-
Notifications
You must be signed in to change notification settings - Fork 2
/
delete_item.php
107 lines (91 loc) · 3.67 KB
/
delete_item.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<?php
/**
* TO DELETE A MEDIA ITEM FROM THE DATABASE. ONLY PERFORMS BACKEND FUNCTION. REDIRECTS USERS TO THE PAGE THEY LANDED HERE FROM (USUALLY THE MEDIA PAGE)
*
* @version PHP 8.0.12
* @since September 2022
* @author AtharvaShah
*/
session_start();
if (empty($_SESSION)) {
header("Location: login.php");
}
require "connection.php";
require "functions.php";
$user_data = check_login($con);
$username = $user_data['user_name'];
function sendLettersToBack($bkName){
if(substr($bkName, 0, 4)=='The '){
$bkName = substr($bkName, 4). ', The';
}
elseif(substr($bkName, 0, 2)=='A '){
$bkName = substr($bkName, 2). ', A';
}
return $bkName;
}
// When user clicks on delete button on media_book.php
if(isset($_GET['book'])){
$bookToDelete = $_GET['book'];
// $bookToDelete =sendLettersToBack($bookToDelete);
// echo $bookToDelete;
//do not delete the entire row as it contians the other media items. Instead update the book field and the author field to nullable string values.
$sql = "UPDATE `data` SET `book` = '', `author`='' WHERE `username` = '$username' AND `book` = '$bookToDelete'";
$result = mysqli_query($con, $sql);
if($result){
header("Location: media_book.php");
}else{
echo "Error deleting record: " . mysqli_error($con);
}
}
// When user clicks on delete button on media_movie.php
if(isset($_GET['movie'])){
$movieToDelete = $_GET['movie'];
// echo $movieToDelete;
//do not delete the entire row as it contians the other media items. Instead update the movie field and the year field to nullable string values.
$sql = "UPDATE `data` SET `movie` = '', `year`='' WHERE `username` = '$username' AND `movie` = '$movieToDelete'";
$result = mysqli_query($con, $sql);
if($result){
header("Location: media_movie.php");
}else{
echo "Error deleting record: " . mysqli_error($con);
}
}
// When user clicks on delete button on media_tv.php
if(isset($_GET['tv'])){
$tvToDelete = $_GET['tv'];
// echo $tvToDelete;
//do not delete the entire row as it contians the other media items. Instead update the tv field and the streaming field to nullable string values.
$sql = "UPDATE `data` SET `tv` = '', `streaming`='' WHERE `username` = '$username' AND `tv` = '$tvToDelete'";
$result = mysqli_query($con, $sql);
if($result){
header("Location: media_tv.php");
}else{
echo "Error deleting record: " . mysqli_error($con);
}
}
// When user clicks on delete button on media_music.php
if(isset($_GET['music'])){
$musicToDelete = $_GET['music'];
// echo $musicToDelete;
//do not delete the entire row as it contians the other media items. Instead update the movie field and the year field to nullable string values.
$sql = "UPDATE `data` SET `album` = '', `artist`='' WHERE `username` = '$username' AND `album` = '$musicToDelete'";
$result = mysqli_query($con, $sql);
if($result){
header("Location: media_music.php");
}else{
echo "Error deleting record: " . mysqli_error($con);
}
}
// When user clicks on delete button on media_videogame.php
if(isset($_GET['videogame'])){
$gameToDelete = $_GET['videogame'];
// echo $musicToDelete;
//do not delete the entire row as it contians the other media items. Instead update the movie field and the year field to nullable string values.
$sql = "UPDATE `data` SET `videogame` = '', `platform`='' WHERE `username` = '$username' AND `videogame` = '$gameToDelete'";
$result = mysqli_query($con, $sql);
if($result){
header("Location: media_videogame.php");
}else{
echo "Error deleting record: " . mysqli_error($con);
}
}