[Resolved] Help building Quick Delete

Sayian

Hello all =)

I have built a php delete script , that takes a delete command from an admin panel ...

Instead of using the admin panel , id like to turn this delete script into somthing that could be used via a form input.

Example , i type in 3145 ( member ID)
and hit go , and it'll execute the delete script and delete user 3145.

In my script , it pop's up a box that says " Are you sure" , Id like this taken out , and after the user is deleted id like it to return to the HTML form page awaiting another Member ID input to delete ..

How can i create that out of this?

include("$include_path/$table_file");

if(isset($_POST['delete_user']) && isset($_POST['userid']) && isset($_POST['sure'])){ 

$d_sql = "
  delete from
  $tb_users
  where
    id = '$_POST[userid]'
  ";
  $d_query = mysql_query($d_sql) or die(mysql_error());

$dc_sql = "
  delete from
  $tb_comments
  where
    user_id = '$_POST[userid]'
  ";
  $dc_query = mysql_query($dc_sql) or die(mysql_error());

$dac_sql = "
  delete from
  $tb_comments
  where
    author_id = '$_POST[userid]'
  ";
  $dac_query = mysql_query($dac_sql) or die(mysql_error());
          $dbu_sql = "
          delete from
        $tb_users_blocked
          where
            user_id = '$_POST[userid]'
  ";
  $dbu_query = mysql_query($dbu_sql) or die(mysql_error());

    $dabu_sql = "
      delete from
            $tb_users_blocked
      where
        blocked_user = '$_POST[userid]'
  ";
  $dabu_query = mysql_query($dabu_sql) or die(mysql_error());

$dr_sql = "
  delete  from
  $tb_ratings
  where
    rater_id = '$_POST[userid]'
  ";
  $dr_query = mysql_query($dr_sql) or die(mysql_error());

$dm_sql = "
  delete  from
  $tb_ratings
  where
    user_id = '$_POST[userid]'
  ";
  $dm_query = mysql_query($dr_sql) or die(mysql_error());


$df_sql = "
	  delete from
      $tb_favourites
	  where
	    fav_user_id = '$_POST[userid]'
  ";
  $df_query = mysql_query($df_sql) or die(mysql_error());

$df_sql = "
          delete from
      $tb_favourites
          where
            user_id = '$_POST[userid]'
  ";
$dp_sql = "
          delete from
      $tb_posts
          where
            userid = '$_POST[userid]'
  ";
  $dp_query = mysql_query($dp_sql) or die(mysql_error());

$dpm_sql = "
          delete from
      $tb_pms
          where
            user_id = '$_POST[userid]'
  ";
  $dp_query = mysql_query($dpm_sql) or die(mysql_error());

$dpm_sql = "
          delete from
      $tb_pms
          where
            author_id = '$_POST[userid]'
  ";
  $dp_query = mysql_query($dpm_sql) or die(mysql_error());


  $df_query = mysql_query($df_sql) or die(mysql_error());

  del_image($_POST[userid]);

  $delete_success = true;
}

$final_output = <<<EOF
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Delete User</title>
EOF;

if(isset($delete_success) && $delete_success){
$final_output .= <<<EOF
<script>window.opener.window.document.location.reload();</script>
EOF;
}

if((isset($delete_success) && $delete_success) || isset($_POST['not_sure'])){
$final_output .= <<<EOF
<script>window.close();</script>
EOF;
}

include("$include_path/styles.php");

$final_output .= <<<EOF
</head>
<body bgcolor="$page_bg_color" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0">
EOF;

$table = <<<EOF
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td>
<table cellpadding="5" cellspacing="0" border="0" width="100%">
EOF;

if(isset($dm)) $table .= $dm;

$userid = isset($_POST['userid']) ? $_POST['userid'] : 0;
$userid = isset($_GET['userid']) ? $_GET['userid'] : $userid;

$table .= <<<EOF
<tr>
<td class="regular" align="center" colspan="2">Are you sure?</td>
</tr>
<tr><form method="post" action="$base_url/admin/delete_user.php"><input type="hidden" name="delete_user" value="1"><input type="hidden" name="userid" value="$userid">
<td class="regular" align="right"><input class="button" type="submit" name="sure" value="Yes"></td>
</form><form method="post" action="$base_url/admin/delete_user.php">
<td class="regular"><input class="button" type="submit" name="not_sure" value="No"></td></form>
</tr>
</table>
</td>
</form></tr>
</table>
EOF;

$final_output .= table("Delete User", $table);

$final_output .= <<<EOF
</body>
</html>
EOF;

echo $final_output;

?>

Thanks .. been stuck on this one for about a week now.

edcellgavin

try changing this line:
if(isset($POST['delete_user']) && isset($POST['userid']) && isset($_POST['sure'])){

to :
if(isset($POST['delete_user']) && isset($POST['userid'])){

just a note. the 'are you sure' thing is not there for inconvenience, but a safeguard if you accidentally click the delete button...

Sayian

But how can i create a form to use this? Thats where im confused.

edcellgavin

some pseudo-code
<?php
$msg = ""; // var to hold delete status
$idno = addslashes($_POST['idno']);
if (strlen(trim($idno)) > 0) {
// your script here to delete user
// in dabase taking $idno as argument

// use these function to check if query outcome of last database operation
if (mysql_affected_rows($query) = 0) {
// no record matching criterium(idno)
$msg = "NO such record exists.";
}
elseif (mysql_affected_rows($query) > 0) {
// delete successful
$msg = "Record deleted.";
}
else {
// error
$msg = "Error in operation.<br>";
$msg .= mysql_error();
}
}
?>
<html>
<head><title>Title Here</title></head>
<body>
<form action="" method="post">
<?=$msg?>
<br />
Enter id no<input type="idno" value="">
<input type="submit" value=""delete">
</body>
</html>