Jump to content

[SOLVED] reporting users

runnerjp

By runnerjp
in PHP Coding Help

Recommended Posts

runnerjp Advanced Member

runnerjp

Posted
Posted

for some reason my from field will now work :S

 

i have echod $username and it works at the point of printing out the success message... but its not adding it into my db and also reported_by is deffently correct

 

<?php
session_start();
require_once '../settings.php';
checkLogin ('1 2');

$username= get_username($_SESSION['user_id']);

    if(!$_POST['report']){?>
<h2>Report User</h2>
        <form method="post" action=<? "$_SERVER[php_SELF]" ?>>
        <p>
        <label></label>
        </p>
        <table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>Reason</td>
          </tr>
          <tr>
            <td><textarea cols="25" rows="5" name="reason"></textarea></td>
          </tr>
          <tr>
            <td><input type="submit" name="report" value="Report User" /><input type="hidden" name="id" value="<?php echo $getreplies3['author'] ?>"><input type="hidden" name="username" value="<?php echo $username; ?>"></td>
          </tr>
        </table>
        <p>
          <label></label>
        </p>
        </form><?php
    }else{ //or...
          $user =  mysql_real_escape_string( $_POST['id']); //protect the username being reported
        $reason = mysql_real_escape_string($_POST['reason']); //protect the text input again
        $date = date("d-m-y h:i A"); //today's date
        $from = mysql_real_escape_string($_POST['username']); //logged user 
        if(empty($reason)){ //something was empty!!!!
            print "<h2>Error</h2>
            <p>
            You Must Fill Out The Form Completely
            </p>"; //haha you fail!
        }else{ //or not?
            $insert = mysql_query("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '$user','$reason','$date','$form');"); //insert the data
            if(mysql_error()){ //poo theres an error
                print "<h2>Error</h2>
                <p>" . mysql_error() . "</p>"; //echo the error
            }else{ //or...
                print "<h2>Success</h2>
                <p>
                Report Sent!
                </p>"; //no error
            } //end error check
        } //end empty check
    }//end form check

?>

Link to comment
https://forums.phpfreaks.com/topic/108510-solved-reporting-users/
Share on other sites
Loldongs Newbie

Loldongs

Posted
Posted 

            $insert = mysql_query("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '$user','$reason','$date','$form');"); //insert the data

 

You cannot use variables between ' ' they will not work try using sprintf its much cleaner

 

            $query = sprintf("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '%s','%s','%s','%s');", $user, $reason, $date, $form);
            $insert = mysql_query($query); //insert the data

runnerjp Advanced Member

runnerjp

Posted
  • Author
Posted

Humm ok with just chnaging that i get a t_else error for some reason

 

<?php
session_start();
require_once '../settings.php';
checkLogin ('1 2');

$username= get_username($_SESSION['user_id']);

    if(!$_POST['report']){?>
<h2>Report User</h2>
        <form method="post" action=<? "$_SERVER[php_SELF]" ?>>
        <p>
        <label></label>
        </p>
        <table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>Reason</td>
          </tr>
          <tr>
            <td><textarea cols="25" rows="5" name="reason"></textarea></td>
          </tr>
          <tr>
            <td><input type="submit" name="report" value="Report User" /><input type="hidden" name="id" value="<?php echo $getreplies3['author'] ?>"><input type="hidden" name="username" value="<?php echo $username; ?>"></td>
          </tr>
        </table>
        <p>
          <label></label>
        </p>
        </form><?php
    }else{ //or...
          $user =  mysql_real_escape_string( $_POST['id']); //protect the username being reported
        $reason = mysql_real_escape_string($_POST['reason']); //protect the text input again
        $date = date("d-m-y h:i A"); //today's date
        $from = mysql_real_escape_string($_POST['username']); //logged user 
        if(empty($reason)){ //something was empty!!!!
            print "<h2>Error</h2>
            <p>
            You Must Fill Out The Form Completely
            </p>"; //haha you fail!
        }else{ //or not?
            $$query = sprintf("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '%s','%s','%s','%s');", $user, $reason, $date, $form);
            $insert = mysql_query($query); //insert the data
                print "<h2>Error</h2>
                <p>" . mysql_error() . "</p>"; //echo the error
            }else{
                print "<h2>Success</h2>
                <p>
                Report Sent!
                </p>" ;echo $username; //no error
            } //end error check
        } //end empty check
    }//end form check

?>

 

its at this else <p>" . mysql_error() . "</p>"; //echo the error

            }else{

                print "<h2>Success</h2>

DarkWater Member

DarkWater

Posted
Posted 

            $insert = mysql_query("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '$user','$reason','$date','$form');"); //insert the data

 

You cannot use variables between ' ' they will not work try using sprintf its much cleaner

 

            $query = sprintf("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '%s','%s','%s','%s');", $user, $reason, $date, $form);
            $insert = mysql_query($query); //insert the data

 

Wrong.  The whole string was in double quotes, so the individual single quotes in there make no difference.  His first method was perfectly fine.

freeloader Member

freeloader

Posted
Posted

Darkwater was right, your example was correct. However you did some other things wrong there :)

 

<?php
session_start();
require_once '../settings.php';
checkLogin ('1 2');

$username= get_username($_SESSION['user_id']);

    if(!$_POST['report']){?>
<h2>Report User</h2>
        <form method="post" action="<?php echo $_SERVER[php_SELF]; ?>">
	<input type="hidden" name="id" value="<?php echo $getreplies3['author'] ?>">
	<input type="hidden" name="username" value="<?php echo $username; ?>">
        <p>
        <label></label>
        </p>
        <table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>Reason</td>
          </tr>
          <tr>
            <td><textarea cols="25" rows="5" name="reason"></textarea></td>
          </tr>
          <tr>
            <td><input type="submit" name="report" value="Report User" /></td>
          </tr>
        </table>
        <p>
          <label></label>
        </p>
        </form><?php
    }else{ //or...
        $user =  mysql_real_escape_string( $_POST['id']); //protect the username being reported
        $reason = mysql_real_escape_string($_POST['reason']); //protect the text input again
        $date = date("d-m-y h:i A"); //today's date
        $from = mysql_real_escape_string($_POST['username']); //logged user 
        if(empty($reason)){ //something was empty!!!!
            print "<h2>Error</h2>
            <p>
            You Must Fill Out The Form Completely
            </p>"; //haha you fail!
        }else{ //or not?
            $insert = mysql_query("INSERT INTO `reps` (`username`,`reason`,`date`,`reported_by`) VALUES ( '$user','$reason','$date','$from');"); //insert the data
            if(mysql_error()){ //poo theres an error
                print "<h2>Error</h2>
                <p>" . mysql_error() . "</p>"; //echo the error
            }else{ //or...
                print "<h2>Success</h2>
                <p>
                Report Sent!
                </p>"; //no error
            } //end error check
        } //end empty check
    }//end form check

?>

 

1) I moved the hidden form fields to the top of your form, although it's not a necessity, it looks much more neat

2) action="<? echo $_SERVER[php_SELF]; ?>" you had that one completely wrong

3) VALUES ( '$user','$reason','$date','$from') you wrote 'form' instead of 'from', always check your insert by echo $insert if it's not doing someting right

 

I didn't find the t_else error, might've overlooked it though. See if it works this way and let us know.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.