Hi All,
I'm currently working in Chapter 10 with the delete user script.
I have followed the code in the book as itis but when I click "delete" from the view users page I keep getting "this page has been accessed in error".
The only difference that I can see in my code and the book's is that my script is called "delete.php" and the book's is "delete.php". I have changed the name in the script to be correct. Also in the book the DB is named "users" but mine is called "user". The DB connection works fine as I can see my list of registered users.
When I land on the delete a user page I can see my header and the <h2> tag "Delete a user" and my footer but no form to actually delete the user.
My code is below. I'm probably doing something really stupid but any help would be great.
thanks,
Tony.
<?php # Script 10.2 - delete.php
$page_title = 'Delete a User';
include ('_include/header.php');
echo '<h2>Delete a User</h2>';
// Check for a valid user ID, through GET or POST:
if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
$id = $_POST['id'];
} else { // No valid ID, kill the script.
echo '<p class="error">This page has been accessed in error.</p>';
include ('_include/footer.php');
exit();
}
require_once ('../../mysqli_connect.php');
// Check if the form has been submitted:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($_POST['sure'] == 'Yes') { // Delete the record.
// Make the query:
$q = "DELETE FROM user WHERE user_id=$id LIMIT 1";
$r = @mysqli_query ($dbc, $q);
if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
// Print a message:
echo '<p>The user has been deleted.</p>';
} else { // If the query did not run OK.
echo '<p class="error">The user could not be deleted due to a system error.</p>'; // Public message.
echo '<p>' . mysqli_error($dbc) . '<br />Query: ' . $q . '</p>'; // Debugging message.
}
} else { // No confirmation of deletion.
echo '<p>The user has NOT been deleted.</p>';
}
} else { // Show the form.
// Retrieve the user's information:
$q = "SELECT CONCAT(last_name, ', ', first_name) FROM users WHERE user_id=$id";
$r = @mysqli_query ($dbc, $q);
if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form.
// Get the user's information:
$row = mysqli_fetch_array ($r, MYSQLI_NUM);
// Display the record being deleted:
echo "<h3>Name: $row[0]</h3>
Are you sure you want to delete this user?";
// Create the form:
echo '<form action="delete.php" method="post">
<input type="radio" name="sure" value="Yes" /> Yes
<input type="radio" name="sure" value="No" checked="checked" /> No
<input type="submit" name="submit" value="Submit" />
<input type="hidden" name="id" value="' . $id . '" />
</form>';
} else { // Not a valid user ID.
echo '<p class="error">This page has been accessed in error.</p>';
}
} // End of the main submission conditional.
mysqli_close($dbc);
include ('_include/footer.php');
?>