I have created a table in mysql database and displayed the content of the table on html page. Now, I am trying to delete a row from the displayed table. However, I am facing the following error: Forbidden You don't have permission to access this resource.
Apache/2.4.51 (Win64) OpenSSL/1.1.1l PHP/8.0.12 Server at 172.16.5.63 Port 80
I would be grateful for your help My code
<?php
$servername="localhost";
$username="root";
$password="";
$dbname="entrydb";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['save']))
{
$patient_name = $_POST['name'];
$gender = $_POST['gender'];
$age = $_POST['age'];
$gene_name = $_POST['gene'];
$method = $_POST['method'];
$number_of_fragments = $_POST['fragments'];
$sql_query = "INSERT INTO entry_details(name, gender, age, gene, method, fragments) VALUES ('$name', '$gender', '$age', '$gene', '$method', '$fragments')";
if (!$conn->query($sql_query))
{
echo "Connection error";
}
}
// delete row
if (isset($_POST['delete_id']))
{
$delete_id = (int) $_POST['delete_id'];
$sql_del="DELETE FROM `entry_details` WHERE ID='$delete_id'";
$result_del=$link->query($sql_del);
if (!$result_del)
{
echo "Delete ERROR";
}
}
?>
// Display table
<?php
$sqlip = "SELECT * FROM entry_details";
$resultip = $conn->query($sqlip);
echo '
<table class= "input_table">
<th>ID</th>
<th>Name</th>
<th>Gender</th>
<th>Age</th>
<th>Gene</th>
<th>Method</th>
<th>Fragments</th>
<th>Edit</th>
</tr>';
if ($resultip->num_rows > 0)
{
while($rowip = $resultip->fetch_assoc())
{
echo '<tr>
<td>'.$rowip['ID'].' </td>
<td>'.$rowip['name'].' </td>
<td>'.$rowip['gender'].' </td>
<td>'.$rowip['age'].' </td>
<td>'.$rowip['gene'].' </td>
<td>'.$rowip['method'].' </td>
<td>'.$rowip['fragments'].' </td>
<td><a href=\"?delete_id={'.$rowip['ID'].'}\">Delete row</a></td>
</tr>';
}
}
echo '</table>';
?>
CodePudding user response:
First of all, try using mysqli real_escape_string() escapes special characters in a string for use in an SQL query
<?php
$servername="localhost";
$username="root";
$password="";
$dbname="entrydb";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['save']))
{
$patient_name = $_POST['name'];
$gender = $_POST['gender'];
$age = $_POST['age'];
$gene_name = $_POST['gene'];
$method = $_POST['method'];
$number_of_fragments = $_POST['fragments'];
$sql_query = "INSERT INTO entry_details(name, gender, age, gene, method, fragments) VALUES ('$name', '$gender', '$age', '$gene', '$method', '$fragments')";
if (!$conn->query($sql_query))
{
echo "Connection error";
}
}
// delete row
if (isset($_POST['delete_id']))
{
$delete_id = (int) $_POST['delete_id'];
$sql_del="DELETE FROM `entry_details` WHERE ID='$delete_id'";
$result_del=$link->query($sql_del);
if (!$result_del)
{
echo "Delete ERROR";
}
}
?>
// Display table
<?php
$sqlip = "SELECT * FROM entry_details";
$resultip = $conn->query($sqlip);
echo '
<table class= "input_table">
<th>ID</th>
<th>Name</th>
<th>Gender</th>
<th>Age</th>
<th>Gene</th>
<th>Method</th>
<th>Fragments</th>
<th>Edit</th>
</tr>';
if ($resultip->num_rows > 0)
{
while($rowip = $resultip->fetch_assoc())
{
echo '<tr>
<td>'.$rowip['ID'].' </td>
<td>'.$rowip['name'].' </td>
<td>'.$rowip['gender'].' </td>
<td>'.$rowip['age'].' </td>
<td>'.$rowip['gene'].' </td>
<td>'.$rowip['method'].' </td>
<td>'.$rowip['fragments'].' </td>
<td><a href="?delete_id='.$rowip['ID'].'">Delete row</a></td>
</tr>';
}
}
echo '</table>';
?>
CodePudding user response:
I suggest you to use bind_params() function instead of using variables in your SQL query directly. Because sometimes I faced with this kinds of errors too.
Search about u