2

im trying to make a delete user page but I cannot figure out why I am getting this error.

Undefined index: bil in C:\wamp\www\FORM\deleteadmin.php on line 4

Undefined index: adminID in C:\wamp\www\FORM\deleteadmin.php on line 5

which is line 4 and 5 looks like this,

$bil = $_POST['bil'];
$adminID = $_POST['adminID'];

the full code are new.php which links to the deleteadmin.php that contains the error.

new.php

echo "<form name='update $bil' method=post action=newuser.php>" ?>
    <tr>
        <td><center><?php echo $bil; ?></center></td>
        <td><?php echo $row['name']; ?></td>
        <td><?php echo $row['tel']; ?></td>
        <td><?php echo $row['email']; ?></td>
        <td><?php echo $row['username']; ?></td>
        <td><?php echo $row['password']; ?></td>
        <td><a href = "deleteadmin.php"><img src="img/deleteicon.png" align="center"></a></td>
        <input type=hidden value={$row['adminID']} name=adminID>
        <input type=hidden value=$bil name=bil>
    </tr>
<?php 
    echo "</form>";
}
?>

deleteadmin.php

<?php
include ('config.php');

$bil = $_POST['bil'];
$adminID = $_POST['adminID'];

$result = mysql_query("DELETE FROM `admin` WHERE `adminID`= '$adminID'") or die (mysql_error());

if($result)
{
?>
<script language="javascript">
alert("User No : <?php echo "$bil"; ?> DELETED");
location.href="new.php";
</script>

<?php
}
else
{
?>

<script language="javascript">
alert("User No : <?php echo "$bil"; ?> NOT DELETED");
location.href="new.php";
</script>
<?php
}
?>

What do I need to do to fix them? I've tried using ISSET but it doesnt work. I don't understand why this is happening, and I'd love to know how to make it go away.

Improve this question
5
  • 1. You should always surround values in HTML with quotes as a matter of good practice and it sometimes causing problems. 2. How are you submitting this form? I don't see a submit button. Commented Apr 1, 2014 at 6:15
  • action=newuser.php are you submitting to the right script? Commented Apr 1, 2014 at 6:16
  • @esqew no, 'action=newuser.php' is the create new user page Commented Apr 1, 2014 at 6:58
  • @jeff what I want to make is when I clicked the 'X' button, the user will be deleted instantly Commented Apr 1, 2014 at 6:59
  • Just have the X button fire an AJAX POST call to deleteadmin.php with data: { "bil" : "1", "adminID", "1" }. jQuery.post() makes this easy. Commented Apr 1, 2014 at 7:02

4 Answers 4

Reset to default
2

I see 2 problems here

First:

<a href = "deleteadmin.php"><img src="img/deleteicon.png" align="center"></a>

By clicking this you are only accessing the deleteadmin.php file. You are not passing any arguments.

Second:

$bil = $_POST['bil'];
$adminID = $_POST['adminID'];

You are not posting any data so the $_POST variable will be empty.

Solutions

Add query string in the url ?bil=".$bil."&adminID=".$adminID."

<a href = "deleteadmin.php?bil=".$bil."&adminID=".$adminID.""><img src="img/deleteicon.png" align="center"></a>

Pass get Values then process in the deleteadmin.php Instead of using $_POST use $_GET.

$bil = $_GET['bil'];
$adminID = $_GET['adminID'];

$_GET[] is used to get the values which are encoded in the query string in the URL.

Then you don't need to have a form for you to delete a user. Just access the deleteadmin.php file passing $_GET values in the url.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Also in the query "DELETE FROM admin WHERE adminID= '$adminID'" This is not safe. To make it more secure always clean user input. In this case md5 encryption is more than enough "DELETE FROM admin WHERE md5(adminID)= '".md5($adminID)."'" This helps clean user input. It encrypts the user input so that any unwanted characters will not cause any error or sql injection.
i did what you suggest, but it still shows error on line 5.
Check the variables in the link.. They should have exactly the same variable. if you put adminID in the url, in the php you should use $_GET['adminID'] too.
2

this is very easy to fix.

try to do not use hidden and replace your href like this in your new.php:

    <td><a href = "deleteadmin.php?adminID={$adminID}&bil={$bil}"><img src="img/deleteicon.png" align="center"></a></td>

actually you can replace $_POST to become $_REQUEST because $_REQUEST represent $_POST and $_GET

hope this can help you to fix your problem.

Improve this answer

Comments

2

I don't think what you are doing is right.. Because, when you click the <a> link this will going to give you undefined index errors. So you should pass the parameters as a querystring to your <a> .. that is because the <form> action points to newuser.php

You need to append the parameters , adminID and bil to this link like this..

<td><a href = "deleteadmin.php?adminID=<?php echo $row['adminID']; ?>&bil=<?php echo $bil; ?>"><img src="img/deleteicon.png" align="center"></a></td>

and on your deleteadmin.php , you need to change from

$bil = $_POST['bil'];
$adminID = $_POST['adminID'];

to

$bil = $_GET['bil'];
$adminID = $_GET['adminID'];

This(mysql_*) extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. Switching to PreparedStatements is even more better to ward off SQL Injection attacks !

Improve this answer

Comments

0

change code in new.php to:

echo "<form name='update $bil' method=post action=newuser.php>
    <tr>
        <td><center><?php echo $bil; ?></center></td>
        <td><?php echo $row['name']; ?></td>
        <td><?php echo $row['tel']; ?></td>
        <td><?php echo $row['email']; ?></td>
        <td><?php echo $row['username']; ?></td>
        <td><?php echo $row['password']; ?></td>
        <td><a href = 'deleteadmin.php'><img src='img/deleteicon.png' align='center'></a></td>
        <input type='hidden' value=$row['adminID'] name='adminID'>
        <input type=hidden value='$bil' name='bil'>
    </tr>
</form>";

try this.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.