Learn how to safely delete records from the database
What is the DELETE Operation?
DELETE is the operation used to remove data from the database.
It's the most critical operation because it's permanent and cannot be easily undone.
DELETE operations are used when you close an account, remove a post, delete a contact,
or cancel a subscription. Always be careful with delete operations!
SQL Query Used:
DELETE FROM students
WHERE id=5;
Key Features of DELETE:
Removes records permanently from the database
Uses WHERE clause to identify which record to delete
Should always require confirmation to prevent accidents
Requires authentication (usually admin only)
Considered a "dangerous" operation
â ī¸ CRITICAL: DELETE is PERMANENT
Once data is deleted, it cannot be recovered (unless you have database backups).
This is why DELETE operations should always have confirmation dialogs and require authentication.
Many professional systems use "soft delete" (marking as deleted) instead of true deletion.
đ How DELETE Works - Step by Step
1ī¸âŖ User Clicks Delete Button
Admin clicks the delete button on a student record
2ī¸âŖ Show Confirmation Dialog
JavaScript shows a confirmation: "Are you sure you want to delete this student?" (prevents accidents)
3ī¸âŖ Server Verifies Authentication
Check that the user is logged in as an admin (security check)
4ī¸âŖ Verify Record Exists
Make sure the student exists in the database before attempting deletion
5ī¸âŖ Execute DELETE Query
Run the SQL DELETE command with a WHERE clause to identify the exact record
6ī¸âŖ Confirm & Redirect
Show success message and redirect to the student list (showing the record is gone)
đ¨ Example: Deleting a Student
âšī¸ Here's what a student record looks like before deletion:
John Doe
Email: john@example.com
Class: A | Status: Active
After clicking delete and confirming, this record would be permanently removed from the database.
đĄī¸ Confirmation Mechanism
This is how the confirmation appears:
â Are you sure you want to delete this student?
JavaScript Confirmation Code
This is how the confirmation dialog is triggered:
<a href="delete.php?id=5" onclick="return confirm('Delete this student?');">
đī¸ Delete
</a>
â ī¸ Common DELETE Mistakes
â Forgetting WHERE Clause
DELETE FROM students;
This deletes ALL students!
â No Confirmation
Accidental click deletes data
Always require confirmation first
â No Authentication
Anyone can delete records
Always check if user is admin
â No Verification
Deleting non-existent records
Check record exists first
â Safe DELETE Implementation
Step-by-Step Safe Deletion Code
// 1. Check authentication
if (!isset($_SESSION['admin_id'])) {
die('Not authorized');
}
// 2. Get student ID from URL
$id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
// 3. Verify student exists
$check = $conn->query("SELECT id FROM students WHERE id=$id");
if ($check->num_rows == 0) {
die('Student not found');
}
// 4. Delete using prepared statement
$stmt = $conn->prepare('DELETE FROM students WHERE id=?');
$stmt->bind_param('i', $id);
$stmt->execute();
// 5. Show success and redirect
echo 'Student deleted successfully';
header('Location: ../students/index.php');
đĄ Alternative: Soft Delete
What is Soft Delete?
Instead of permanently deleting records, many professional systems mark records as deleted without actually removing them.
This is safer because data can be recovered.
// Soft Delete: Mark as deleted instead of removing
UPDATE students SET deleted_at=NOW() WHERE id=5;
// Then always exclude deleted records from READ:
SELECT * FROM students WHERE deleted_at IS NULL;
Benefits: Data recovery, audit trails, comply with regulations, prevent accidents
đ Continue Learning CRUD
You've now learned about all four CRUD operations! Here's the complete cycle: