Deleting a single record by id

Question

random_1 15 Light Poster

7 Years Ago

I have a list.php which displays all the records that is in the database with 2 options Edit or Delete. When clicked its suppose to delete by id but instead it deleted everything. I'm not sure where i went wrong, please help.

list.php

<?php

include "db.php";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    $stmt = $conn->prepare("SELECT * FROM myguestbook");
    $stmt->execute();

    $result = $stmt->fetchAll(); //fetchAll() function will grab the query result and store it in an associative array $result. grab more than one record.

    }
catch(PDOException $e)
    {
    echo "Error: " . $e->getMessage();
    }

$conn = null;
?>
<!DOCTYPE html>
<html>
<head>
  <title>My Guestbook</title>
</head>
<body>
<ol>
<?php
foreach($result as $row) {
  echo "<li>";
  echo "Name : ".$row["user"]."<br>";
  echo "Email : ".$row["email"]."<br>";
  echo "Date : ".$row["postdate"]."<br>";
  echo "Time : ".$row["posttime"]."<br>";
  echo "Comments : ".$row["comment"]."<br>";
  echo "Action : <a href=edit.php?id=".$row["id"].">Edit</a> / <a href=delete.php?id=".$row["id"].">Delete</a>";
  echo "</li>";
  echo "<hr>";
}
?>
</ol>

</body>
</html>

delete.php

<?php

if (isset($_GET['id'])) {

  include "db.php";

  try {
      $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
      $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

      $stmt = $conn->prepare("DELETE FROM myguestbook WHERE id = :record_id");
      $stmt->bindParam(':record_id', $id, PDO::PARAM_INT);
      $id = $_GET['id'];

      $stmt->execute();

      header("Location:list.php");
      }

    catch(PDOException $e)
    {
        echo "Error: " . $e->getMessage();
    }

    $conn = null;
  }
else {
  echo "Error: You have execute a wrong PHP. Please contact the web administrator.";
  die();
}

?>

mysql php

5 Contributors
5 Replies
347 Views
1 Week Discussion Span
Latest Post 7 Years Ago Latest Post by benanamen

cereal 1,524 Nearly a Senior Poster

7 Years Ago

The code seems to be okay, are you sure opcache is disabled? If you are using PHP 7.0 then it's enabled by default, so if you ran the delete.php script and this was cached by the engine, then even after changing the code you still hit the cached version, until expiration, so while developing you can get an unexpected result. If this is the case you should disable it.

Run:

print var_dump(opcache_get_status());
die;

To see the current status, it does not matter from which script you run it, if enabled, it will return the list of cached scripts

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

random_1 15 Light Poster · Answer 1 · 2017-10-26T04:04:21+00:00

Actually, sorry all my fault. I didnt check my table structure properly. i forgot to auto_increment the id attribute. so all the records were getting id of 0. rookie move. sorry. thanks anyway.

pty 882 Posting Pro · Answer 2 · 2017-10-26T08:07:16+00:00

Also make the id field a primary key (or at least unique) to prevent this from happening at the application level.

peter_62 0 Newbie Poster · Answer 3 · 2017-10-28T14:57:28+00:00

peter_62 0 Newbie Poster

7 Years Ago

Thanks for sharing this information

benanamen 69 Light Poster · Answer 4 · 2017-11-08T03:20:06+00:00

You do realize that anyone can delete your entire database as written right?