-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdeletecomment.php
More file actions
95 lines (86 loc) · 3.83 KB
/
deletecomment.php
File metadata and controls
95 lines (86 loc) · 3.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<html lang="en">
<head>
<title>Luxauto</title>
<meta charset="UTF-8">
<link href="https://fonts.googleapis.com/icon?family=Material+Icons"
class=""accesskey=""rel="stylesheet">
<link rel="stylesheet" href="css/reviewpage.css">
<?php include './includes/header.php'; ?>
</head>
<body>
<main>
<?php
include './includes/nav.php';
session_start();
$comment_id = $_GET['comment_id'];
//echo $review_id;
global $member_id, $comment_id, $comment, $error_msg, $success;
// Create database connection
$config = parse_ini_file('../../private/db-config.ini');
$conn = new mysqli($config['servername'], $config['username'], $config['password'], $config['dbname']);
// Check connection
if ($conn -> connect_error)
{
$errorMsg = "Connection failed: " . $conn -> connect_error;
$success = false;
}
// Prepare the statement
//date_default_timezone_set('Asia/Singapore');
$stmt = $conn -> prepare("SELECT * FROM comments WHERE id=?");
// Bind & execute the query statement
$stmt ->bind_param("s", $comment_id);
$stmt -> execute();
$result = $stmt ->get_result();
if ($result -> num_rows > 0)
{
$row = $result ->fetch_assoc();
$comment = $row['comment'];
}
?>
<h3>Delete Comment</h3>
<form action="" method="POST">
<label>Delete comment:</label><br>
<div class="delete-container">
<h4 type="text" id="comment" name="comment"><?php echo $comment;?></h4>
</div>
<button class="deletebutton" type="submit" id="delete" name="delete">
<span class="material-icons">send</span>
</button>
</form>
<?php
if (isset($_POST['delete']))
{
deletecommenttodb();
}
function deletecommenttodb()
{
$comment = $errormsg = "";
$success = true;
global $member_id, $comment_id, $comment, $error_msg, $success;
// Create database connection
$config = parse_ini_file('../../private/db-config.ini');
$conn = new mysqli($config['servername'], $config['username'], $config['password'], $config['dbname']);
// Check connection
if ($conn -> connect_error)
{
$errorMsg = "Connection failed: " . $conn -> connect_error;
$success = false;
}
else
{
// Prepare the statement
$stmt = $conn -> prepare("DELETE FROM comments WHERE id= ?");
// Bind & execute the query statement
$stmt -> bind_param("s", $comment_id);
if(!$stmt)
{
echo "Prepare failed: (". $conn->errno.") ".$conn->error."<br>";
}
$stmt->execute();
echo '<script>window.location.href = "reviews.php";</script>';
}
}
?>
</main>
</body>
</html>