Databases Reference
In-Depth Information
{
// Yes; compose a query to delete the specified gift from the gifts table
$query = "DELETE FROM gifts WHERE gift_id=".clean($_GET['gift_id'], 10);
// Run the query through the connection
if (($result = @ mysqli_query($connection, $query))==FALSE)
showerror($connection);
}
We must also call the
logincheck( )
function at the top of the
edit.php
script to identify
the user and use this information to prevent anybody but Jack or Jill from deleting gifts.
Processing the Submitted Form
When the user clicks on the “Update data” button to submit the gift editing form, the
data is sent by the
POST
method to the same
edit.php
script. The form data is accessible
through the
$_POST
superglobal array. For example, the Submit button was created in
the HTML form as:
<input name='update' type='submit' value='Update data' />
When the form is submitted, this is available as the variable
$_POST["update"]
, which
has the value
Update
data
. We can assume that when the
$_POST["update"]
variable
exists (is set), the user has just submitted the HTML form. If this is the case, we can
try to update the information in the
gifts
table. The script iterates through all existing
gift IDs in the database and checks whether there's any corresponding data in the
$_POST
array. If there is any submitted data for a given gift ID, we call the
update_or_insert_gift( )
function to update the database.
Normally, each existing gift ID will have a corresponding entry in the HTML form, and
so there will be data for it in the
$_POST
array. However, we have to check for this; we
should ensure we don't run into problems if no data is submitted for a particular gift.
This might happen if you add a new gift and submit the form, then make your browser
resubmit the original form data again by reloading the form action page (most browsers
warn you if you try to do this with a POST form); the ID of the new gift will not be in
the submitted form data. It could also happen if another user adds a new gift between
the time that you load the form and the time that you submit it.
To avoid problems, we use the
isset( )
function on each of the
POST
fields for each of
the gift IDs that appear in the database. Since we've named the form fields as array
elements with the gift ID as the array index, the data items we obtain from the
$_POST
array are themselves arrays. For example, to access the quantity entered for the gift with
ID 7, we would use the variable
$_POST["quantity"][7]
.
After updating the existing gifts, we can call the
update_or_insert_gift( )
function
with the fake gift ID of 0 to read any entered information for a new gift and add it to
the database:
