I currently have an upload button that saves all types of files to a mysql table. I have an exit button that I want to delete the currently uploaded files if clicked. NOTE: all files uploaded on current page has same referenceID so the query is as easy as saying delete all from table where id=id..
Here is the button:
<button type="submit" name="submit" value="exit" style="float:left;
class="buttonLW" href="https://BACK-LINK">exit
</button>
Here is the php delete query (suedo code):
if ($submitButton === "delete-new") {
$query15 ="DELETE * FROM table WHERE id='{$id}'";
}
my question, is the button aloud to use this sort of format? am I allowed to say if ($submitButton === "delete-new") without using a form?
How can I go about deleting the currently saved files with same id after clicking my exit button.
Upfront, the style
value isn't terminated, you're missing the closing quote "
.
If you get $submitButton
with
$submitButton = $_POST['submit'];
you can compare it that way, but the value will be exit
and not delete-new
. So you must rather say
if ($submitButton === 'exit') {
// ...
}
or change value="exit"
to value="delete-new"
.
Which leads to the next point, the delete statement. The delete
statement must look like
delete from mytable WHERE id = '$id'
But don't do it this way, because this is unsafe and invites all sorts of SQL injection. Better use prepared statments , eg
delete from mytable WHERE id = ?
and bind $id
when you execute the prepared statement.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.