Im sure this has been posted a billion times, but ive followed steps on other threads and still no look. What im wanting to do is to be able to delete a record from a form that is echoed..get me?

Heres the steps:
- Post update news, insterts it into database
- Reloads page and fetches the update news
- Echoes it into a table and also echoes a delete button wrapped in a form tag
- When you press the delete button, it deletes that record only

Here is the code i have for echoing the update news:

$select_updates=mysql_query("SELECT * FROM resource ORDER BY id DESC");
	while($the=mysql_fetch_object($select_updates)){
	echo "	 <FORM action='delrec.php?id='. mysql_insert_id() .'' method='post' <table width='263' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#000000'>
	    <tr>
	      <th colspan='2' bgcolor='#990033' scope='col'>$the->linkname</th>
        </tr>
	    <tr>
	      <td width='65'>Info</td>
	      <td width='192'>$the->info</td>
        </tr>
	    <tr>
	      <td>link to site</td>
	      <td><a href=http://$the->link>$the->linkname</a></td>
        </tr>
	    <tr>
	      <td>ID: $the->id</td>
	      <td><input type='submit' name='delred' id='delred' value='Delete'></td>
        </tr>
</table></form><BR>";
	}

That works fine, it sends into to the delrec.php file.

Heres the delrec.php file:

<?php
session_start();
$plod=mysql_connect("localhost","razorsh1","********"); 
if (!$plod)
{
	die('Could not connect: ' . mysql_error());
}

$id = $_GET['id'];

$delete = "DELETE FROM resource WHERE id = '$id' ";
mysql_query($delete);

echo "Deleted...Redirecting";

mysql_close($plod);
?>
<head>
<meta http-equiv="refresh" content="1; URL=test.php">
</head>

Once its pressed, it is saying Deleted...Redirecting like it should if it had deleted the piece of news, but when it redirects to the page, that update news is still there and it hasnt been deleted.

Where am i going wrong? Id be really grateful

You didn't seleclect your db

mysql_select_db('yourDB', $plod) or die('db not found: ' . mysql_error());

IF you run the code you posted and look at the browser's source code (CTRL+U in Firefox an Chrome; View -> Source in IE) you should be seeing:

<FORM action='delrec.php?id='. mysql_insert_id() .'' method='post' <table...>

There are a few issues with this:
a. The [B]FORM[/B] tag is NOT closed! You need a [B]>[/B] BEFORE <table> b. It should be obvious that if your browser is receiving php code -ex mysql_insert_id() then you must not be escaping things properly while sending output. The correct way to formulate the beginning of that echo statement is:

echo "<FORM action='delrec.php?id=[B]"[/B]. mysql_insert_id() .[B]"[/B]' method='post'[B]>[/B]<table

c. Even after you have fixed the echo statement, based on what you posted:

- Post update news, insterts it into database
- Reloads page and fetches the update news

you should NOT be using mysql_insert_id() . That function will get you the last inserted id you would expect, but NOT if you have already reloaded the page after insertion.
You can call that function immediately after you insert the record, but as soon as the script that is doing the insertion stops executing, the db connection is closed and you cannot call mysql_insert_id() any more and expect to get the id of the last record you inserted. Thus by the time the page reloads the last inserted id will no longer be available to mysql_insert_id() Instead, what you need is to use the id you got from the SELECT statement:

echo "<FORM action='delrec.php?id=[B]"[/B]. [B]$the->id[/B] .[B]"[/B]' method='post'[B]>[/B]<table

On the delete page, change:

$id = $_GET['id'];

to:

$id = mysql_real_escape_string($_GET['id']);
commented: Thank You +3

Thank you, it works now :)

Glad to help!

PS: Don't forget to mark the thread as solved.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.