0

i have a row in the table 'files' where 'id' is a unique identifier column, and equals $imgId. imgId=$row['id'];

<script type="text/javascript">
$( "#<?php echo $imgId ?>" ).click(function() {
  <?php
$sql = "DELETE FROM files WHERE id=$imgId";

if ($con->query($sql) === TRUE) {
    echo "Record deleted successfully";
} else {
    echo "Error deleting record: " . $con->error;
}
$conn->close();
?>
});
</script>

I am displaying multiple embeds where the html id is equal to the unique identifier sql column id for that image.

<embed id="<?php echo  $imgId; ?>"class="delete-row" src="<?php echo $filePath; ?>" type="<?php echo $fileMime; ?>"/>

I just want it so when you click on a spcific image it deletes it from the database and removed the image file from the /uploads folder. Any help would be awesome.

user585148
  • 107
  • 1
  • 10
  • code I'm currently using. Not sure where to add sql... – user585148 Jan 02 '19 at 06:08
  • Use jquery click event and ajax post request – Zain Farooq Jan 02 '19 at 06:08
  • Possible duplicate of [jQuery Ajax POST example with PHP](https://stackoverflow.com/questions/5004233/jquery-ajax-post-example-with-php) – Zain Farooq Jan 02 '19 at 06:09
  • Please read about [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection). Instead of building queries with string concatenation, use [**prepared statements**](https://secure.php.net/manual/en/pdo.prepare.php) with [**bound parameters**](https://secure.php.net/manual/en/pdostatement.bindparam.php). See [**this page**](https://phptherightway.com/#databases) and [**this post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) for some good examples. – Alex Howansky Jan 02 '19 at 06:10

1 Answers1

0

The way that you are performing this is not advisable. You cannot use mysql pdo objects inside jquery click function. I suggest that you use the below approach. Please see that this is just a baseline. Please feel free to change the code as per your requirement.

In the html file or where you are using the script tag, use the below syntax:

<script type="text/javascript">
    jQuery(".delete-row").click(function(){
        var imageId = jQuery(this).attr('id');
        var filePath = jQuery(this).attr('src');

        jQuery.ajax({
            type: "POST",
            url: "[DOMAIN]/deleteImage.php",
            data: {imageId: imageId, path: filePath},
            success: function(res) {
                if (res === "deleted") {
                    jQuery(this).remove();
                }
            }
        });
    });
</script>

In the deleteImage.php file:

<?php
    require 'conn.php';

   if (!empty($_POST['imageId'])) {
       $sql = "DELETE FROM files WHERE id=$imgId";

       if ($con->query($sql) === TRUE && unlink($_POST['path'])) {
           return "deleted";
       } else {
           return false;
       }
   }

   $conn->close();

   return false;
?>

Hope this helps.

Kishen Nagaraju
  • 1,599
  • 6
  • 15
  • Thanks so much, it still doesn't seem to be working but I will keep working at it. – user585148 Jan 02 '19 at 06:43
  • Sure. You're Welcome. I have given the solution in Core PHP. If you are using any MVC, then please accomodate the above logic in your code accordingly and afterwards please upvote the answer if it helped you in any way. – Kishen Nagaraju Jan 02 '19 at 06:53