1

I have 3 files.

1st one : 

<html>
<form action="employeeDel.php" method ="post">
Enter Ssn To Delete Employee:<br>
<input type="number" name="ssnDel">
<br>
<br>
<input type="submit" value="Submit">
</form>
</html>

This form sends data to employeeDel.php.

employeeDel.php :

<html>
<form action ="employeeDelFinal.php" method="post">
<input type="hidden" name="ssn" value="ssnDel">

<?php
$ssnDel = $_POST ["ssnDel"];
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "company";
$conn = mysqli_connect ( $servername, $username, $password, $dbname );
// Check connection
if (! $conn) {
    die ( "Connection failed: " . mysqli_connect_error () );
}
$sql = "SELECT * from employee WHERE ssn=".$ssnDel;

<input type="submit" name="Delete?">
</form>
</html>

From here, when user clicks on submit button, I want html form to send ssnDel value to employeeDelFinal.php file.

employeeDelFinal.php :

<?php
$ssnDel = $_POST ["ssn"];
echo ssnDel;
?>

That value never reaches here. I got an error on employeeDel.php file, it says value of ssnDel is null. I guess in the beginning of form in employeeDel file, I create ssnDel again, so it becomes null. Is there a way to send a data from html form to employeeDel.php, from employeeDel.php to employeeDelFinal.php by using form? I tried hidden text but it didn't solve my problem as seen.

Improve this question
1
  • As a side note now that you have an answer, you should consider improving the code and using parameterized queries. The code above, even using mysqli_ functions, is subject to SQL injection Commented Mar 30, 2015 at 17:40

2 Answers 2

Reset to default
1

The line

<input type="hidden" name="ssn" value="ssnDel">

should be something like

<input type="hidden" name="ssn" value="<?php echo(intval($_POST['ssnDel'])); ?>">

(Assuming that ssnDel is an ID-Number.) Otherwise that hidden variable will have the string-value ssnDel, not the value of the variable $_POST['ssnDel'].
And as already mentioned, echo ssnDel; should be echo $ssnDel; and you should use less spaces (e.g. no spaces after $_POST or function names).

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

That solved my problem. But can't we just write <?php echo($_POST['ssnDel']); ?> ? What does intval do?
intval() converts your string into an integer. If you don't do that, someone might put something else than an integer into your $_POST-variable (e.g. JavaScript-code), which will then be added to the source code of your website, which can lead to dangerous situations. It is good practice to never trust user input and to always sanitize it before using it anyhow.
1

There are couple of things I noticed. You have 

employeeDelFinal.php :

<?php
$ssnDel = $_POST ["ssn"];
echo ssnDel;
?>

You don't have a dollar sign in your echo statement ssnDel.

And why do you have spaces in between $_POST ["ssnDel"] make it 

$_POST["ssnDel"]
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.