Page 1 of 5 123 ... LastLast
Results 1 to 10 of 46

Thread: Comments box

  1. #1
    Join Date
    Mar 2011
    Posts
    2,026
    Thanks
    59
    Thanked 108 Times in 106 Posts
    Blog Entries
    4

    Default Comments box

    PHP Code:
    <?php 

     mysql_connect
    ("localhost""****""****") or die('could not connect to database'); 
     
    mysql_select_db("****") or die('Could not select database');

    if (isset (
    $_POST['submit'])) 
    {
        
    $comment mysql_escape_string (trim ($_POST['comment']));
        
    $sql mysql_query ("INSERT INTO comments (id,comments) VALUES ('0','".$comment."')");

        echo 
    'Your comment has been entered successfully!';

    else 
    {
        
    // POST data wasnt entered, so display the comments and comment form

        // view comments from database
        
    $sql mysql_query ("SELECT * FROM comments");
        while (
    $row mysql_fetch_array ($sql)) {
            echo 
    $row['comments'].'<br />';
    }

        echo 
    '<br /><br />
        <form action="comments.php" method="post">
        Comments:<br />
        <textarea name="comment" cols="40" rows="7"></textarea>
        </form>'
    ;

    ?>
    I'm trying to set up a comments box on the members section of my website.
    2 things-
    1- is mysql_escape_string good enough secourity to prevent sql attacks.
    2- when i run the script this error comes up

    Parse error: syntax error, unexpected T_STRING in /home1/keyboard/public_html/Canberra Amatuer Productions/comments.php on line 6


    Any help would be appreciated
    Last edited by keyboard; 07-28-2011 at 12:10 AM.

  2. #2
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    You're missing a quote at
    die('Could not select database);
    .

    Should be
    PHP Code:
    die('Could not select database'); 
    The escaping should be good to prevent sql injections.
    Corrections to my coding/thoughts welcome.

  3. #3
    Join Date
    Mar 2011
    Posts
    2,026
    Thanks
    59
    Thanked 108 Times in 106 Posts
    Blog Entries
    4

    Default

    I fixed that up but now it comes up with this error

    Parse error: syntax error, unexpected $end in /home1/keyboard/public_html/Canberra Amatuer Productions/comments.php on line 29

    Doesn't that mean there is an unclosed {} section?

  4. #4
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    That's correct, sorry I missed the missing } after the while before.

    PHP Code:
    else 
    {
        
    // POST data wasnt entered, so display the comments and comment form

        // view comments from database
        
    $sql mysql_query ("SELECT * FROM comments");
        while (
    $row mysql_fetch_array ($sql)) {
            echo 
    $row['comments'].'<br />';
    }
    // this closes the loop

        
    echo '<br /><br />
        <form action="comments.php" method="post">
        Comments:<br />
        <textarea name="comment" cols="40" rows="7"></textarea>
        </form>'
    ;
    // this closes the else
    ?> 
    Corrections to my coding/thoughts welcome.

  5. #5
    Join Date
    Mar 2011
    Posts
    2,026
    Thanks
    59
    Thanked 108 Times in 106 Posts
    Blog Entries
    4

    Default

    PHP Code:
    <?php 

     mysql_connect
    ("localhost""****""****") or die('could not connect to database'); 
     
    mysql_select_db("****") or die('Could not select database');

    if (isset (
    $_POST['submit'])) 
    {
        
    $comment mysql_escape_string (trim ($_POST['comment']));
        
    $sql mysql_query ("INSERT INTO comments (id,comments) VALUES ('0','".$comment."')");

        echo 
    'Your comment has been entered successfully!';

    else 
    {
        
    // POST data wasnt entered, so display the comments and comment form

        // view comments from database
        
    $sql mysql_query ("SELECT * FROM comments");
        while (
    $row mysql_fetch_array ($sql)) {
            echo 
    $row['comments'].'<br />';
    }

        echo 
    '<br /><br />
        <form action="comments.php" method="post">
        Comments:<br />
        <textarea name="comment" cols="40" rows="7"></textarea>
        <input type="submit" value="Submit">
        </form>'
    ;
    }
    ?>

    I put a submit button in and I filled in the comments text box and cliked submit but nothing happened. I checked the sql database and nothing had been inserted. Any help please?

  6. #6
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    PHP Code:
      <input type="submit" value="Submit" name="submit"
    http://php.net/manual/en/reserved.variables.post.php

    Your POST will never get the value unless you give the input a name.
    Corrections to my coding/thoughts welcome.

  7. #7
    Join Date
    Mar 2011
    Posts
    2,026
    Thanks
    59
    Thanked 108 Times in 106 Posts
    Blog Entries
    4

    Default

    Thanks so much. I have a working comments box. Now i'm going to try putting some other things in their to. I would like the comments to be displayed with a line in between each of them. I think the code is /r/n but I'm not sure where to put it. any help would be great.

  8. #8
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    Change your $comment (line 5?) to this

    PHP Code:
    $comment nl2br(mysql_escape_string (trim ($_POST['comment']))); 
    Corrections to my coding/thoughts welcome.

  9. #9
    Join Date
    Mar 2011
    Posts
    2,026
    Thanks
    59
    Thanked 108 Times in 106 Posts
    Blog Entries
    4

    Default

    Could you please explain to me how this works

  10. #10
    Join Date
    Mar 2007
    Location
    New York, NY
    Posts
    557
    Thanks
    8
    Thanked 66 Times in 66 Posts

    Default

    The ASCII code to break lines is \n. It may not look like it, but every line break in any string has an \n at the end of it.

    So for example:
    Hello, world!
    Line 1
    Line 2
    Line 3

    Line 5

    Actually looks like:
    Hello, world!\n
    Line 1\n
    Line 2\n
    Line 3\n
    \n
    Line 5\n

    The function nl2br() converts \n into the HTML tag, <br /> or <br>
    The second argument in the function is a boolean value (true or false) of whether the standard is XHTML or not. XHTML uses <br />, while HTML > 4.01 uses <br>.
    http://php.net/nl2br

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •