2

I've got a delete.php file with yes/no buttons that call deleteRecord.php to delete the selected row from the database.

The problem seems to be that I'm not passing the variable for the ProjectID through to the deleteRecord file.

Can someone please tell me what's wrong?

delete.php

<?php 
error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true);
require('includes/conn.inc.php');
require('includes/functions.inc.php');
$sProjectID = safeInt($_GET['ProjectID']);
$stmt = $mysqli->prepare("SELECT ProjectID, ProjectName, ProjectImage, LanguageUsed, ApplicationUsed, Description FROM Projects WHERE ProjectID = ?");
$stmt->bind_param('i', $sProjectID);
$stmt->execute(); 
$stmt->bind_result($ProjectID, $ProjectName, $ProjectImage, $LanguageUsed, $ApplicationUsed, $Description);
$stmt->fetch();
$stmt->close();
?>
<!DOCTYPE HTML>
<input name="ProjectID" type="hidden" value="<?php echo
$ProjectID; ?>">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Delete <?php echo $ProjectName; ?></title>
<link href="styles/cms.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="container">
<header>
<h1>Delete <?php echo $ProjectName; ?></h1>
<?php
require('includes/nav.inc.php');
?><p>Hello </p><?php echo "$sProjectID" ?>
</header>

<form name="form1" method="get" action="process/deleteRecord.php">
<p>Are you sure you wish to delete <?php echo $ProjectName; ?>?</p>
   <p>
    <input type="submit" name="del" id="del" value="Delete">
  </p>
    </form>

<form name="form2" method="" action="listall.php" id="saveForm">
    <input type="submit" name="save" id="save" value="Save">
</form>

<?php
require('includes/footer.inc.php');
?>

</div>
    </body>
    </html>

deleteRecord.php

<?php
error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true);
require('../includes/conn.inc.php');
require('../includes/functions.inc.php');
// sanitize user variables
$sProjectID = safeInt($_POST['ProjectID']);
// prepare SQL
$stmt = $mysqli->prepare("DELETE FROM Projects WHERE ProjectID = ?");
$stmt->bind_param('i', $sProjectID);
$stmt->execute();
$stmt->close();
//header("Location: ../index.php");
// redirect browser
exit;
// make sure no other code executed
?>
Improve this question
1
  • 1
    nit-picking: There is no Mysqli database. mysqli is just one of the php-apis to interact with a MySQL server. Commented Jan 28, 2016 at 12:54

2 Answers 2

Reset to default
5

You need to write the hidden field inside your form and change your method to POST.

<form name="form1" method="post" action="process/deleteRecord.php">
    <p>Are you sure you wish to delete <?php echo $ProjectName; ?>?</p>
    <p>
        <input name="ProjectID" type="hidden" value="<?php echo
$ProjectID;
?>">
        <input type="submit" name="del" id="del" value="Delete">
    </p>
</form>

As per @VolkerK comment below, put the input element "within" the form element instead of the one before the <html> tag.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Just for clarification: Put the input element "within" the form element instead of the one before the <html> tag.
Thank you for this. Worked a treat.
0

This uses the GET method for doing the same:

Change in delete.php:

<form name="form1" method="get" action="process/deleteRecord.php?ProjectID=<?= $ProjectID ?>">
    <p>Are you sure you wish to delete <?php echo $ProjectName; ?>?</p>
    <p>
        <input type="submit" name="del" id="del" value="Delete">
    </p>
</form>

Change in deleteRecord.php:

$sProjectID = safeInt($_GET['ProjectID']);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.