mjxs

Aha. The culprit? This: header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?id=" . $validentry); Needed to be this: header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?id=" . $validentry); I guess the syntax for predefined variables must have changed some time after the publication of the manual I'm using. Either way, I've spent years working with and debugging C, Java and VB, but php is clearly an all-new sort of monster in this sense. None the less, thanks for all your help and hopefully I didn't waste too much of this board's time. I'll try to keep the n00b issues to a minimum

Apologies for the double post. I just changed this line: header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?id=" . $validentry); to header("Location: http://www.google.com/"); And sure enough, now when I submit a comment, I get redirected to google. So why isn't my page refreshing and how can I fix it? Is there something wrong with the header() code? UPDATE: I stuck the following line in: echo "<h1>HTTP_HOST: " . $HTTP_HOST . "<BR>SCRIPT_NAME: " . $SCRIPT_NAME . "<BR>validentry: " . $validentry; and I got this: Notice: Undefined variable: HTTP_HOST in C:\xampp\htdocs\blog\viewentry.php on line 47 Notice: Undefined variable: SCRIPT_NAME in C:\xampp\htdocs\blog\viewentry.php on line 47 I'm taking a wild guess that these variables or this syntax is deprecated?

Well, $validentry must be the right value otherwise the rest of the code would fall apart (since it's used to determine what post a new comment is attached to, and the comments DO work the page just doesn't refresh). Nonetheless, I still inserted the code as you suggest and sure enough it is the right value. The SQL injection is literally the first thing that happens. I also noted that the bracket ("}") in the else condition where it says "//code goes here" was supposed to be just before the call for footer.php so I changed that. However, it still doesn't update the page. I used your suggestion for an echo call after the $_POST['submit'] condition but since the page doesn't refresh, it doesn't even get to that point. I know that header() will fail if any information is processed on the client-side before that call is executed but I can't see anywhere where anything, even whitespace, would be sent to the client; since it is injecting data to my mySQL database, I know it is getting into that part of the if statement, but for some reason, the clicking of that button just isn't causing the browser to reload the page. I'm wondering if this could have something to do with browser caching issues? I'm going to try it in IE but if anyone has any additional suggestions, by all means, please help.

I don't suppose anyone has any ideas? Still haven't found a resolution :/

Correct. The page stays completely static, as if the button, it does nothing. But if I manually refresh the new comments are there.

Hey everyone. I'm new here and let me apologize if I am reposting a question; I've looked through the forums for a while and can't seem to find anything similar. I'm using Jono Bacon's "Practical PHP and MySQL with Applications" and working my way through his blog project. All seems good and well, but I got to the part about submitting new comments on blog posts. When I click the submit button, it should post the various information to the MySQL database. It does this, but the submit button doesn't refresh the page. It does submit the mysql query, so if I manually reload, the new comment shows up, but the submit button doesn't cause the page to refresh automatically. Below is my code. Any help is greatly appreciated. <?php require("config.php"); if(isset($_GET['id']) == TRUE) { if(is_numeric($_GET['id']) == FALSE) { $error = 1; } if($error == 1) { header("Location: " . $config_basedir); }else{ $validentry = $_GET['id']; } }else{ $validentry = 0; } //check to see if this page is being loaded as the result of a comment being submitted if($_POST['submit']){ $db = mysql_connect($dbhost, $dbuser, $dbpassword); //appears to return a pointer to the database mysql_select_db($dbdatabase, $db); $sql = "INSERT INTO comments(blog_id, tier, replyto, dateposted, name, comment) VALUES(" . $validentry . ", 1, 0, NOW(), '" . $_POST['name'] . "', '" . $_POST['comment'] . "');"; mysql_query($sql); header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?id=" . $validentry); }else{ //code goes here } require("header.php"); if($validentry == 0) { $sql = "SELECT entries.*, categories.cat FROM entries, categories WHERE entries.cat_id = categories.id ORDER BY dateposted DESC LIMIT 1;"; }else{ $sql = "SELECT entries.*, categories.cat FROM entries, categories WHERE entries.cat_id = categories.id AND entries.id = " . $validentry . " ORDER BY dateposted DESC LIMIT 1;"; } $result = mysql_query($sql); $row = mysql_fetch_assoc($result); echo "<h2>" . $row['subject'] . "</h2><br>"; echo "<i>In <a href='viewcat.php?id=" . $row['cat_id'] . "'>" . $row['cat'] . "</a> - Posted on " . date("D jS F Y g.iA", strtotime($row['dateposted'])) . "</i>"; echo "<p>"; echo nl2br($row['body']); echo "</p>"; //form the SQL; we only want top level comments as these are relpies to the post itself $commsql = "SELECT * FROM comments WHERE blog_id = " . $validentry . " AND tier = 1 ORDER BY dateposted DESC;"; //now send the query $commresult = mysql_query($commsql); //now count how many comments we have $num_commrows = mysql_num_rows($commresult); echo "<div id='comment'>"; if ($num_commrows == 0) { echo "<p><i>No comments.</i></p>"; }else{ $i = 0; //the take the result and put it into an array - use this as the sentinel control while($commrow = mysql_fetch_assoc($commresult)) { //first set up the formatting tag. Build a table echo "<table><tr class='commentinfo'><td class='commentauthor'>"; //post the comment info; name and date echo "<a name='comment" . $i . "'>"; echo "Comment by " . $commrow['name'] . "</a></td>"; //next cell, put the date on the far right echo "<td class='commentdate'>"; echo date("D jS F Y g.iA", strtotime($commrow['dateposted'])) . "</td></tr><tr><td class='commentbody' colspan=2>"; echo $commrow['comment']; echo "</td></tr>"; //stick in the reply button; echo "<tr class='commentoptions'><td colspan=2>[reply]</td></tr>"; echo "</table>"; //now we stick in relpies to the comments $repsql = "SELECT * FROM comments WHERE blog_id = " . $validentry . " AND tier = 2 AND replyto = " . $commrow['id'] . " ORDER BY dateposted DESC;"; $represult = mysql_query($repsql); $num_reprows = mysql_num_rows($represult); if ($num_reprows > 0) { $j = 0; //the take the result and put it into an array - use this as the sentinel control while($reprow = mysql_fetch_assoc($represult)) { //first set up the formatting tag. Build a table echo "<table style='margin-left:50px;'><tr class='commentinfo'><td class='commentauthor'>"; //post the comment info; name and date echo "Comment by " . $reprow['name'] . "</td>"; //next cell, put the date on the far right echo "<td class='commentdate'>"; echo date("D jS F Y g.iA", strtotime($reprow['dateposted'])) . "</td></tr><tr><td class='commentbody' colspan=2>"; echo $reprow['comment']; echo "</td></tr>"; echo "</table>"; } } $i++; } } //close off the div tag echo "</div>"; ?> <h3>Leave a comment</h3> <form action="<?php echo $_SERVER['SCRIPT_NAME'] . "?id=" . $validentry; ?>" method="post"> <table> <tr> <td>Your name:</td> <td><input type="text" name="name"></td> </tr> <tr> <td>Comments:</td> <td><textarea name="comment" rows="10" cols="50"></textarea></td> <tr> <td></td> <td><input type="submit" name="submit" value="Add comment"></td> </tr> </table> </form> <?php require("footer.php"); ?>