Hi i want to add a delete button to the following script, to delete rows from the database, ive tried a few things, but no joy can anyone point me in the right direction. I want the button to be below this line Thanks for any help in advance, im only just getting to grips with php unfortunatly. <?php require 'db.php'; if ( isset($_GET['p']) && is_numeric($_GET['p']) ) { $page = $_GET['p']; } else { $page = 1; } $limit = 12; $start = ( $page * $limit ) - $limit; $fetch = mysql_query("SELECT * FROM profiles ORDER BY id DESC LIMIT $start, $limit") or die(mysql_error()); $numRows = mysql_num_rows($fetch); while ( $row = mysql_fetch_assoc($fetch) ) { $items[] = $row; } $maxRow = 1; $totalRows = ceil ( $numRows / $maxRow ); $fetch = mysql_query("SELECT id FROM profiles"); $totalPages = ceil(mysql_num_rows($fetch) / $limit); $itemCount=0; $percent = ceil ( 100 / $maxRow ); echo ''; for ( $a=1; $a<=$totalRows; $a++ ) { ?> <? $start = ( $a * 1 ) - 1; for ( $i=$start; $i<$start+1; $i++ ) { ?> <? if ( $items[$i] != NULL ) { ?> <div class="left_articles"> <table width="100%" border="0" cellspacing="2" cellpadding="2"><tr><td width="20%"> <img src="<?=$items[$i]['displayPhoto'];?>" width="60" height="60" alt="Image" title="Image" class="image" /> </td> <td width="60%"> <strong>Name:</strong> <?=strip_tags($items[$i]['displayName']);?><br /> <strong>Age:</strong> <?=strip_tags($items[$i]['displayAge']);?><br /> <strong>Gender:</strong> <?=strip_tags($items[$i]['displayGender']);?><br /> <strong>Country:</strong> <?=strip_tags($items[$i]['displayCountry']);?><br /> </td> <td width="20%"> <b><a href="<? echo ("$url"); ?>index.php?app=profile-train&action=view&id=<?=$items[$i]['id'];?>" target="_blank">View Profile</a><br /> <a href="http://collect.myspace.com/index.cfm?fuseaction=invite.addfriend_verify&friendID=<?=strip_tags($items[$i]['displayID']);?>" target="_blank">Add To Friends</a></b> <strong>Profile views:</strong> <?=strip_tags($items[$i]['totalViews']);?> <br /> </td> </tr></table></div> <? } ?> <? } ?> <? } echo ''; if($page - 30==0){ echo "<br>"; } if ( $page > 1 ) { $prev = ( $page - 1 ); $links .= '<strong><a href="index.php?app=profile-train&p='.$prev.'"><<Prev</a> </strong>'; } for ( $i = 1; $i <= $totalPages; $i++ ) { if ( $page == $i ) { $links .= '<strong>['.$i.']</strong> '; } else { $links .= '<a href="index.php?app=profile-train&p='.$i.'">'.$i.'</a> '; } if($i%30==0){ $links .= "<br>"; } } if( $page < $totalPages ) { $next = $page + 1; $links .= '<strong><a href="index.php?app=profile-train&p='.$next.'">Next>></a></strong>'; } $links = '<table><strong>Total Pages ('.$totalPages.')</strong></table> <table>'.$links.'</table><br clear="all" />'; ?> <div class="left_articles"><div align="center"><?=$links;?></div></div> PHP:
After scouring the web, i figure i have to make a seperate file called delete.php with the following code <?php $con = mysql_connect("localhost","test","test"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("my_db", $con); mysql_query("DELETE FROM profiles WHERE id='i dont no what to put here'"); mysql_close($con); ?> PHP: Im just unsure what to put in WHERE id= Also how would my delete button link? would it be something like delete.php?id=<?=$row->id;?> Code (markup): Sorry to be a pain in the butt, im just getting to grips with things.
OK I don't have much time but : <?php$con = mysql_connect("localhost","test","test");if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("my_db", $con); // why don't you try to do this with one file called mysql_connect.php and include it every time like include 'mysql_connect.php'; $id=$_GET["id"]; mysql_query("DELETE FROM profiles WHERE id='$id' "); ?> // and the other link would be : delete.php?id=<?php echo $row["id"]; ?> PHP: asuming that you have the id selected
This should do it: Delete link: <a href="delete.php?id=<?php echo $row->id; ?>">Delete</a> Delete.php: // Connect to MySQL and select the DB here, Then... if (isset ($_GET['id']) && !empty ($_GET['id'])) { mysql_query ('delete from tablename where id='.intval ($_GET['id']).' limit 1'); header ('Location: http://www.yoursite.com/backtoYourOriginalScript.php?deleted=true'); } else { header ('Location: http://www.yoursite.com/backtoYourOriginalScript.php?deleted=false'); } exit; PHP:
Thanks for your help guys, i got it I made a link <a href="index.php?app=admin&action=delete_profile&id=<?=$items[$i]['id'];?>">Delete Profile</a> Code (markup): And made a delete file <?php require 'db.php'; $id = $_GET['id']; $ok = @mysql_query("DELETE FROM profiles WHERE ID='$id'"); if ($ok) { echo("Profile Deleted"); } else { echo('<p>Error deleting profile from database!<br />'. 'Error: ' . mysql_error() . '</p>'); } ?> Code (markup): Now all i have to do is secure the system
I'm assuming ID is an int, therefore your SQL is open to injection. use a intval() call on the id before putting it in the SQL statement. Ints also do not need the single quotes around them in the statement. Also you should always tag on a "limit 1" clause. If something goes wrong you only lose one record instead of wiping out the entire table. $id = intval ($_GET['id']); mysql_query("delete from profiles where ID=$id limit 1");