Chapter 10 - Delete account Delete selected account

Output

Delete Account

Source
<?php //script  delete accoung
include (CHAPTER_PATH.'/'.$chapter.'/'.$path.'/includes/header.php');

// connect to the db
require(CONNECT);

echo "<div id='content'>";
echo '<h1>Delete Account</h1>';
// Get a valid account ID, through GET or POST or Select:
if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
	$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
	$id = $_POST['id'];
} else { // No valid ID, Select one from dropdown
	//get all accounts to populate dropdown menu
	$q = "SELECT account_id AS id, CONCAT( c.last_name,', ', c.first_name, ' (',a.type, ' - $', a.balance,')') AS 'account'
FROM customers AS c
INNER JOIN accounts AS a
USING (customer_id)";		
	if($r = mysqli_query($link,$q) ){
		echo "<form action='' method='post' ><p><label for='c'>Select Account to Delete</label>";
		echo "<select id='c' name='id'>";
		while($row = mysqli_fetch_assoc($r)) {
			echo "<option";
			echo (isset($_POST['account']) && $_POST['account'] == $row['account'])? ' selected':'';
			echo " value='$row[id]'>$row[account]</option>";
		}	
		echo "</select></p><input type='submit' value='Select'/></form>";
	} else {
		echo "We are experiencing technical difficulties. Try back later.";
	}
}


// Check if the form has been submitted:
if ($_SERVER['REQUEST_METHOD'] == 'POST' || isset($id)) {

	if (isset($_POST['sure'])) {
		if($_POST['sure'] == 'Yes') { // Delete the record.
			// Make the query:
			$q = "DELETE FROM accounts WHERE account_id=$id LIMIT 1";		
			$r = @mysqli_query ($link, $q);
			if (mysqli_affected_rows($link) == 1) { // If it ran OK.
				// Print a message:
				echo '<p>The account has been deleted.</p>';	
			} else { // If the query did not run OK.
				echo '<p class="error">The account could not be deleted due to a system error.</p>'; // Public message.
				echo '<p>' . mysqli_error($link) . '<br />Query: ' . $q . '</p>'; // Debugging message
				//check for any transactions that would prevent deletion
				$q="SELECT transaction_id as id, transaction_id from transactions WHERE to_account_id=$id OR from_account_id=$id";
				if($r=mysqli_query($link,$q)){
					$num = mysqli_num_rows($r);
					if($num>0){
						echo "<p>This account is involved in $num transactions. <br />
						In order to delete this account, you must first delete the following transactions: </p>";
						results_to_table_mod($r,'<h3>Transactions using account</h3>','id',false,'delete transaction','chapter=10&amp;path=pursue');
					}
				}
				
			}

		} else { // No confirmation of deletion.
			echo '<p>The account has NOT been deleted.</p>';
		}	
	
	} else { // Show the form.

		// Retrieve the account's information:
		$q = "SELECT account_id AS id, CONCAT( c.last_name,', ', c.first_name, ' (',a.type, ' - $', a.balance,')') AS 'account'
FROM customers AS c
INNER JOIN accounts AS a
USING (customer_id) WHERE account_id=$id";
		$r = @mysqli_query ($link, $q);

		if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form.

			// Get the user's information:
			$row = mysqli_fetch_array ($r, MYSQLI_ASSOC);
			
			// Display the record being deleted:
			echo "<h3>Account: $row[account]</h3>
			Are you sure you want to delete this account?";
			
			// Create the form:
			echo '<form action="" method="post">
			<input type="radio" name="sure" value="Yes" /> Yes 
			<input type="radio" name="sure" value="No" checked="checked" /> No
			<input type="submit" name="submit" value="Confirm" />
			<input type="hidden" name="id" value="' . $id . '" />
			</form>';
		} else { // Not a valid user ID.
			echo '<p class="error">This page has been accessed in error.</p>';
		}
	}
} // End of the main submission conditional.

// disconnect from the db
require(DISCONNECT);

echo "</div>";
include (CHAPTER_PATH.'/'.$chapter.'/'.$path.'/includes/footer.php');
?>