PHP Mysql - Delete button keeps on deleting latest row

Question

When i run into a glitch, I always find find the answer on StackOverflow, but this time, although I'm sure the fix is easy, I just can't seem to get it right !

Basically, i'm trying to add a "delete" button next to each row fetched from my mysql database. The users should be able to delete a specific post, if needed.

When i hit the delete button, it's always the latest row that gets deleted. So i guess there's something wrong with the value passed in each row : seems like they're overridden by the latest one.

Below's my code:

<?php  
$table = query("SELECT post, postid FROM post_list WHERE id = ? ORDER BY 
time DESC LIMIT 15", $_SESSION["id"]);
foreach ($table as $row) 
{ 
      $post = $row["post"];
      $postid = $row["postid"];  
      echo ("<table>");
      echo ("<tr>");
      echo("<td>" . $post . "</td>");
      echo("</td>")?>            
      <div id="posteraser">
       <form action='' method='post'>
          <input type='hidden' name='postid' value='<?php echo $postid?>'>
          <input type='submit' name='posteraser'>Delete</input>
       </form>
      </div>       
     <?php 
     echo ("</td>");
     echo ("</tr>");
     echo ("</table>");
     echo '<hr>';
}  
?>

And below on the same page, there's the delete button code:

<?php
if(isset($_POST['posteraser']))
{
    $sql = query("DELETE FROM post_list WHERE postid = '$postid' ");       
    redirect ('home.php');
}
?>

Any help/tips will be much appreciated ! Thanks a lot !

Answer 1

You have to pass here the $_POST['postid']

if(isset($_POST['posteraser'])){
   $postid = $_POST['postid'];
   $sql = query("DELETE FROM post_list WHERE postid = '$postid' ");       
   redirect ('home.php');
}

OR as procedure way

$sql = query("DELETE FROM post_list WHERE postid = ? ",$postid);  

Answer 2

A developer should always be aware of the HTML code they create with their PHP code.
It's essential thing.

As a matter of fact, HTML code is the very result of our efforts. NOT nice picture on can see in the browser windows - it's browser's job - but the very HTML code.

So, if you bother to see into generated code, you would discover something that can be boiled down to

<input type='hidden' name='postid' value='1'>
<input type='hidden' name='postid' value='3'>
<input type='hidden' name='postid' value='4'>
<input type='hidden' name='postid' value='5'>
<input type='hidden' name='postid' value='9'>

Do you have any questions why you have only last value?

Speaking of solutions, you have two choices

• create a separate form for the every row

• mark the very Delete button with id.

   <input type='submit' name='posteraser[<?php echo $postid?>]'>Delete</input> 

  for example

Answer 3

let's check the logic from select statement. you are selecting postid and assigning it to a hidden element and when you press delete button that hidden id is sent to server. so form creating under for loop is

<div id="posteraser">
<form action='' method='post'>
  <input type='hidden' name='postid' value='<?php echo $postid?>'>
  <input type='submit' name='posteraser'>Delete</input>
</form>
</div>

but hidden element is creating with same name for each row. so when you press delete button . first hidden id is sent to server. and this hidden id is already newest as from your select statement.

so what's the solution for it.. either you should sent postid through get attaching it in your url so that you can identify which delete button is pressed. or create a logic to send only that id on which delete is pressed.

Answer 4

This looks wrong:

echo ("<tr>");
echo("<td>" . $post . "</td>");
echo("</td>")?>     

The trailing </td> shouldn't be there. Something else perhaps?

Also, you don't show how postid gets into $_SESSION['id']