PHP: Confirm Box before deleting

Question

I want to add a button on my website, where a User can delete his Account. Unfortunately I don't know how to realize it... my Code so far: Javascript:

 <script language = "JavaScript" >

        function delete(id) {
            if (confirm("Do your really want to delete your account?"))
            {
                header("refresh:1;url=intern.php?act=account"); 
            }
            else
            {
            }
        }

</script>

my .html file:(there are no tags like html title head... it begins with ?php..)

<td></form><input type='submit' name='deleteuser' value='Delete Account' onClick='return delete()'/></form></td>

Also i have an if clause in the .html file:

if(isset($_POST['deleteuser']))  {

    if(delete() == true){
    delete_user;
    }
    else{
    header("refresh:1;url=intern.php?act=account");
    }

}

The Button is there and when I click on it, it asks me if I'm sure to delete my account, but afterwards I got an error: "Fatal Error:Call to undefined function delete() "

I have a stored procedure named: sp_deleteAccount. In my config.php I declared it as:

$SQL_delete_user = "CALL sp_deleteAccount('";

Now I don't know how to bind that stored procedure in the code so that the Account will be deleted after pressing "Yes I want to delete my Account".

Hope I didn't miss anything and someone can help me JOP

Answer 1

In this portion you're calling a php redirect(i think?) in javascript without php open tag so that's not going to work. Instead you can use a javascript reditrect if the 'if' statement returns true(yes) then redirect to a url with a get variable of delete or something, see below.

edit -- you'll probably want the id as well so i made adjustments. PLus in the onclick in the form you'll need to pass the id, unless it's stored in a session variable or something, in which case you don't need to pass it into the url. your sql should end with "WHERE id=" then just tack the id onto the query. This is just a simple example to get you started, always be cautious of sql injection, but i'll leave preventing it up to you.

 <script language = "JavaScript" >

    function deleteUser(id) {
        if (confirm("Do your really want to delete your account?"))
        {
            window.location.href= 'intern.php?delete=true&id='+id; 
        }
        else
        {
           window.location.href = 'intern.php?act=account'; 
        }
    }

</script>

next in intern.php check for the get variable

if(isset($_GET['delete']))  {

    $mysqli = new mysqli(connection variables here);
    $mysqli->query($SQL_delete_user.(int)$_GET['id']);

}

give that a try, rearrange the code as you like but that should get it done. as for the error, you can't use the keyword delete for a function name. One last thing, for this to work make the input type "button"

Answer 2

I am not sure there might be a way to achieve it using the approach you are trying , but I am not aware of it. For this I would typically use an ajax call to an url, on the click event of the OK button in the jquery-ui Dialog. And then process the logic and on success create another dialog for confirmation.

Answer 3

I searched and struggled with this issue until I did a little lateral thinking.

I used JavaScript to show a hidden div containing the Yes/No options.

Then an onClick around the Yes option which loaded the php script into a hidden iFrame.

The onClick around the No option simply hid the div and did nothing else.

A bonus is being able to style the div any way I wanted, show and hide it with an effect and place it exactly where it looked best.