$html="";
$sql="SELECT * FROM tiger;";
$rs=mysql_query($sql);
while($row=mysql_fetch_array($rs)){

    $html.=
            '<tr><td align="left"><img src="'.$row['image'].'" width="200" height="150" /></td>
                <td align="center" style="font:bold">'.$row['name'].' </td>
            <td align="center"><input type="submit" name="Submit" value="Delete" />
            <input name="id" type="hidden" value="'.$row['id'].'" /> </td>

            </tr>'
            ;
    }
if($_REQUEST['Submit']){

$sql1="delete image from tiger where id='".$_REQUEST['id']."'";
$query=mysql_query($sql1);
}

Now this $html is echoed afterwards. so in output im getting 1st rhe image, then d name of the image and then a button. now what i want is wen i click the delete button the respective row is deleted from database. which is not happening in the above code as it is unable to fetch the respective id. so pleaser help how can i do that?

Comments

Please revisit your previous questions and mark accepted answers by clicking the green tick where appropriate. This will bump up your accept rate and you'll get better responses to your questions.

Written by BoltClock

How about accepting some answers now and then?

Written by codaddict

Accepted Answer

Did you add a form element to this table? I replaced $_REQUEST by $_POST, try to avoid using $_GET. A malicious user who knows your delete URL could trick you to click a link (e.g. tinyurl), which opens another set of links: the page deleting all your records. Try this:

$html="";
$sql="SELECT * FROM tiger;";
$rs=mysql_query($sql);
if(!$rs){
    echo 'Query failed...';
    // and log the error, mysql_error()
}
while($row=mysql_fetch_array($rs)){

    $html .=
            '<tr><td align="left"><img src="'.urlencode($row['image']).'" width="200" height="150" /></td>
                <td align="center" style="font:bold">'.htmlentities($row['name']).' </td>
            <td align="center"><form action="" method="post"><input type="submit" name="Submit" value="Delete" />
            <input name="id" type="hidden" value="'.$row['id'].'" /></form> </td>

            </tr>'
            ;
    }
if($_POST['Submit'] && isset($_POST['id']) && ctype_digit($_POST['id'])){

$sql1="delete image from tiger where id='".$_POST['id']."'";
$query=mysql_query($sql1);
if(!$query){
   echo 'Error....';
   //and log mysql_error() somewhere
}
else{
   echo 'Deletion succesful';
}
Written by Lekensteyn
This page was build to provide you fast access to the question and the direct accepted answer.
The content is written by members of the stackoverflow.com community.
It is licensed under cc-wiki