Jump to content

Delete_booking.php is not working

rruseva

By rruseva
in PHP Coding Help

 Share

Recommended Posts

rruseva Newbie

rruseva

Posted
Posted

I'm new to php and currently I'm preparing a small crud project. I have a html homepage, add_reservation.php which is working, show_bookings.php and delete_booking.php.

I can not delete a booking.

Here is my show_bookings.php code:
  

<?php
	include 'db_connection.php';
	$sqlQuery = 'SELECT * FROM room_reservation'; 
	$result = mysqli_query($link, $sqlQuery) or die(mysqli_error($link));  
	if ($result) {
		$tableStyle = "style='border:1px solid  white; border-collapse:collapse; text-align:center; background-color:#8f50fb'";
        $buttonStyle = "style='background-color: #8f50fb; color=white; padding: 14px 25px; text-align:center; border-radius:10px'";
		echo "<table class='table table-striped table-borderrer'><tr><th>Name</th><th>Room</th><th>CheckIn</th><th>CheckOut</th><th>Actions</th></tr>";
		while ($row = mysqli_fetch_array($result)) {  //to loop through the result row by row
			echo "<tr>";
			echo "<td>".$row['Name']."</td>";         
			echo "<td>".$row['Room']."</td>";    
			echo "<td>".$row['CheckIn']."</td>";         
			echo "<td>".$row['CheckOut']."</td>";
			echo "<td><div class='btn-group'>";
			echo "<a class='btn btn-danger' href='./delete_booking.php?Name=" .$row['Name'] ."'>Delete</a>";
			echo"</div></td>";
			echo "</tr>";
		}
		echo "</table>";
		
	} 

    
	echo '<p><a href="add_reservation.php">Add a new student</a></p>';
    echo "<a href='homepage.html' $buttonStyle>Go back to homepage</a>"
?>

And here is my delete_booking.php code: 

<?php
// Connect to the database
include 'db_connection.php';

// Check if the form has been submitted
if (isset($_GET['Name'])) {
  // Get the ID of the record to be deleted
  $name = $_GET['Name'];

  // Delete the record from the database
  $query = "DELETE FROM table WHERE Name = $name";
  // mysqli_query($db, $query);

  // Redirect to the home page
  // header("Location: show_bookings.php");
  // exit;
}
?>

I hope that someone could tell me where I'm wrong.

Link to comment
Share on other sites
requinix Prolific Member

requinix

Posted
Posted

There are a few other problems besides that one...

1. Don't use inline styles. Learn and use CSS. It will make your life easier.
2. I don't think the name of the class is "table-borderrer".
3. If any of those values from the table contains anything that looks like it might be HTML then it will screw up your page. Instead of thinking about whether they will, assume they will: it's much easier. Use htmlspecialchars() when you want to output a value.
4. Similarly, if the name has any apostrophes then it'll break the link and you'll never be able to delete it. If you switch to using double quotes for your attributes then htmlspecialchars() will solve half of that problem. The other half is using urlencode() so that the name doesn't screw up your URLs. You can use them together with htmlspecialchars(urlencode(the value you want to output)).
5. Do you have a $buttonStyle variable?
6a. Things like deletes should not be handled through URLs you can see in your browser's address bar. They really need to be <form>s with method=post. You could stick a quick form in your table cell, but...
6b. If all you need to delete a booking is a single value then a <button> can do it. Wrap your entire table in a <form> then, in the table cells, use a <button> with type=submit (so it submits the form) name="Name" (this is the name of the booking) value=the name of the booking (remember to use htmlspecialchars, and since this isn't going in a URL you don't need urlencode). Inside the button's markup you can put the word "Delete".
6c. Either way, remember to fix your delete_booking.php to use $_POST.
7. Once again, if the name contains any sorts of symbols or spaces then it will screw up your query (for more reasons than that too). Don't try to escape the value. Do use a prepared statement.

Link to comment
Share on other sites
rruseva Newbie

rruseva

Posted
  • Author
Posted

This is how I fixed it with the help of this comment. I just want to make the delete_booking.php part to work:
  

<?php
	include 'db_connection.php';
	$sqlQuery = 'SELECT * FROM room_reservation'; 
	$result = mysqli_query($link, $sqlQuery) or die(mysqli_error($link));  
	if ($result) {
		$tableStyle = "style='border:1px solid  white; border-collapse:collapse; text-align:center; background-color:#8f50fb'";
        $buttonStyle = "style='background-color: #8f50fb; color=white; padding: 14px 25px; text-align:center; border-radius:10px'";
		echo "<form action='delete_booking.php' method='POST'><table class='table table-striped table-borderrer'><tr><th>Name</th><th>Room</th><th>CheckIn</th><th>CheckOut</th><th>Actions</th></tr>";
		while ($row = mysqli_fetch_array($result)) {  //to loop through the result row by row
			echo "<tr>";
			echo "<td>".$row['Name']."</td>";         
			echo "<td>".$row['Room']."</td>";    
			echo "<td>".$row['CheckIn']."</td>";         
			echo "<td>".$row['CheckOut']."</td>";
			echo "<td><div class='btn-group'>";
			echo "<button type='submit' name='Name'>Delete</button>";
			echo"</div></td>";
			echo "</tr>";
		}
		echo "</table></form>";
		
	} 

    
	echo '<p><a href="add_reservation.php">Add a new student</a></p>';
    echo "<a href='homepage.html' $buttonStyle>Go back to homepage</a>"
?>
<?php
// Connect to the database
include 'db_connection.php';

// Check if the form has been submitted
if (isset($_POST['Name'])) {
  // Get the ID of the record to be deleted
  $name = $_POST['Name'];

  // Delete the record from the database
  $query = "DELETE FROM table WHERE Name = '$name'";
  $result = mysqli_query($link, $query) or die(mysqli_error($link)); 
  if (!$result) {
    die("Failed to delete record: " . mysqli_error($link)); 
  } else {
    echo 'Deletion successful.';
  }

  // Redirect to the home page
  header("Location: show_bookings.php");
  exit;
}
?>

But the name is not retrieved: Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'table WHERE Name = ''' at line 1

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.