<?php include_once("../_db.php"); @session_start(); if (isset($_GET['delete'])) { $delete_id = $_GET['delete']; // Use prepared statements to prevent SQL injection $stmt = $conn->prepare("DELETE FROM withdrawal_details WHERE id = ?"); $stmt->bind_param("i", $delete_id); if ($stmt->execute()) { header('Location: confirmed_withdrawal.php'); exit(); // Exit after redirect } else { $message = 'Transaction could not be deleted'; // You might want to handle this error message in the redirected page } } else { // Redirect if delete parameter is not set header('Location: confirmed_withdrawal.php'); exit(); // Exit after redirect } ?>