Select"> Select</option>}
			<option value = "one"> 1</option>}
			<option value = "two"> 2</option>}
			<option value = "three"> 3</option>}
		</select>
		Course:
		<select>
			<option value = "Select"> Select</option>}
			<option value = "one"> 1</option>}
			<option value = "two"> 2</option>}
			<option value = "three"> 3</option>}
		</select>
		Instructor:
		<select>
			<option value = "Select"> Select</option>}
			<option value = "one"> 1</option>}
			<option value = "two"> 2</option>}
			<option value = "three"> 3</option>}
		</select>
		<input type="submit" value="Assign">
	</form><br><br>
	
<hr size = "5" color = "darkgray">

<h4> Delete User</h4>
	<form name = "DeleteUser" action=" " method= "get" style = "text-align:right;  color: darkred;float:left;">

		User:
		<SELECT NAME= FullName>
			<OPTION VALUE=0>Choose</OPTION>
			<?php echo $options2; ?>
		</select>
				
		<input type="submit" name="delete" value="delete">



	</form><br><br>
<hr size = "5" color = "darkgray">
<link rel="stylesheet" href="styles/pecui.css" media="screen" />
</body>
</html>

<?php
?>

This is where the possible issue is

if (isset($_POST)) {
	mysql_query("DELETE FROM useraccess WHERE FullName='$FullName'")  or die(mysql_error());
	echo "Success!";
} else {
	echo "Not successful";
}

What happens is upon submitting, it just deletes the last 2 records in the table "useraccess" instead of the value selected from the drop down.

I'm thinking that its not properly storing the data from the database, which is whats causing the query issue.

If anyone could help me, it would be very much appreciated it.

[Psycho]

Look at the WHERE clause in the delete query.

WHERE FullName='$FullName'

Now, look at where $FullName is defined!

while($row=mysql_fetch_array($result2)) {
    if (isset($_POST)) {    
    $FullName=$row["FullName"];
    $options2.= '<option value="'.$row['FullName'].'">'.$row['FullName'].'</option>';    
    }

Try

if (isset($_POST['NAME_OF_SELECT_FIELD'])) {
    $FullName = mysql_real_escape_string($_POST['NAME_OF_SELECT_FIELD']);
    mysql_query("DELETE FROM useraccess WHERE FullName='$FullName'") or die(mysql_error());
    echo "Success!";
} else {
    echo "No value selected";
}

[ramforinkas]

Thanks for the fast reponse!

I went ahead and did as you suggested

if (isset($_POST['FullName'])) {
    $FullName = mysql_real_escape_string($_POST['FullName']);
    mysql_query("DELETE FROM useraccess WHERE FullName='$FullName'") or die(mysql_error());
    echo "Success!";
} else {
    echo "No value selected";
}

However now it doesn't seem to want to delete anything.

[ramforinkas]

It appears I was missing the " " around my select name.

User:
		<SELECT NAME= "FullName">
			<OPTION VALUE=0>Choose</OPTION>
			<?php echo $options2; ?>
		</select>

It is now working, thanks so much for your assistance!

[Psycho]

FYI: There are plenty of problems with your script that I didn't take time to address - especially since you didn't provide enough of the code. For example, you first query the list of values to create the options THEN you check if you should delete a record. You should perform the delete first.