I working on a project for college, so it does not need to be majorly secure at the moment.
My knowledge of PHP is not the best and I am currently trying to push my self to understand more.
I have managed to get some of the CRUD functions working, like create and update, but my delete is causing me some headaches.
I want the logged in user to be able to delete a row from the database by clicking the delete button, but currently this only loads a blank white page, no errors, if I change the $_POST to $_GET, then the error shows undefined array key.
At this point i am honestly not sure what else to do, any advice or help would be greatly appreciated.
This is the main admin home page.
<?php require('components/header.inc.php'); ?>
<section class="container-md">
<div class="wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<div class="mt-5 mb-3 clearfix">
<h2 class="pull-left">Dashboard</h2>
<a href="create.php" class="btn btn-success pull-right"><i class="fa fa-plus"></i> Add New Course</a>
</div>
<table class="table table-bordered table-striped">
<thead>
<?php include './rename.php'; ?>
</table>
</div>
</div>
</div>
</div>
This one displays the database.
<?php include './components/connnlceducation.php';
echo "<thead>";
echo "<tr>";
echo "<th>Course Level</th>";
echo "<th>Course Name</th>";
echo "<th>Course Type</th>";
echo "<th>Start Date</th>";
echo "<th>View More</th>";
echo "</tr>";
echo "</thead>";
$sql = "SELECT * FROM courselist";
$result = $conn->query($sql);
while ($row = $result->fetch_assoc()) {
echo "<tbody>";
echo "<tr>";
if ($row['courseid']) {
echo '<form class="form-inline m-2" action="./update.php" method="POST">';
echo '<td><input type="text" class="form-control" name="courselevel" value="' .
$row['courselevel'] . '"></td>';
echo '<td><input type="text" class="form-control" name="coursename" value="' .
$row['coursename'] . '"></td>';
echo '<td><input type="text" class="form-control" name="coursetype" value="' .
$row['coursetype'] . '"></td>';
echo '<td><input type="text" class="form-control" name="startdate" value="' .
$row['startdate'] . '"></td>';
echo '<td><input type="text" class="form-control" name="viewmore" value="' .
$row['viewmore'] . '"></td>';
echo '<td><button type="submit" class="btn btn-primary">Save</button></td>';
echo '<td><a class="btn btn-danger" name="delete" href="./delete.php?id=' .
$row['courseid'] . '" role="button">Delete</a></td>';
echo '<input type="hidden" name="courseid" value="' . $row['courseid'] . '">';
echo '</form>';
}
echo "</tr>";
echo "</tbody>";
}
$conn->close();
?>
This is my update code, this works fine.
<?php
include './components/connnlceducation.php';
$id = $_POST['courseid'];
$courselevel = $_POST['courselevel'];
$coursename = $_POST['coursename'];
$coursetype = $_POST['coursetype'];
$startdate = $_POST['startdate'];
$viewmore = $_POST['viewmore'];
$sql = "UPDATE courselist SET courselevel='$courselevel',
coursename='$coursename',
coursetype='$coursetype',
startdate='$startdate',
viewmore='$viewmore'
WHERE courseid=$id";
$result = $conn->query($sql);
$conn->close();
header("location: ./adminhome.php");
?>
And this is the problem code.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include './components/connnlceducation.php';
if (isset($_POST['delete'])) {
$id = $_GET['delete'];
$sql = "DELETE FROM courselist WHERE courseid=$id";
$result = $conn->query($sql);
$conn->close();
header("location: ./adminhome.php");
}
>Solution :
Change the code as below:
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include './components/connnlceducation.php';
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "DELETE FROM courselist WHERE courseid=$id";
$result = $conn->query($sql);
$conn->close();
header("location: ./adminhome.php");
}