I have made a form which collets data form user and sendes them to the database,I wanted to add an addtional option to delete records that user choose.Im having trouble doing that and I would be very thankful i you cound help me.I am new in PHP so sorry that maybe I have done some “stupid” mistakes
The error I get:Notice: Undefined index: name in /var/customers/webs/harlac17/med3/shopping/delete.php on line 27
Code list.php Here are the POST data sent to Database and than showed in Web
<!DOCTYPE html>
<html>
<head>
<title>Shoppinglist</title>
<meta charset="utf-8">
</head>
<body>
<header>
<h1>Shoppinglist</h1>
<a href="new.php">Neue Produkt anlegen</a>
</header>
<br>
<?php
error_reporting(0);
$database="****";
$username="****";
$password="****";
//Create a database connection with PDO(PHP Data Objects)
$connection=new PDO("mysql:host=localhost;dbname={$database}",$username,$password);
$name = $_POST['name'];
$description = $_POST['description'];
$image_url = $_POST['image_url'];
$count = $_POST['count'];
$sql = "INSERT INTO items(name,description,image_url,count) VALUES (?, ?, ?, ?)";
$statement=$connection->prepare($sql);
$statement->execute([$name, $description, $image_url, $count]);
$items=$connection->query("SELECT * FROM items");
while ($row = $items->fetch()) {
echo "<article>"." ".
"<button>"." ".
"<p>✖</p>"." ".
"</button>"." ".
"<h1>"." ".
$row['name']." ".
"</h1>"." ".
"<br>"." ".
"</p>"." ".
$row["description"]." ".
"</p>"." ".
"<br>"." ".
"<p>"." ".
"<img src='" . $row['image_url'] . "'>"." ".
"</p>"." ".
"<br>"." ".
"<p>"." ".
"Menge:" .$row['count']." ".
"</p>"." ".
"<br>"." ".
""." ".
"</article>"."".
"<a href='delete.php?id=". $row['name']. "'>DELETE</a>";
}
?>
</body>
Code delete.php
<?php
$database="";
$username="";
$password="";
//Create a database connection with PDO(PHP Data Objects)
$connection=new PDO("mysql:host=localhost;dbname={$database}",$username,$password);
$name = $_POST['name'];
$sql = "DELETE FROM items WHERE name='".$name."'";
$statement=$connection->prepare($sql);
$statement->execute();
?>
new.php Form with POST data
<!DOCTYPE html>
<html>
<head>
<title>Einkafsliste Formular</title>
</head>
<body>
<header>
<h1>        Produkte anlegen</h1>
</header>
<div class="form">
<form action="list.php" method="POST">
<label>Name:</label>
<br>
<input type="text" name="name" placeholder="Lebensmittelname" >
<br>
<label>Description:</label>
<br>
<input type="text" name="description" placeholder="Das ist..." >
<br>
<label>Bild URL:</label>
<br>
<input type="text" name="image_url" placeholder="Das URL von Lebensmittelbild" >
<br>
<label>Count:</label>
<br>
<input type="text" name="count" placeholder="Wie viel?" >
<br>
<input type="submit" name="submit" id="submit">
</form>
</div>
</body>
</html>
Advertisement
Answer
Firstly, don’t include your SQL passwords on Stack Overflow 😀
You will want to take a look at a couple of things here, note the try/catch (exceptions) usage, this is a good way of catching errors using PDO to show you where you are going wrong (read: https://www.php.net/manual/en/language.exceptions.php)
Also note how my sql string doesn’t have the variable directly entered. This is bad practice and can leave your application open to sql injection vulnerabilities. Always escape your SQL commands using PDO->execute(). (read: https://doc.bccnsoft.com/docs/php-docs-7-en/pdostatement.execute.html)
For the ‘Undefined index: name’ error, you want to check if $_POST[‘name’] actually exists before you use it.
if (!@$_POST['name']) {
echo 'Missing POST: name';
die();
}
$name = $_POST['name'];
$username = "";
$password = "";
$database_name = "";
$database_host = "localhost";
$port = 3306;
try {
$con = new PDO("mysql:host=$database_host;port=$port;dbname=$database_name;charset=utf8mb4", $username, $password);
} catch (Exception $e) {
echo($e->getMessage());
die();
}
$statement = $con->prepare("DELETE FROM items WHERE name = :name");
try {
$statement->execute([
':name' => $name,
]);
} catch (PDOException $e) {
echo($e->getMessage());
die();
}