I
I
Iossarian2018-10-22 22:26:24
PHP
Iossarian, 2018-10-22 22:26:24

How to set up a button to delete a record from the database?

Essence of a question: it is necessary to drink the button for removal of record from a DB. We have the form:

<form class="lot-item__form" action="../lot.php?id=<?=$id;?>" method="post">
            <?php $classname = isset($error['com']) ? "--invalid" : "";?>
          <p class="lot-item__form-item <?=$classname;?>">
            <label for="com">Ваш комментарий</label>
              <textarea name="com" id="com" cols="33" rows="8"></textarea>
              <button type="submit" class="button">Комментировать</button>
              <button type="submit" name="del" class="button">Удалить пост</button>
          </p>
        </form>

This is a form for submitting comments to a blog post. In the same form, I screwed the button for deleting a record from the database. The settings will allow only the author to delete the post, but how to correctly implement the logic? Tried like this:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

if (isset($_POST['del'])) {
    $sql = 'DELETE * FROM post WHERE id = "' .$id. '";';
    $res = mysqli_query ($con, $sql);
    }
}

Tell me, what are the mistakes and how to do it right? Thank you.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
P
ponaehal, 2018-10-23
@ponaehal

I'm not strong in PHP, but suddenly I thought that it would be no ice if some well-wisher gives you a string like this: 1235" + "or 1=1" + "as an id. IMHO, it would be necessary to patch it somehow ...

S
shushpanio, 2018-10-23
@shushpanio

It's a bad idea to delete something completely.
Perhaps it makes more sense to make the article inactive? THOSE. by pressing a button in some table of the
ID_article format | Active
for the article will be set to, for example, 0 and the article will no longer be displayed in the feed, but it will be saved in the database and in which case it can always be restored

I
Iossarian, 2018-10-23
@Iossarian

The problem was in foreign keys. The comment referenced an entry and therefore the entry could not be deleted without setting a foreign key when deleting CASCADE

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question