2

I have shop site and want to be able delete what I add but can't seem to get it to work.

All relevant code is below:

Home page:

<?php
  //external pages area
  include_once('config/database.php');
  include_once('object/chair.php');
  //grabs info from the various pages.sql files
  $database = new Database();
  $conn = $database->getConnection();
  $chair = new Chair($conn);
  //connection made with sql file
  $stmt = $chair->readAll();
  //reading all the data in the sql file
  while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
?>
    <div class="ProductActionAdd" style="display:;">
      <a href="chair-details.php?detailsid=<?php echo $row['ID'];?>" class="btn">Buy me!</a>
    </div>

Details page:

<?php
  include_once('config/database.php');
  include_once('object/chair.php');
  $database = new Database();
  $conn = $database->getConnection();
  $chair = new Chair($conn);
  $chair->id = $_GET['detailsid'];
  $stmt = $chair->readDetails();
  while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
?>
    <a href='delete-chair.php?detailsid=<?php echo $row['ID'];?>' class="deleteit">deleate</a>

Delete page:

<?php
  include_once('config/database.php');
  include_once('object/chair.php');
  $database = new Database();
  $conn = $database->getConnection();
  $chair = new Chair($conn);
  $chair->id = $_GET['detailsid'];
  $stmt = $chair->readAll();
  while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
?>
    <div class="center_items">
      <div class="all-items">
        <?php   
          $sql="DELETE FROM office_chairs WHERE id ='{$chair->id}'";    
  }
        ?>

It states that detailsID is undefined and that Object of class chairs can't be converted into a string.

Improve this question

2 Answers 2

Reset to default
1

Well... you're receiving the detailsid parameter through $_GET and then you appoint it to a property called id.

$chair->id = $_GET['detailsid'];

Thus, calling a variable with the name $detailsid is not possible - cause no such variable exist. Use the property you assigned the value too instead.

The $chair variable contains a new instance of the class Chair. I don't know what your intentions are? Is the database table name dynamic? If not, just write the table name.

Correcting your query from

$sql="DELETE FROM $chair WHERE id = '$chair->id'";

to:

$sql="DELETE FROM table_name_here WHERE id ='$detailsid'";

might fix your problem giving the result you wish for. But your code is vulnerable to SQL injections. You should consider using prepared statments instead of directly connecting the variables to your query.

For example

$sql="DELETE FROM table_name_here WHERE id = ?";
$stmt -> $con = prepare($sql);
$stmt -> execute(array($chair -> id));
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Update

$sql="DELETE FROM $chair WHERE id ='$detailsid'";

to

$sql="DELETE FROM chair WHERE id ='{$chair->id}'";

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.