SitePoint Sponsor

User Tag List

Page 1 of 3 123 LastLast
Results 1 to 25 of 54
  1. #1
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP forum post not working

    PHP forum post not wokring

    Hello,
    Im doing a project which is basically making a forum using PHP,HTML and MYSQL database. I basically using a PHP script to import data into the MySQL database and another PHP script to show all the data in the MySQL table on brower. So in a nut shell im using a combination of these two script to simulate a forum.

    Ive got the these working which are:
    login
    create a new thread
    display all the threads
    create a new post
    display all the posts

    however the problem I have is that all posts data from the MySQL table is showing in every single thread, this shouldn't happen I only want the posts to show in the threads they correspond to, I taught it would do this automatically because did all the primary and foreign stuff with my three MySQL tables which are users,threads,posts bellow is the coding for my posts script and MySQL cmd.

    I basically want to echo the rows in the posts table where thread_ID = to the threadID from the threads table, this is my primary and foreign key relationship.



    Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">
    <p>
    Welcome to the posts Page!!!!!!!!!
    </p>
    To start a new post fill in the details and...
    <form name "input" action="new_post.php" method="post"></p>
    <input type="text" name="thread_ID" size="25" value="Input thread ID here"><br>
    <input type="text" name="description" size="25" value="Description"><br>
    <input type="text" name="date" size="25" value="Post Date"><br>
    <p><input type="submit" value="Submit"></p>
    </form>
    <form name "input" action="threads.php" method="post"></p>
    <p><input type="submit" value="Back"></p>
    </form>
    <p>Click the "Submit" button to create a post.</p>
    <?php
    $mysqli = mysqli_connect("localhost", "root","","forum");
    $myquery = "select * from posts";
    $result = mysqli_query($mysqli,$myquery);
    echo "<table>";
    while($record = mysqli_fetch_array($result,MYSQL_ASSOC))
    {
    $sky = $record["postID"];
    $ground = $record["thread_ID"];
    $water = $record["description"];
    $air = $record["date"];
    echo "<tr>";
    echo "<td>";
    echo $sky;
    echo "</td>";
    echo "<td>";
    echo $ground;
    echo "</td>";
    echo "<td>";
    echo $water;
    echo "</td>";
    echo "<td>";
    echo $air;
    echo "</td>";
    echo "</tr>";
    }
    echo "</table>";
    ?>

  2. #2
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,748
    Mentioned
    71 Post(s)
    Tagged
    0 Thread(s)
    As i stated in my response to your PM; the problem is you dont have a WHERE clause for your query. Use that to narrow your results to the current thread (Which.. i believe would be $_POST['thread_ID'] based on your code).

    Flagging this for movement into database forum for the time being.
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  3. #3
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the reply StarLion Ive done what you said about adding a WHERE clause into my posts.php file so what ive done it the last part of the query ive added a POST super global to get the threadID in the threads table to match the thread_ID in the post table however in my threads.php file i cant get the code right because it wont link to my posts.php file can you check the echo statement out please bellow:


    posts.php file
    Code:
    <?php
    
    $mysqli = mysqli_connect("localhost", "root","","forum");
    
    $myquery ="SELECT `postID`, `thread_ID`, `description`, `date` FROM posts WHERE `thread_ID`= '$_POST[threadID]'";
    
    $result = mysqli_query($mysqli,$myquery);
    
    echo "<table>";
    while($record = mysqli_fetch_array($result,MYSQL_ASSOC))
    {
        $postID = $record["postID"];
    	$threadID = $record["thread_ID"];
    	$description = $record["description"];
    	$date = $record["date"];
    
    	echo "<tr>";
    	echo "<td>";
    	echo $postID;
    	echo "</td>";
    	echo "<td>";
    	echo $threadID;
    	echo "</td>";
    	echo "<td>";
    	echo $description;
    	echo "</td>";
    	echo "<td>";
    	echo $date;
    	echo "</td>";
    	echo "</tr>";
    }
    echo "</table>";
    ?>
    threads.php file:
    Code:
    <?php
    
    $mysqli = mysqli_connect("localhost", "root","","forum");
    
    $myquery = "select * from `threads`";
    
    $result = mysqli_query($mysqli,$myquery);
    
    echo "<table>";
    while($record = mysqli_fetch_array($result,MYSQL_ASSOC))
    {
    	$threadID = $record["threadID"];
    	$user_ID = $record["user_ID"];
    	$title = $record["title"];
    	$date = $record["date"];
    
    	echo "<tr>";
    	echo "<td>";
    	echo "<form action = 'posts.php' method = 'post'>";
    	echo "<input type=text name='threadID' value =$threadID>";
    	echo "</td>";
    	echo "<td>";
    	echo $user_ID;
    	echo "</td>";
    	echo "<td>";
    	echo "<a href=posts.php>$title</a>";
    	echo "</td>";
    	echo "<td>";
    	echo $date ;
    	echo "</td>";
    	echo "</tr>";
    	echo "<form>";
    }
    echo "</table>";
    ?>

  4. #4
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,500
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by spiderd View Post
    however in my threads.php file i cant get the code right
    What should threads.php do that it isn't doing right now?

  5. #5
    SitePoint Member
    Join Date
    Dec 2012
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are you getting any PHP/MySQL error? If so, please post it here. Also, you should get error on this line:

    Code:
    $myquery ="SELECT `postID`, `thread_ID`, `description`, `date` FROM posts WHERE `thread_ID`= '$_POST[threadID]'";
    You should change the end of this line to
    Code:
    WHERE `thread_ID`= '.$_POST[threadID].'

  6. #6
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,748
    Mentioned
    71 Post(s)
    Tagged
    0 Thread(s)
    That line is valid PHP - he WILL get an error about an unenquoted string array key, however.
    If he wanted to escape it, he would have to make it
    PHP Code:
    $myquery ="SELECT `postID`, `thread_ID`, `description`, `date` FROM posts WHERE `thread_ID`= '".$_POST['threadID']."'"
    , as the double-quotes are the ones being used to designate the PHP string, not the single quotes. The single quotes are there to be passed to MySQL.

    another reason I pointed this thread here is that the password field is raising red flags to me. That varchar is too short for a standard hash to be being put there...
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  7. #7
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    However, the true crux to his problem is that threadID is never making it to posts.php

    His expected output (based on the code above) in threads.php is:
    Code:
    <tr><td><form action='posts.php' method='post'><input type=text name='threadID' value='1'></td><td>userId</td><td><a href=posts.php>Thread Title</a></td><td>date</td></tr>
    See the problem? You are building a form, that is never used, nevermind the fact that you are violating numerous HTML definitions/standards.

    So get rid of the form, use a querystring (this way it gives Users the ability to link directly to a thread), so your threads.php file becomes:
    PHP Code:
    <?php

    $mysqli 
    mysqli_connect("localhost""root","","forum");

    $myquery "select * from `threads`";

    $result mysqli_query($mysqli,$myquery);

    echo 
    "<table>";
    while(
    $record mysqli_fetch_array($result,MYSQL_ASSOC))
    {
        
    $threadID $record["threadID"];
        
    $user_ID $record["user_ID"];
        
    $title $record["title"];
        
    $date $record["date"];

        echo 
    "<tr>";
        echo 
    "<td>";
        echo 
    $user_ID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    "<a href=\"posts.php?threadId=" $threadID "\">$title</a>";
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $date ;
        echo 
    "</td>";
        echo 
    "</tr>";
    }
    echo 
    "</table>";
    ?>
    Your posts.php file becomes:
    PHP Code:
    <?php

    $mysqli 
    mysqli_connect("localhost""root","","forum");

    $threadId = (int)$_GET['threadId']; // sanitize your input!
    $myquery ="SELECT `postID`, `thread_ID`, `description`, `date` FROM posts WHERE `thread_ID`= '$threadId'";

    $result mysqli_query($mysqli,$myquery);

    echo 
    "<table>";
    while(
    $record mysqli_fetch_array($result,MYSQL_ASSOC))
    {
        
    $postID $record["postID"];
        
    $threadID $record["thread_ID"];
        
    $description $record["description"];
        
    $date $record["date"];

        echo 
    "<tr>";
        echo 
    "<td>";
        echo 
    $postID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $threadID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $description;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $date;
        echo 
    "</td>";
        echo 
    "</tr>";
    }
    echo 
    "</table>";
    ?>

  8. #8
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks guys I works however on my posts.php file where I have a form on top when I input the details and click on submit it says I have a ERROR on line 25 see bellow however the strange thing is when I click on back to the threads.php file then click on the click to go to the posts.php file everything works fine now errors whats going on:


    Line 25:
    Code:
    $threadId = (int)$_GET['threadId']; // sanitize your input!
    Just to note when the user click on submit on posts.php the data goes to the file new_post.php fiel which process the data into the mysql table in new_post.php at the end ive echo include posts.php which in turn messes things up with line 25 in posts.php. So i think the best way to solve is to put all the new_post.php script into the posts.php however how do I get the form action on posts.php to run the php script within the posts.php thats why I keep making seperate files to run the scripts. Also the code for new_post.php is bellow:
    Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">
    
    <?php
    // connect to database
    $mysqli = mysqli_connect("localhost", "root","","forum");
    
    // php string query insert into table
    $myquery = "insert into posts 
                values ('','$_POST[thread_ID]','$_POST[description]','$_POST[date]')";
    
    // function which runs the myquery string			
    $result = mysqli_query($mysqli,$myquery);
    
    // if's statments for inerting data into table
    If ($result==true)
    {
      echo "New Post Added";
      include "posts.php";
    }
    else 
    {
      echo "Corrupt Post";
      include "posts.php";
    }  
    
    // close connection with database
    mysqli_close ($mysqli);
    ?>

  9. #9
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    I believe you can set $_GET['threadId'] = $_POST['thread_ID']; and that would likely resolve it, however, with that said I strongly encourage you to send the threadId to the new_posts.php page via the query string, and remove it from the form. You will still need to validate the value, but at least the user won't have to figure out what the threadId is.

    Secondly, make sure you validate your POST data to prevent garbage and SQL Injections (hint: mysqli_real_escape_string)

  10. #10
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    im trying to do $_GET['threadId'] = $_POST['thread_ID']; but its coming up with ERRORS

    PHP Code:
    $_GET['threadId'] = $_POST['thread_ID'];

    $myquery ="SELECT `postID`, `thread_ID`, `description`, `date` FROM posts WHERE `thread_ID`= '".$_POST['thread_ID']."'"
    Also I understand what you mean by when the user doesn't need to enter the threadID but I dont know how to send the thradID to the new_posts.php page via the query string and in terms of validation I havnt come across validating the value and POST data. And last question from the previous code $threadId = (int)$_GET['threadId']; what does the (int) do or does it just state the value is an integer

  11. #11
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by spiderd View Post
    Also I understand what you mean by when the user doesn't need to enter the threadID but I dont know how to send the thradID to the new_posts.php page via the query string and in terms of validation I havnt come across validating the value and POST data. And last question from the previous code $threadId = (int)$_GET['threadId']; what does the (int) do or does it just state the value is an integer
    If you show me the code you use to create the new post link, I can help you place the threadId in the query string. Think something like the following being placed in your form (if it is on the posts.php page)
    PHP Code:
    <input type="hidden" name="thread_id" value="<?php echo $threadId?>" />
    Also update the form action to (so it passes the threadId forward, thus allowing your include "posts.php" to work.
    Code:
    <form action="new_posts.php?threadId=<?php echo $threadId; ?>">
    The (int) forces the value of $_GET['threadId'] to be cast into an INT, so if the $_GET['threadId'] contained "test", it would return 0. This way your query is safe from a sql injection.

  12. #12
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Heres the code for the new_post.php

    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

    <?php
    // connect to database
    $mysqli mysqli_connect("localhost""root","","forum");

    // php string query insert into table
    $myquery "insert into posts 
                values ('','
    $_POST[thread_ID]','$_POST[description]','$_POST[date]')";

    // function which runs the myquery string            
    $result mysqli_query($mysqli,$myquery);

    // if's statments for inerting data into table
    If ($result==true)
    {
      echo 
    "New Post Added";
      include 
    "posts.php";
    }
    else 
    {
      echo 
    "Corrupt Post";
      include 
    "posts.php";
    }  

    // close connection with database
    mysqli_close ($mysqli);
    ?>

    And this is my complete code for posts.php where the form is located:
    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

    <p>
    Welcome to the posts Page!!!!!!!!!
    </p>
    To start a new post fill in the details and...
    <form name "input" action="new_post.php" method="post"></p>
    <input type="text" name="thread_ID" size="25" value="Input thread ID here"><br>
    <input type="text" name="description" size="25" value="Description"><br>
    <input type="text" name="date" size="25" value="Post Date"><br>
    <p><input type="submit" value="Submit"></p>
    </form>

    <form name "input" action="threads.php" method="post"></p>
    <p><input type="submit" value="Back"></p>
    </form>

    <p>Click the "Submit" button to create a post.</p>

    <?php

    $mysqli 
    mysqli_connect("localhost""root","","forum");

    $threadId = (int)$_GET['threadId']; // sanitize your input!

    $myquery ="SELECT `postID`, `thread_ID`, `description`, `date` FROM posts WHERE `thread_ID`= '$threadId'";

    $result mysqli_query($mysqli,$myquery);

    echo 
    "<table>";
    while(
    $record mysqli_fetch_array($result,MYSQL_ASSOC))
    {
        
    $postID $record["postID"];
        
    $threadID $record["thread_ID"];
        
    $description $record["description"];
        
    $date $record["date"];

        echo 
    "<tr>";
        echo 
    "<td>";
        echo 
    $postID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $threadID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $description;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $date;
        echo 
    "</td>";
        echo 
    "</tr>";
    }
    echo 
    "</table>";
    ?>

    Also i tired what you said above but its coming up with ERRORs
    Code:
    SCREAM: Error suppression ignored for ( ! ) Notice: Undefined variable: threadId in C:\wamp\www\Forum\posts.php on line 8 Call Stack #TimeMemoryFunctionLocation 10.0007680008{main}( )..\posts.php:0 " />
    
    ( ! ) SCREAM: Error suppression ignored for ( ! ) Notice: Undefined variable: threadId in C:\wamp\www\Forum\posts.php on line 9 Call Stack #TimeMemoryFunctionLocation 10.0007680008{main}( )..\posts.php:0 ">

  13. #13
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    You would receive that error because you likely tried to use $threadId before it was defined. By moving the following line to the top of your code, you will avoid that error.
    PHP Code:
    $threadId = (int)$_GET['threadId']; // sanitize your input! 

  14. #14
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Oki its saying in my new_posts.php file i have an error on this line of code:

    PHP Code:
    $myquery "insert into posts 
                values ('','
    $_POST[thread_ID]','$_POST[description]','$_POST[date]')"
    Also that line you told me to put on top of my page i couldnt make it work by putting it on top of the code but i just put it before the echo tags within the php in the form.

    PHP Code:
    <form name "input" action="new_posts.php?threadId=<?php $threadId = (int)$_GET['threadId'];echo $threadId?>" method="post"></p>
    <input type="hidden" name="thread_id" value="<?php $threadId = (int)$_GET['threadId']; echo $threadId?>" /><br>
    <input type="text" name="description" size="25" value="Description"><br>
    <input type="text" name="date" size="25" value="Post Date"><br>
    <p><input type="submit" value="Submit"></p>
    </form>

    <form name "input" action="threads.php" method="post"></p>
    <p><input type="submit" value="Back"></p>
    </form>

  15. #15
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    Ah my bad, I put an 's' in the URL and there shouldn't be one. As it is new_post.php?threadId=2, not new_posts.php?threadId=2.

    If you fix the filename, it should be fine.

  16. #16
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yep i changed the file name it does go through however its saying in my new_posts.php file i have an error on this line of code:

    PHP Code:
    $myquery "insert into posts 
                values ('','
    $_POST[thread_ID]','$_POST[description]','$_POST[date]')"

  17. #17
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    Try
    PHP Code:
    // php string query insert into table
    $myquery "insert into posts 
                values ('
    {$_POST['thread_id']}','{$_POST['description']}','{$_POST['date']}')"

  18. #18
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I got it working but with the code u gave me they way i got it working was I quto incremented the postID column so you need to leave it blank with a two single quotes. However I need help with one last thing then I fully done on my threads.php file bellow is it possible to post the thread without the user imputing there userID I tired using the same technique with the threadID but no luck. I dunno if this is possible but on my index.html file where the user inputs the username and password is it possible to sends this data to another php script to go into the database find the corresponding userID with the data and give that id into the threads.php where the form is located. However my concern is the my index.html form already has a action in it to where it sends the data to the index.php script can I tell that action in the form to send the data to two separate files if so then the method i stated might work.

    My coding for files:

    index.php
    PHP Code:
    <!-- Link to CSS-->
    <
    link rel="stylesheet" type="text/css" href"CSS/default.css" title="Main">

    <
    div class="login">    
    <
    p><form name "login" action="index.php" method="post"></p>

    Please Enter you login details to enter the forum</p>
    <
    p>Username ===> <input type="text" siz="20" name="username"/></p>
    <
    p>Password ===> <input type="text" siz="20" name="password"/></p>

    <
    p><input type="submit" value="Login"></p>
        
    If 
    you dont have a account please <a href="register.html">Register Here</a></p>
    </
    div class="login"
    threads.php
    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

    <p>
    Welcome to the threads Page!!!!!!!!!
    </p>
    To start a new thread fill in the details and...
    <form name "input" action="new_thread.php" method="post"></p>
    <input type="text" name="user_ID" size="25" value="Input user ID here"><br>
    <input type="text" name="title" size="25" value="Topic Name"><br>
    <input type="text" name="date" size="25" value="Topic Date"><br>
    <p><input type="submit" value="Submit"></p>
    </form>

    <form name "input" action="index.html" method="post"></p>
    <p><input type="submit" value="Back"></p>
    </form>

    <p>Click the "Submit" button to create a thread.</p>

    <?php

    $mysqli 
    mysqli_connect("localhost""root","","forum");

    $myquery "select * from `threads`";

    $result mysqli_query($mysqli,$myquery);

    echo 
    "<table>";
    while(
    $record mysqli_fetch_array($result,MYSQL_ASSOC))
    {
        
    $threadID $record["threadID"];
        
    $user_ID $record["user_ID"];
        
    $title $record["title"];
        
    $date $record["date"];

        echo 
    "<tr>";
        echo 
    "<td>";
        echo 
    $threadID;
        echo 
    "</td>";    
        echo 
    "<td>";
        echo 
    $user_ID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    "<a href=\"posts.php?threadId=" $threadID "\">$title</a>";
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $date ;
        echo 
    "</td>";
        echo 
    "</tr>";
    }
    echo 
    "</table>";
    ?>
    new_threads.php
    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

    <?php
    // connect to database
    $mysqli mysqli_connect("localhost""root","","forum");

    // php string query insert into table
    $myquery "insert into threads 
                values ('','
    {$_POST['user_ID']}','{$_POST['title']}','{$_POST['date']}'}";
                

    // function which runs the myquery string            
    $result mysqli_query($mysqli,$myquery);

    // if's statments for inerting data into table
    If ($result==true)
    {
      echo 
    "New Thread Added";
      include 
    "threads.php";
    }
    else 
    {
      echo 
    "Corrupt Thread";
      include 
    "threads.php";
    }  

    // close connection with database
    mysqli_close ($mysqli);
    ?>

  19. #19
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    Out of curiosity, is this something you plan to use on a live site? Or more of a project to learn from or for school?

    As I wouldn't ever recommend using this on a live site (you should really just download a free forum, such as, phpBB).

    As for your userID problem, you really need to read up on articles that walk you through a login/registration scenario. You'll likely learn about cookies or sessions to maintain the user's authentication, etc. And that would help you out a lot.

  20. #20
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yea this is project for college I know what your thinking they way this so called forum was designed is silly but believe me that how this teacher wants it I would start the login stuff with sessions but this teacher is mental. So regarding this userID problem is it possible ?

  21. #21
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    Well you will want to use a Session regardless, you really don't want to pass UserID via a querystring or have it manually entered, that logically doesn't make any sense.

    In short, after you authenticate the user in your index.php, write their user id to a session variable
    PHP Code:
    $_SESSION['userID'] = $userID// replace $userID with the field that contains it 
    Make sure you have session_start(); at the top of your PHP files or at least the ones that will be reading from the session variable.

    Then when you need to read the userID later on (such as in new_thread.php or whatever it is called, you simply use $_SESSION['userID']

  22. #22
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So in the new_thread.php instead of
    PHP Code:
    '{$_POST['user_ID']}' 
    its
    PHP Code:
    $myquery "insert into threads 
                values ('','
    $_SESSION['userID']','{$_POST['title']}','{$_POST['date']}'}"
    Do I put the $_SESSION['userID'] = $userID; into the index.php or the threads.php

  23. #23
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by spiderd View Post
    So in the new_thread.php instead of
    PHP Code:
    '{$_POST['user_ID']}' 
    its
    PHP Code:
    $myquery "insert into threads 
                values ('','
    {$_SESSION['userID']}','{$_POST['title']}','{$_POST['date']}'}"
    Yes.

    Quote Originally Posted by spiderd View Post
    Do I put the $_SESSION['userID'] = $userID; into the index.php or the threads.php
    Where your login query is validated (so I believe that is the index.php)

  24. #24
    SitePoint Enthusiast
    Join Date
    Dec 2012
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I tired what you said about the session stuff but its coming up with ERROR's currently my coding looks like this i cant get it to work:
    index.php
    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">


    <?php

            $mysqli 
    mysqli_connect("localhost","root","","forum");
            
            
    $query "select * from users where username = '$_POST[username]' and password = '$_POST[password]'";
            
            
    $result mysqli_query($mysqli,$query);
            
            
    $_SESSION['userID'] = $userID;    
            if (
    mysqli_num_rows($result) == 0)
            {
                echo 
    "User Not Found";
                include 
    "index.html";
            }
            else
            {
                echo 
    "<h3>User Logged in</h3>";
                include 
    "threads.php";
            }
                
        
    mysqli_close($mysqli);
    ?>
    new_threads.php
    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

    <?php
    session_start
    ();
    // connect to database
    $mysqli mysqli_connect("localhost""root","","forum");

    // php string query insert into table
    $myquery "insert into threads 
                values ('','
    {$_SESSION['userID']}','{$_POST['title']}','{$_POST['date']}'}";  
                

    // function which runs the myquery string            
    $result mysqli_query($mysqli,$myquery);

    // if's statments for inerting data into table
    If ($result==true)
    {
      echo 
    "New Thread Added";
      include 
    "threads.php";
    }
    else 
    {
      echo 
    "Corrupt Thread";
      include 
    "threads.php";
    }  

    // close connection with database
    mysqli_close ($mysqli);
    ?>
    threads.php
    PHP Code:
    <!-- Link to CSS-->
    <link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

    <p>
    Welcome to the threads Page!!!!!!!!!
    </p>
    To start a new thread fill in the details and...
    <form name "input" action="new_threads.php?userId=<?php echo $userId?>" method="post"></p>
    <input type="hidden" name="user_Id" size="25" value="<?php echo $userId?>"><br>
    <input type="text" name="title" size="25" value="Topic Name"><br>
    <input type="text" name="date" size="25" value="Topic Date"><br>
    <p><input type="submit" value="Submit"></p>
    </form>

    <form name "input" action="index.html" method="post"></p>
    <p><input type="submit" value="Back"></p>
    </form>

    <p>Click the "Submit" button to create a thread.</p>

    <?php

    $mysqli 
    mysqli_connect("localhost""root","","forum");

    $myquery "select * from `threads`";

    $result mysqli_query($mysqli,$myquery);

    echo 
    "<table>";
    while(
    $record mysqli_fetch_array($result,MYSQL_ASSOC))
    {
        
    $threadID $record["threadID"];
        
    $user_ID $record["user_ID"];
        
    $title $record["title"];
        
    $date $record["date"];

        echo 
    "<tr>";
        echo 
    "<td>";
        echo 
    $threadID;
        echo 
    "</td>";    
        echo 
    "<td>";
        echo 
    $user_ID;
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    "<a href=\"posts.php?threadId=" $threadID "\">$title</a>";
        echo 
    "</td>";
        echo 
    "<td>";
        echo 
    $date ;
        echo 
    "</td>";
        echo 
    "</tr>";
    }
    echo 
    "</table>";
    ?>

  25. #25
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    5,134
    Mentioned
    152 Post(s)
    Tagged
    0 Thread(s)
    What errors are you receiving? Don't forget to use my last tip (putting session_start(); at the top of each page that needs to use $_SESSION['userID']).


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •