rruseva Posted December 14, 2022 Share Posted December 14, 2022 I'm new to php and currently I'm preparing a small crud project. I have a html homepage, add_reservation.php which is working, show_bookings.php and delete_booking.php. I can not delete a booking. Here is my show_bookings.php code: <?php include 'db_connection.php'; $sqlQuery = 'SELECT * FROM room_reservation'; $result = mysqli_query($link, $sqlQuery) or die(mysqli_error($link)); if ($result) { $tableStyle = "style='border:1px solid white; border-collapse:collapse; text-align:center; background-color:#8f50fb'"; $buttonStyle = "style='background-color: #8f50fb; color=white; padding: 14px 25px; text-align:center; border-radius:10px'"; echo "<table class='table table-striped table-borderrer'><tr><th>Name</th><th>Room</th><th>CheckIn</th><th>CheckOut</th><th>Actions</th></tr>"; while ($row = mysqli_fetch_array($result)) { //to loop through the result row by row echo "<tr>"; echo "<td>".$row['Name']."</td>"; echo "<td>".$row['Room']."</td>"; echo "<td>".$row['CheckIn']."</td>"; echo "<td>".$row['CheckOut']."</td>"; echo "<td><div class='btn-group'>"; echo "<a class='btn btn-danger' href='./delete_booking.php?Name=" .$row['Name'] ."'>Delete</a>"; echo"</div></td>"; echo "</tr>"; } echo "</table>"; } echo '<p><a href="add_reservation.php">Add a new student</a></p>'; echo "<a href='homepage.html' $buttonStyle>Go back to homepage</a>" ?> And here is my delete_booking.php code: <?php // Connect to the database include 'db_connection.php'; // Check if the form has been submitted if (isset($_GET['Name'])) { // Get the ID of the record to be deleted $name = $_GET['Name']; // Delete the record from the database $query = "DELETE FROM table WHERE Name = $name"; // mysqli_query($db, $query); // Redirect to the home page // header("Location: show_bookings.php"); // exit; } ?> I hope that someone could tell me where I'm wrong. Quote Link to comment https://forums.phpfreaks.com/topic/315645-delete_bookingphp-is-not-working/ Share on other sites More sharing options...
requinix Posted December 14, 2022 Share Posted December 14, 2022 There are a few other problems besides that one... 1. Don't use inline styles. Learn and use CSS. It will make your life easier. 2. I don't think the name of the class is "table-borderrer". 3. If any of those values from the table contains anything that looks like it might be HTML then it will screw up your page. Instead of thinking about whether they will, assume they will: it's much easier. Use htmlspecialchars() when you want to output a value. 4. Similarly, if the name has any apostrophes then it'll break the link and you'll never be able to delete it. If you switch to using double quotes for your attributes then htmlspecialchars() will solve half of that problem. The other half is using urlencode() so that the name doesn't screw up your URLs. You can use them together with htmlspecialchars(urlencode(the value you want to output)). 5. Do you have a $buttonStyle variable? 6a. Things like deletes should not be handled through URLs you can see in your browser's address bar. They really need to be <form>s with method=post. You could stick a quick form in your table cell, but... 6b. If all you need to delete a booking is a single value then a <button> can do it. Wrap your entire table in a <form> then, in the table cells, use a <button> with type=submit (so it submits the form) name="Name" (this is the name of the booking) value=the name of the booking (remember to use htmlspecialchars, and since this isn't going in a URL you don't need urlencode). Inside the button's markup you can put the word "Delete". 6c. Either way, remember to fix your delete_booking.php to use $_POST. 7. Once again, if the name contains any sorts of symbols or spaces then it will screw up your query (for more reasons than that too). Don't try to escape the value. Do use a prepared statement. Quote Link to comment https://forums.phpfreaks.com/topic/315645-delete_bookingphp-is-not-working/#findComment-1603525 Share on other sites More sharing options...
rruseva Posted December 14, 2022 Author Share Posted December 14, 2022 This is how I fixed it with the help of this comment. I just want to make the delete_booking.php part to work: <?php include 'db_connection.php'; $sqlQuery = 'SELECT * FROM room_reservation'; $result = mysqli_query($link, $sqlQuery) or die(mysqli_error($link)); if ($result) { $tableStyle = "style='border:1px solid white; border-collapse:collapse; text-align:center; background-color:#8f50fb'"; $buttonStyle = "style='background-color: #8f50fb; color=white; padding: 14px 25px; text-align:center; border-radius:10px'"; echo "<form action='delete_booking.php' method='POST'><table class='table table-striped table-borderrer'><tr><th>Name</th><th>Room</th><th>CheckIn</th><th>CheckOut</th><th>Actions</th></tr>"; while ($row = mysqli_fetch_array($result)) { //to loop through the result row by row echo "<tr>"; echo "<td>".$row['Name']."</td>"; echo "<td>".$row['Room']."</td>"; echo "<td>".$row['CheckIn']."</td>"; echo "<td>".$row['CheckOut']."</td>"; echo "<td><div class='btn-group'>"; echo "<button type='submit' name='Name'>Delete</button>"; echo"</div></td>"; echo "</tr>"; } echo "</table></form>"; } echo '<p><a href="add_reservation.php">Add a new student</a></p>'; echo "<a href='homepage.html' $buttonStyle>Go back to homepage</a>" ?> <?php // Connect to the database include 'db_connection.php'; // Check if the form has been submitted if (isset($_POST['Name'])) { // Get the ID of the record to be deleted $name = $_POST['Name']; // Delete the record from the database $query = "DELETE FROM table WHERE Name = '$name'"; $result = mysqli_query($link, $query) or die(mysqli_error($link)); if (!$result) { die("Failed to delete record: " . mysqli_error($link)); } else { echo 'Deletion successful.'; } // Redirect to the home page header("Location: show_bookings.php"); exit; } ?> But the name is not retrieved: Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'table WHERE Name = ''' at line 1 Quote Link to comment https://forums.phpfreaks.com/topic/315645-delete_bookingphp-is-not-working/#findComment-1603530 Share on other sites More sharing options...
ginerjm Posted December 14, 2022 Share Posted December 14, 2022 All inputs (except checkboxes) are 'set' in the POST array. You need to validate the Name value by checking if it is empty or not. Quote Link to comment https://forums.phpfreaks.com/topic/315645-delete_bookingphp-is-not-working/#findComment-1603531 Share on other sites More sharing options...
Barand Posted December 14, 2022 Share Posted December 14, 2022 9 minutes ago, rruseva said: "DELETE FROM table WHERE Name = '$name'"; Is the name of your table really "table"? Quote Link to comment https://forums.phpfreaks.com/topic/315645-delete_bookingphp-is-not-working/#findComment-1603532 Share on other sites More sharing options...
rruseva Posted December 14, 2022 Author Share Posted December 14, 2022 I missed that..the name of the table is not table.. Quote Link to comment https://forums.phpfreaks.com/topic/315645-delete_bookingphp-is-not-working/#findComment-1603533 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.