1

I have wrote a PHP script just to delete a single row from a MySQL DB by id. The value of id has taken from the $_POST of a button when clicked i tried different ways to pass that variable having the $_POST value but it doesn't worked. every thing seems fine i tried the same query with static value in the DB and that worked fine there. here is my complete code. Note: i also have tried $_GET and also tried '.$delete_id.' and '$delete_id' 

    include ("db_conection.php");

    if (isset ( $_GET ['view'] )) {
        $view_id = $_GET ['view'];

        $query_run = null;

        $query1 = "SELECT * FROM question where testid ='" . $view_id . "'";
        $run = mysqli_query ( $conn, $query1 ); // here run the sql query.
        while ( $row = mysqli_fetch_array ( $run ) )            // while look to fetch the result
                                             // and store in a array $row.
        {

            echo '  

  <tr>
  <td>' . $row ['qid'] . '</td>
  <td>' . $row ['testid'] . '</td>
  <td>' . $row ['questions'] . '</td>
  <td>
  <a href="remove_question.php?del=' . $row ['qid'] . '" class = "btn btn-danger btn-block">Delete</a>

  </td>
  </tr>

        ';

        }

        if (isset ( $_POST ['del'] )) {
            $delete_id = $_POST ['del'];
            $delete_query = "Delete  from question WHERE qid='".$delete_id."'"; // delete
                                                                            // query

            // $run=mysqli_query($conn,$delete_query);
            $run = $conn->query ( $delete_query );
            if ($run) {
                // bootstrap class to open in the same window
                /*
                 * echo "<script>window.open('Admin Delete
                 * member.php','_self')</script>";
                 */

                echo "<script>window.open('remove_question.php','_self')</script>";

                echo '

<div align = "center" style = "margin-top:10px;" class = "alert alert-success">deleted...</div>

';
            } else {

                echo "deletion field";
            }

        }

    }
Improve this question
2
  • 1
    WHERE qid = '" . $delete_id. "' Commented Aug 29, 2016 at 9:58
  • This has a whopping great SQL injection vulnerability in it - do not use this code! Commented Aug 30, 2016 at 10:15

3 Answers 3

Reset to default
1

Just write your delete query outside of if block like below.

include ("db_conection.php");

if (isset ( $_GET ['view'] )) {
    $view_id = $_GET ['view'];

    $query_run = null;

    $query1 = "SELECT * FROM question where testid ='" . $view_id . "'";
    $run = mysqli_query ( $conn, $query1 ); // here run the sql query.
    while ( $row = mysqli_fetch_array ( $run ) )
    {
        echo ' <tr>  <td>' . $row ['qid'] . '</td>  <td>' . $row 'testid'] . '</td>  <td>' . $row ['questions'] . '</td>  <td>  <a href="remove_question.php?del=' . $row ['qid'] . '" class = "btn btn-danger btn-block">Delete</a>  </td>  </tr>    ';
    }
}
if (isset ( $_GET ['del'] )) {
    $delete_id = $_GET ['del'];
    $delete_query = "Delete  from question WHERE qid='".$delete_id."'"; // delete
                                                                    // query

    // $run=mysqli_query($conn,$delete_query);
    $run = $conn->query ( $delete_query );
    if ($run) {
        // bootstrap class to open in the same window
        /*
         * echo "<script>window.open('Admin Delete
         * member.php','_self')</script>";
         */

        echo "<script>window.open('remove_question.php','_self')</script>";

        echo '<div align = "center" style = "margin-top:10px;" class = "alert alert-success">deleted...</div>';
    } else {
        echo "deletion field";
    }

}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thank you so much.. it works fine and perfect.. i have spend my whole day resolving this..
1 
 $delete_query = "Delete  from question WHERE qid='".$delete_id."'";
Improve this answer

1 Comment

i have tried " '.$delete_id." '... but that your method " '.$delete_id." ' syntax is not correct
1

The Method to get the ID should be $_REQUEST

 <a href="remove_question.php?del=' . $row ['qid'] . '" class = "btn btn-danger btn-block">Delete</a>

Change the delete Query code like this since you are passing it in the URL based on $_REQUEST.

<?php
if (isset ( $_REQUEST ['del'] )) {
            $delete_id = $_REQUEST ['del'];
            $delete_query = "Delete  from question WHERE qid='".$delete_id."'"; // delete
            // $run=mysqli_query($conn,$delete_query);
            $run = $conn->query ( $delete_query );
            if ($run) {
                echo "<script>window.open('remove_question.php','_self')</script>";
                echo '
<div align = "center" style = "margin-top:10px;" class = "alert alert-success">deleted...</div>
';
            } else {
                echo "deletion field";
            }
        }
?>
Improve this answer

1 Comment

Put echo and exit the query after that. and check whether delete_id is passing

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.