aleX2

Thank you for suggestions how to create tables... I will use that in the future.

It's done... Table: users user_id int(11) firstname varchar(100) email varchar(50) password varchar(300) status enum('admin','user') Table: comment comment_id int(11) user_id int(11) news_id int(11) firstname varchar(50) comment text time timestamp Table: news news_id int(11) title varchar(200) text text category varchar(20) time timestamp author varchar(50)

Diff between name(is for first and lastname) and username{nickname). For text fields they told us to put text and not varchar.So we don't have to worry about word limit. Thanks for suggestion, it is a good one. In school they told us to use timestamp. As I told you I am a begginer and I don't know a lots of things. That is why I came here in first place.

Table: comment comment_id int(11) user_id int(11) news_id int(11) name varchar(50) comment text time timestamp Table: users user_id int(11) name varchar(100) email varchar(50) username varchar(50) password varchar(300) status enum('admin','user') Table: news news_id int(11) title varchar(200) text text category varchar(20) time timestamp author varchar(50)

I made a change to id colums

ok, I will change that now....

in users table is the real id of the person... news id just have the news id so I can show it in comment table. and I guess that I don't need the id of comment...just the id of person?

users: id name email password status(admin or user) (sign up and log in) news:id(of the news), title, text, category, author(I am the author) comment: id(of comment), user_id(to see what user wrote the comment), newsid(to se on what news he wrote the comment), name(of the person), comment, time

Yes, the real names of columns. In users table id is person's id, in comments table id is id of comment and user_id is person who wrote the comment.And id in news table is news id.Author is the person who wrote the news in my case is admin(me)

They told me to expand so i can see what user on what news left the comment. It is a "newspaper" folder in mysql so I have: users table id, name, email, password, status comment table I have id, user_id, newsid, name, comment and time news table id, title, text, category, author Point is to show news and only logged in user can comment on that news.User can only delete the message that he wrote and admin can delete all messages.

They told me to do this: "Only logged in users need to be able to write comments. It is necessary to keep the user id in the session. Expand the comment table with the user_id column to keep track of which user left the comment (you are taking the user id from the session). When scrolling through comments, it is necessary to compare whether the user id and the comment table match the user id from the session, if it matches, only then display the delete buttons." Well, I done the part that only logged in users are able to write a comment and I expanded table...But when it comes to write a match code I get lost.Or I don't write a code well or I don't put it in the right place.I don't know where is the problem.😰

That is a problem...I know how to make delete button, but I don't know how to make it function well for user and admin.We still didn't got to js script part in classes.😒

As I said I am a begginer...I don't know what I'm doing.😶 I don't know what I need to change.

<?php session_start(); require_once("function.php"); require_once("class/DataB.class.php"); $conn = new DataB(); if(!$conn->connect()) { echo "Wrong DB connection!"; exit(); } if(isset($_POST['comment'])){ if(login()) { $id = $_SESSION['id']; $user_id = $_SESSION['user_id']; $status = $_SESSION['status']; } $query = "DELETE FROM comment WHERE user_id={$id}"; $conn->query($query); header("Location: deletecomment.php"); } ?> And this is a dcomm page

<?php session_start(); require_once("function.php"); require_once("class/DataB.class.php"); $conn = new DataB(); if(!$conn->connect()) { echo "Wrong DB connection!"; exit(); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Delete Comment</title> <link rel="stylesheet" href="css/style.css"> </head> <body> <div id="container"> <?php require_once("nav.php"); if(login()) { $id = $_SESSION['id']; $query = "SELECT * FROM comment"; } $res = $conn->query($query); if($conn->num_rows($res) > 0){ while($row = $conn->fetch_assoc($res)){ ?> <div id="img"> <a href="dcomm.php?id=<?php echo $row['id'];?>"><img src="img/delete.png" title="DELETE COMMENT"></a> <p><b> Name: </b><br><?php echo $row['name'];?></p> <p><b> Comment: </b><br><?php echo $row['comment'];?></p> </div> <hr> <?php } }else{ echo "<h3>No comments!</h3>"; } ?> </div> </div> </body> this is delecomment page

<?php session_start(); require_once("function.php"); require_once("class/DataB.class.php"); $conn = new DataB(); if(!$conn->connect()) { echo "Wrong DB connection!"; exit(); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>News</title> <link rel="stylesheet" href="css/style.css"> </head> <body> <div id="container"> <?php require_once("nav.php"); if(isset($_GET['id'])) { $id=$_GET['id']; if(filter_var($id, FILTER_VALIDATE_INT)) { $query="UPDATE news SET seen=seen+1 WHERE id={$id}"; $conn->query($query); $query="SELECT * FROM viewnews WHERE deleted=0 AND id={$id}"; $res=$conn->query($query); while($row=$conn->fetch_assoc($res)) { echo "<div>"; echo "<p><a href='news.php?category={$row['category']}'>{$row['categoryname']}</a></p>"; echo "<h2>{$row['title']}</h2>"; echo "<p>{$row['text']}</p><br>"; echo "<div style='color:white;'><a href='news.php?author={$row['author']}'>{$row['name']}</a> | ".date("d.m.Y H:i",strtotime($row['time']))."</div>"; echo "</div>"; } } } else echo "<p>You didn't choose the news!!!<p>"; ?> <hr> <?php if(login()) { ?> <div style="text-align:center"> <form action="news2.php?id=<?= $_GET['id']?>" method="POST"> <input type="text" name="name" placeholder="Name..."><br><br> <textarea name="comment" cols="30" rows="10" placeholder="Comment..."></textarea><br><br> <button>Add Comment</button> </form> </div> <hr> <?php if(isset($_POST['name']) AND isset($_POST['comment'])) { $name = $_POST['name']; $comment = $_POST['comment']; $name=filter_var($name, FILTER_SANITIZE_STRING); $comment=filter_var($comment, FILTER_SANITIZE_STRING); if($name != "" AND $comment != "") { $query = "INSERT INTO comment (user_id, newsid, name, comment) VALUES ('{$_SESSION['id']}', '{$_GET['id']}', '{$name}', '{$comment}')"; $res = $conn->query($query); if(!$conn->error()) { } else { echo "<p>Try again!</p>"; } } } $query="SELECT * FROM comment"; $res=$conn->query($query); if($conn->num_rows($res)==0) echo "<h3>No comments!</h3>"; else { while($row=$conn->fetch_object($res)) { echo "<div id='img'>"; echo "<a href='dcomm.php?id={$row->id}>'><img src='img/delete.png' title='DELETE COMMENT'></a>"; echo "<p style='color:purple'><ins><b>$row->name</b></ins> | ".date("d.m.Y H:i",strtotime($row->time))."</p>"; echo "<p>$row->comment</p>"; echo "</div>"; echo "<hr>"; } } } ?> </div> </body> </html> This is news page with comments

Well...they told us to make a news page with categories. Only logged in users can leave comment on news. I have News table, Users table (id, name, email, username, pass, status(admin, user)), Comment table (id, user_id(to know what user wrote a comment) newsid(to know on what news user wrote a comment), name, comment).Everything is great until moment where I can make a difference who can see and delete things.So, if you log in you can type a comment and supposed to delete it(own comment) and if you are admin you can see and delete all.

I have in sql users table and status col admin and users

if(isset($_SESSION['id'])){ $id = $_SESSION['id']; $query = "DELETE FROM comment WHERE user_id={$id}"; $conn->query($query); This is second part of code...I don't know how to make a difference.

if(login()) { $id = $_SESSION['id']; $query = "SELECT * FROM comment WHERE user_id={$_SESSION['id']}"; } $res = $conn->query($query); if($conn->num_rows($res) > 0){ while($row = $conn->fetch_assoc($res)){ ?> <div id="img"> <a href="dcomm.php?id=<?php echo $row['id'];?>"><img src="img/delete.png" title="DELETE COMMENT"></a> <p><b> Name: </b><br><?php echo $row['name'];?></p> <p><b> Comment: </b><br><?php echo $row['comment'];?></p> </div> <hr> <?php } }else{ echo "<h3>No comments!</h3>"; } Sorry, I'm new here. Here is part of my code... I need to make a difference between logged in user and admin. Admin need to be able to see all and delete all and users who log in they just need to be able to delete their own posts.

Hello everyone... I would be really happy if someone can help me. I'm begginer in all of this and I'm stuck. I have assignment to make some page where only people who log in can leave a message, and I done all that and it works. My problem is that I need to make a delete button so that users can delete their own comment. Whatever I tried nothing works or I get delete button but in that case user can delete all posts. Can someone PLEASE help me with that... THANK YOU! I attached my code OMG.txt