I working on a project for college, so it does not need to be majorly secure at the moment. My knowledge of PHP is not the best and I am currently trying to push my self to understand more.

I have managed to get some of the CRUD functions working, like create and update, but my delete is causing me some headaches.

I want the logged in user to be able to delete a row from the database by clicking the delete button, but currently this only loads a blank white page, no errors, if I change the $_POST to $_GET, then the error shows undefined array key.

At this point i am honestly not sure what else to do, any advice or help would be greatly appreciated. This is the main admin home page.

<?php require('components/header.inc.php'); ?>
<section >
<div >
    <div >
        <div >
            <div >
                <div >
                    <h2 >Dashboard</h2>
                    <a href="create.php" ><i ></i> Add New Course</a>
                </div>
                <table >
                    <thead>

                        <?php include './rename.php'; ?>

                </table>
            </div>
        </div>
    </div>
</div>

This one displays the database.

<?php include './components/connnlceducation.php';

 echo "<thead>";
 echo "<tr>";

 echo "<th>Course Level</th>";
 echo "<th>Course Name</th>";
 echo "<th>Course Type</th>";
 echo "<th>Start Date</th>";
 echo "<th>View More</th>";
 echo "</tr>";
 echo "</thead>";
 $sql = "SELECT * FROM courselist";
 $result = $conn->query($sql);
 while ($row = $result->fetch_assoc()) {

    echo "<tbody>";
    echo "<tr>";
    if ($row['courseid']) {
        echo '<form  action="./update.php" method="POST">';
        echo '<td><input type="text"  name="courselevel" value="' . 
        $row['courselevel'] . '"></td>';
        echo '<td><input type="text"  name="coursename" value="' . 
        $row['coursename'] . '"></td>';
        echo '<td><input type="text"  name="coursetype" value="' . 
        $row['coursetype'] . '"></td>';
        echo '<td><input type="text"  name="startdate" value="' . 
        $row['startdate'] . '"></td>';
        echo '<td><input type="text"  name="viewmore" value="' . 
        $row['viewmore'] . '"></td>';
        echo '<td><button type="submit" >Save</button></td>';
        echo '<td><a  name="delete" href="./delete.php?id=' . 
        $row['courseid'] . '" role="button">Delete</a></td>';
        echo '<input type="hidden" name="courseid" value="' . $row['courseid'] . '">';
        echo '</form>';
    } 
    echo "</tr>";
    echo "</tbody>";
}
$conn->close();
?>

This is my update code, this works fine.

<?php 
include './components/connnlceducation.php';

$id = $_POST['courseid'];
$courselevel = $_POST['courselevel'];
$coursename = $_POST['coursename'];
$coursetype = $_POST['coursetype'];
$startdate = $_POST['startdate'];
$viewmore = $_POST['viewmore'];
$sql = "UPDATE courselist SET courselevel='$courselevel', 
                                coursename='$coursename', 
                                coursetype='$coursetype', 
                                startdate='$startdate', 
                                viewmore='$viewmore' 
        WHERE courseid=$id";
$result = $conn->query($sql);
$conn->close();
header("location: ./adminhome.php");
?>

And this is the problem code.

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include './components/connnlceducation.php';

if (isset($_POST['delete'])) {
    $id = $_GET['delete'];

    $sql = "DELETE FROM courselist WHERE courseid=$id";
    $result = $conn->query($sql);
    $conn->close();
    header("location: ./adminhome.php");
}

CodePudding user response：

Change the code as below:

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include './components/connnlceducation.php';

if (isset($_GET['id'])) {
    $id = $_GET['id'];

    $sql = "DELETE FROM courselist WHERE courseid=$id";
    $result = $conn->query($sql);
    $conn->close();
    header("location: ./adminhome.php");
}