Edit and Delete button for Posts

After our meeting with Rob last Friday, I have been working on a “delete” and an “edit” button for the posts on our page. I knew it would be very similar to the code I had previously written for the “delete-account” button but also that I was faced with some complications.

First of all, the users had to be able to only delete their own posts. For that, I knew I would need the “user_id” that I previously saved as a session variable, so I could run a query checking if the “id” from the user table would be the same as the “user_id” in the posts table. Luckily, at this point I had already managed to save the “user_id” from the SESSION in the posts table. That made this whole thing a bit simpler, because I did not have to take care of that in addition, but could just run a simple check to ensure that the two numbers were the same.

Once that was accomplished, I thought about the second problem that I had to solve. At this point the user would click a button and end up deleting all of his posts no matter which button he picked (as long as it was one of his posts). That happened because the users “id” and the “user_id” from the posts table would be same for all the posts a user made. That meant that the “user_id” to select a certain post was not enough criteria and that I had to query for the post “id” as well.

The solution for that was creating another file, called “delete_post”.php and when doing the “href” adding the unique post “id” to the URL. That happened with the following code:


            <div class="delete_edit" id="delete_post"><a href="delete_post.php?id=<?php echo $row["id"]; ?>">Delete post?</a></div>

I then would get the post “id” and run my query like this:


            $query = "DELETE FROM posts WHERE id = '{$postID}' and user_id = '{$_SESSION['user_id']}'";

In the end the user was able to delete his posts, but not all at once. Instead he could click on the posts’ “delete” button ending up deleting just this one post (of course, still just his own post, not others). That was almost everything and could have probably ended up staying like that but it was slightly distracting that all the posts had “delete” buttons but some of them just would not work. That’s why I used an if-statement to hide the button for all but the users own post. You can see the code here:


<?php if ($_SESSION["user_id"] == $row["user_id"]) {?>

        <div class="delete_edit" id="delete_post"><a href="delete_post.php?id=<?php echo $row["id"]; ?>">Delete post?</a></div>

        <div class="delete_edit" id="edit_post"><a href="edit_post.php?id=<?php echo $row["id"]; ?>">Edit post?</a></div> 

<?php } ?>

Also, in the following you can see a screenshot of the “posting-page” so far. All the posts with “edit” and “delete” buttons are the one made by the user logged in. In addition to the buttons’ obvious function, they are also an option for the user to keep track of their posts since they can easily get lost in the mass of anonymity and still stay anonymous (since other people can only see that certain posts were not made by them but not by who).

Screenshot (285)