Taufiq Fitriansyah Taufiq Fitriansyah - 1 month ago 14
SQL Question

(Solved) How to Delete from Loop Multiple Checkbox in PHP

I want to delete record from checkbox. I have a form to display data from database like this

$connect = mysqli_connect('Ian', 'root', '', 'penduduk');
$call_db = mysqli_query($koneksi, "select * from tabel_data_penduduk");

<form action="deleteData.php" method="post">
<table style="border:black solid; width: 100%">
<tr style="font-weight: bold">
<th style="width: 2%"><input type="checkbox"/></th>
<th style="width: 3%">No. Identity</th>
<th style="width: 4%">No. Driving License</th>
<th style="width: 10%">Name</th>
<th style="width: 12%">Birth Date</th>
<th style="width: 9%">City Code</th>

while($db = mysqli_fetch_array($call_db, MYSQLI_NUM)){
echo "<tr>"
. "<td style='text-align:center; width:2%'>"
. "<input type='checkbox' name='deleteNetizen[$counter]' value='". $db[0] ."'/>"
. "</td>"
. "<td style='width: 3%'>". $db[0]. "</td>"
. "<td style='width: 4%'>". $db[1]. "</td>"
. "<td style='width: 10%'>". $db[2]. "</td>"
. "<td style='width: 12%'>". $db[3]. "</td>"
. "<td style='width: 9%'>". $db[4]. "</td></tr>";
<button type="submit" name="btnNetizen" value='ButtonNetizen'>Delete Data Netizen Table</button>


and then the deleteData.php (which is same file as the form) is:

$netizenData= $_POST['deleteNetizen'];
echo "$netizenData";
$hapusPenduduk = $_POST['btnNetizen'];
$db = mysqli_connect('Ian', 'root', '', 'netizen');

$deleteData_Netizen = mysqli_query($db, "delete from table_data_netizen where No_Identity = $netizenData");

return a value when i debug it, but somehow it can't be deleted from database. I wonder where did i go wrong?

Thanks for help

Answer Source

It's hard to debug completely from this code snippet, but here are some tips for improving / debugging:

Use bind variables instead of strings in your queries. So change your last code snippet to something like:

$netizenData= $_POST['deleteNetizen'];
$db = mysqli_connect('Ian', 'root', '', 'netizen');
$delete_stmt = mysqli_prepare($db, "delete from table_data_netizen where No_Identity = ?"); // note that you can / should re-use this prepared statement

  mysqli_stmt_bind_param($delete_stmt, $netizenData);
  // some debug info:
  printf("%d rows deleted.", mysqli_affected_rows($delete_stmt));

// if necessary

This change will make it clearer what's happening in your code. For example, if someone put a quote in $netizenData, you'd get weird results. (This is, in fact, where SQL injection attacks come from and why your code is unsafe.) And then you should start to be able to debug things like: did you make it into your if block? Did any rows get deleted? Etc.

Another thing to look at is whether you are committing / need to commit your data. For example, see http://php.net/manual/en/mysqli.autocommit.php for info on autocommit. If it's off (and you're using transactional tables), then you may need to manually commit (or set autocommit to true).

Hope that helps.