[SOLVED] PHP/MySql Help Please!

[rEhSi_123]

Hello everybody,

 

Please somebody help me out here!

 

I am building a forum atm and have encountered a error 'query is empty'

 

Now I am trying to reply to a comment instead to a TOPIC.........

 

So basically when a person posts a comment and accordingly another user replies to this comment by clicking on the 'reply' link and this is the php behind the link:

<a href=\"index.php?act=test&id=".$rowr['id']."\"><img src=\"quoteIcon.gif\"></a>

 

Now the above code seems to obtain the id of the comment posted which is what I want.

 

So going ahead......now the part comes when the user types in the words replying to the comment and then clicks 'Add-Reply' after which I get the error.

 

The reply should go into my table forum_replies like other replies to post but in the following manner;

 

id - tid - uid - message - date - time - edit_time - parent_id

33 10 4 hey 20/03/2009 1237593182 0 NULL

34 10 6 hey yourself 21/03/2009 1237563999 0 33

 

The Parent_id is the ID of the comment to which a reply is being made.

 

Here is my php code....please somebody check and help me correct it accordingly

 

<?php

if(!$_SESSION['uid']){
header("Location: index.php");
}

//if(!$_POST['submit']){
//	echo "Invalid usage of file";
//}else {

$msg = mss($_POST['reply']);
$tid = mss($_GET['id']);


if($tid){
	$tid = mss($_GET['id']);
	$reply_id = mss($_GET['id']);
	$sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
	$res = mysql_query($sql) or die(mysql_error());
	if(mysql_num_rows($res) == 0){
		echo "This topic does not exist!";
	}else {
		$row = mysql_fetch_assoc($res);

		if(!$_POST['submit']){
		echo "<form method=\"post\" action=\"./index.php?act=test&id=".$row['id']."\">\n";

		echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";			    
		echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td></tr>\n";
		echo "</table>\n";
	}else{
		if($row2['admin'] == 1 && $admin_user_level == 0){
			echo "You do not have sufficient priveleges to add a reply to this topic";
		}else {
		      if(!$msg){
		               echo "You did not supply a reply";
			       }else {
				     if(strlen($msg) < 10 || strlen($msg) > 10000){
					echo "Your reply must be between 10 and 10,000 characters!";
					}else {
						$date = date("d-m-y") ." at ". date("h-i-s");
						$time = time();

						$sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."')";
						$res4 = mysql_query($sql3) or die(mysql_error());
						$sql5 = "UPDATE `forum_replies` SET `reply_id` = '".$id."' WHERE `message` = '".$msg."'";
						header("Location: ./index.php?act=topic&id=".$tid); 
						}

					}		
				 }
			  }
		   }	
	    }

?>

 

Thanks in Advance

[trq]

You mention your getting an error, what is it?

[rEhSi_123]

You mention your getting an error, what is it?

 

query is empty says in my first post on the top......

 

I solved that error alright you can see I put the wrong '$res' in mysql_query......

$sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."')";
                     $res4 = mysql_query($sql3) or die(mysql_error());

 

But got another error now saying This topic does not exists! which according this in my php code suggests that the topic doesn't exists?

 

  if($tid){
      $tid = mss($_GET['id']);
      $reply_id = mss($_GET['id']);
      $sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
      $res = mysql_query($sql) or die(mysql_error());
      if(mysql_num_rows($res) == 0){
         echo "This topic does not exist!";
      }else {

 

Please Advice

[fry2010]

Look at your SECOND mysql query. You have called it $sql4  BUT you are trying to initiate $sql3 which doesnt exist from what I can see.

Also you are not doing anything with your THIRD mysql query which you have called $sql5.

 

Also you know you can use the MYSQL date functions and datetime function, it would make it a little easier instead of changing to unix timestamp etc... and you wouldnt need a second column in your table for the time it was posted.

 

[trq]

The problem is your executing $sql3 while your query is within $sql4. Why people number queries is behond me, theres no need for it at all. A simple $sql variable will do.

[fry2010]

ah.. u found it.

Ok try to echo out $tid to make sure it actually has a value and the correct one.

What does your function mss() do?

You might want to physically check that you have data in your database too.... iv seen it happen recently where there was no data in the table to query in the first place.

[rEhSi_123]

ah.. u found it.

 

Yeah   

 

Ok try to echo out $tid to make sure it actually has a value and the correct one.

 

I dont think so it does mate.....thats why it is giving the error.....This topic does not exists! 

 

 

[fry2010]

do this:

  if($tid){
      $tid = mss($_GET['id']);

      echo $tid;

      $reply_id = mss($_GET['id']);
      $sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
      $res = mysql_query($sql) or die(mysql_error());
      if(mysql_num_rows($res) == 0){
         echo "This topic does not exist!";
      }else {

 

if it doesnt exist check the database that you have the correct id for it and that data is actually present.

[rEhSi_123]

do this:

  if($tid){
      $tid = mss($_GET['id']);

      echo $tid;

      $reply_id = mss($_GET['id']);
      $sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
      $res = mysql_query($sql) or die(mysql_error());
      if(mysql_num_rows($res) == 0){
         echo "This topic does not exist!";
      }else {

 

if it doesnt exist check the database that you have the correct id for it and that data is actually present.

 

Right mate I check my table and it is inputting the data alright but in the tid it is inputting the wrong ID which is why the error pops up......

 

Also, the ID which it is inputting is of the previous comment but it should be going inside the reply_id which is now 0.....

[fry2010]

cool, well... nearly there.

Check that last query. Is it actually being performed? Also you are putting into it $id not $tid.

 

                     $sql5 = "UPDATE `forum_replies` SET `reply_id` = '".$id."' WHERE `message` = '".$msg."'";
                     header("Location: ./index.php?act=topic&id=".$tid); 
                     }

 

 

Look at the part  'SET 'reply_id' = '".$id."' WHERE ......'  Should it not be  : 'SET 'reply_id' = '".$reply_id.'" WHERE.....';

?

 

[rEhSi_123]

cool, well... nearly there.

Check that last query. Is it actually being performed? Also you are putting into it $id not $tid.

 

                     $sql5 = "UPDATE `forum_replies` SET `reply_id` = '".$id."' WHERE `message` = '".$msg."'";
                     header("Location: ./index.php?act=topic&id=".$tid); 
                     }

 

 

Look at the part  'SET 'reply_id' = '".$id."' WHERE ......'  Should it not be  : 'SET 'reply_id' = '".$reply_id.'" WHERE.....';

?

 

The last query is also not working it is just inputting '0' into the table.........

 

Also $reply_id should equal to $id as I want to store the value of the ID i am replying to!!!!!

 

Also the mss function should obtain the id of the topic from the table forum_topics!

[fry2010]

Show us the mss() function...

 

also instead of this:

                     $sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."')";
                     $res4 = mysql_query($sql3) or die(mysql_error());
                     $sql5 = "UPDATE `forum_replies` SET `reply_id` = '".$id."' WHERE `message` = '".$msg."'";
                     header("Location: ./index.php?act=topic&id=".$tid); 
                     }

 

why not do this?

                    $sql = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`,`reply_id`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."','".$tid."')";
                     $res4 = mysql_query($sql) or die(mysql_error());
                     header("Location: ./index.php?act=topic&id=".$tid); 
                     }

 

Try that at the end and see what you get

[rEhSi_123]

Show us the mss() function...

 

also instead of this:

                     $sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."')";
                     $res4 = mysql_query($sql3) or die(mysql_error());
                     $sql5 = "UPDATE `forum_replies` SET `reply_id` = '".$id."' WHERE `message` = '".$msg."'";
                     header("Location: ./index.php?act=topic&id=".$tid); 
                     }

 

why not do this?

                    $sql = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`,`reply_id`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."','".$tid."')";
                     $res4 = mysql_query($sql) or die(mysql_error());
                     header("Location: ./index.php?act=topic&id=".$tid); 
                     }

 

Try that at the end and see what you get

 

Right bro! The SQL you provided works excellent 8) thanks mate......

 

I actually dont have a function as such I think which what is causing the issue......

but I used the same mss in my reply.php for adding replies to the thread.......and it works fine......

[rEhSi_123]

I actually dont have a function as such I think which what is causing the issue......

but I used the same mss in my reply.php for adding replies to the thread.......and it works fine......

 

Ignore the above as I was talking rubish........I have a function just can't find it  .....

Let me have a look again.....

[rEhSi_123]

I just can find the mss function ???

 

Also my reply.php is coded in the same fashion but works a treat......???

 

here is code for my reply.php

<?php

if(!$_SESSION['uid']){
header("Location: index.php");
}

//if(!$_POST['submit']){
//	echo "Invalid usage of file";
//}else {
$tid = mss($_GET['id']);
$msg = mss($_POST['reply']);



if(!$tid){
	echo "You did not supply a topic to add a reply to";
}else {
	$sql = "SELECT * FROM `forum_topics` WHERE `id`='".$tid."'";
	$res = mysql_query($sql) or die(mysql_error());
	if(mysql_num_rows($res) == 0){
		echo "This topic does not exist";
	}else {
		$row = mysql_fetch_assoc($res);
		$sql2 = "SELECT admin FROM `forum_sub_cats` WHERE `id`='".$row['cid']."'";
		$res2 = mysql_query($sql2) or die(mysql_error());
		$row2 = mysql_fetch_assoc($res2);
		if(!$_POST['submit']){
		echo "<form method=\"post\" action=\"./index.php?act=reply&id=".$row['id']."\">\n";
		echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";			    
		echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td></tr>\n";
		echo "</table>\n";
	}else{
		if($row2['admin'] == 1 && $admin_user_level == 0){
			echo "You do not have sufficient priveleges to add a reply to this topic";
		}else {
		      if(!$msg){
		               echo "You did not supply a reply";
			       }else {
				     if(strlen($msg) < 10 || strlen($msg) > 10000){
					echo "Your reply must be between 10 and 10,000 characters!";
					}else {
						$date = date("d-m-y") ." at ". date("h-i-s");
						$time = time(); 
						$sql3 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."')";
						$res3 = mysql_query($sql3) or die(mysql_error());
						$sql4 = "UPDATE `forum_topics` SET `time`='".time()."' WHERE `id`='".$tid."'";
						$res4 = mysql_query($sql4) or die(mysql_error);

						header("Location: ./index.php?act=topic&id=".$tid); 
						}

					}		
				 }
			  }
		   }	
	    }

?>

[fry2010]

ok cool, I thought everything is now sorted?

If you want to find your function when you put a value into it like you have done:

$tid = mss($tid); Change this to :  $tid = mss();

Make sure you have error reporting turned on and then load it in your browser. It will give you an error saying that no value has been passed to the function mss() on line ... in ...your doc...

So it will show you where it is.

I know what its like trying to find a function, a dam nightmare at times no matter how organized your code is.

[rEhSi_123]

do this:

  if($tid){
      $tid = mss($_GET['id']);

      echo $tid;

      $reply_id = mss($_GET['id']);
      $sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
      $res = mysql_query($sql) or die(mysql_error());
      if(mysql_num_rows($res) == 0){
         echo "This topic does not exist!";
      }else {

 

if it doesnt exist check the database that you have the correct id for it and that data is actually present.

 

Right bro! I tried to echo the $tid and its echoing the wrong ID which is of the comment to which a reply is being made........

[fry2010]

would you like to send me an email with all the documents involved with the code?

I dont mind trying to see whats going on with it. It sounds like a few things are just out of place maybe. You can get my email on my profile if you like to.

 

Actually before you do this try to echo out $reply_id and see if that is the correct id.

so this:  echo $reply_id;

[rEhSi_123]

would you like to send me an email with all the documents involved with the code?

I dont mind trying to see whats going on with it. It sounds like a few things are just out of place maybe. You can get my email on my profile if you like to.

 

Actually before you do this try to echo out $reply_id and see if that is the correct id.

so this:  echo $reply_id;

 

Naah man the value of reply_id and tid are both same........but tid is wrong as it is taking the value of the comment and hence causing the error you see......

 

I'll send a email containing my functions and the rest.....

[fry2010]

Ok got it.

So what you want to do is:

 

1) User selects a post they want to reply to. Meaning the only value you need is the id of this post.

2) So in the form they fill out you need to provide a GET value for to get this id.

3) Then after you check that they are an admin etc and that they have entered a reply you insert their post into the database.

4) To insert this into the database you need to provide the id value of the original post and also the tid aswell as the users own uid and message.

 

Is this correct?

 

Also you do realise that you are trying to insert an id for forum_replies in test when you have set the id colum to auto_increment... And also that you have not set a value for $id in the first place. You also use this $id to enter into columns:  id  and  reply_id.

 

I asume what you want to do is insert the original post id into reply_id, and then the id of the reply is actually the id column. So you shouldnt have to enter an id for that at all. Just insert the reply_id as $tid.

Check the bottom of your test.php doc.

 

But i dont understand why it is inserting the post message into the tid... that will mean you are sending the message as tid in the form. Check your actuall html form.

 

If none of this helps then say all the problems you are having in a list as such:

 

1) I reply to post and it is entering the message into the tid column when it should enter the topic id....

2) It is inserting the ..........

3)......

 

Like so its difficult to know exactly what its doing wrong and what it needs to do.

[fry2010]

btw your function mss() is in the global.php doc. Its only a mysql_real_escape_string().

[rEhSi_123]

btw your function mss() is in the global.php doc. Its only a mysql_real_escape_string().

 

Thanks bro for the effort.....really appreciate it all

 

Anyways.....what you said in the above is exactly what I want to do........the technique you adviced is something I used in my reply edit......which I will post below:

 

<?php

error_reporting(E_ALL ^ E_NOTICE); //Report all error except NOTICES

if(!$_SESSION['uid']){
header("Location: index.php");
}

$actz = $_GET['act2'];
$actzz = array('reply','topic','admin');

if($actz){
$admin = isa($_SESSION['uid']);

if($actz == 'admin'){

}
if($actz == 'reply'){
	$id = mss($_GET['id']);
	if($id){
		$sql = "SELECT * FROM `forum_replies` WHERE `id`='".$id."'";
		$res = mysql_query($sql) or die(mysql_error());
		if(mysql_num_rows($res) == 0){
			echo "This topic doesn't exist, so therefore you cannot edit it!";
			}else {
				$row = mysql_fetch_assoc($res);
				$user_id = $row['uid'];

				if($user_id == $_SESSION['uid'] || $admin == 1){
				  if(!$_POST['submit']){
						echo "<form method=\"post\" action=\"./index.php?act=mod&act2=reply&id=".$id."\">\n";
						echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";
						echo "<tr><td class=\"forum_header\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\">".$row['message']."</textarea></td></tr>\n";
						echo "<tr><td class=\"forum_header\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Edit This Reply\"></td></tr>\n";
						echo "</table></form>\n";
						}else {
							$reply = mss($_POST['reply']);
								if($reply){
									$r = range(10,10000);
									if(in_array(strlen($reply),$r)){
										$sql2 = "UPDATE `forum_replies` SET `message`='".$reply."', `edit_time`='".time()."' WHERE `id`='".$id."'";
										$res2 = mysql_query($sql2) or die(mysql_error());
										header("Location: index.php?act=topic&id=".$row['tid']."");
										}else {
											echo "Your message must be between 10 and 10000";
										}
									}
								}
							}else {
								echo "This is not your reply to edit!";
								}
					}
				}
		}				
if($actz == 'topic'){
		$id = mss($_GET['id']);
	if($id){
		$sql1 = "SELECT * FROM `forum_replies` WHERE `id`='".$id."'";
		$res1 = mysql_query($sql) or die(mysql_error());
		if(mysql_num_rows($res) == 0){
			echo "This topic doesn't exist, so therefore you cannot edit it!";
			}else {
				$row = mysql_fetch_assoc($res);
				$user_id = $row['uid'];
			   if($user_id == $_SESSION['uid'] || $admin == 1){
				 $sql2 = "DELETE FROM `forum_replies` WHERE `id`='".$id."'";
				 $res2 = mysql_query($sql2) or die(mysql_error());
				 echo "Message Deleted";  
				   } 
	}
}
}
 }else {
header("Location: index.php");
}
?>

[fry2010]

**OOPS i made a bo-bo, have just editted it**

 

cool no probs mate.

errr.... What you need to do is:

 

1)User presses reply button. They then enter their message.

2)You need to pass the following information with GET:

 

• original post id
  
• the topic id
  

 

3)In the next script You need to collect these details so:

• $reply_id = $_GET['original_post_id'];
  
• $topic_id = $_GET['topic_id'];
  

 

4)You will also need the details of the user that has made the reply:

• $msg = $_POST['message'];
  
• $uid = $_SESSION['this_user'];
  

 

5)Then once you have checked that the user has actually entered a message and is an admin you then insert this information into the database as such:

 

$sql2 = "INSERT INTO forum_replies (uid, tid, reply_id, msg, date, time) VALUES ('$uid', '$topic_id', '$reply_id', '$msg', '$date', '$time')";

 

6)Then if you want to check this is all inserted correctly echo it out:

 

         $sql = "SELECT * FROM forum_replies WHERE uid = '$uid'";
         $res = mysql_query($sql) or die(mysql_error());
         while($row = mysql_fetch_assoc($res))
         {
            echo 'The User ID is:'.$row['uid'].'<br />';
            echo 'The Topic ID is:'.$row['tid'].'<br />';
            echo 'The Reply ID is:'.$row['reply_id'].'<br />';
            echo 'The Message is:'.$row['msg'].'<br />';
            echo 'The Date entered was:'.$row['date'].'<br />';
            echo 'The Time entered was:'.$row['time'].'<br />';
          }

 

You will probably need to change the syntax slightly as iv just wrote that here, not tried it myself but that is the idea of what you can do. Hope it helps.

[rEhSi_123]

**OOPS i made a bo-bo, have just editted it**

 

cool no probs mate.

errr.... What you need to do is:

 

1)User presses reply button. They then enter their message.

2)You need to pass the following information with GET:

 

• original post id
  
• the topic id
  

 

3)In the next script You need to collect these details so:

• $reply_id = $_GET['original_post_id'];
  
• $topic_id = $_GET['topic_id'];
  

 

4)You will also need the details of the user that has made the reply:

• $msg = $_POST['message'];
  
• $uid = $_SESSION['this_user'];
  

 

5)Then once you have checked that the user has actually entered a message and is an admin you then insert this information into the database as such:

 

$sql2 = "INSERT INTO forum_replies (uid, tid, reply_id, msg, date, time) VALUES ('$uid', '$topic_id', '$reply_id', '$msg', '$date', '$time')";

 

6)Then if you want to check this is all inserted correctly echo it out:

 

         $sql = "SELECT * FROM forum_replies WHERE uid = '$uid'";
         $res = mysql_query($sql) or die(mysql_error());
         while($row = mysql_fetch_assoc($res))
         {
            echo 'The User ID is:'.$row['uid'].'<br />';
            echo 'The Topic ID is:'.$row['tid'].'<br />';
            echo 'The Reply ID is:'.$row['reply_id'].'<br />';
            echo 'The Message is:'.$row['msg'].'<br />';
            echo 'The Date entered was:'.$row['date'].'<br />';
            echo 'The Time entered was:'.$row['time'].'<br />';
          }

 

You will probably need to change the syntax slightly as iv just wrote that here, not tried it myself but that is the idea of what you can do. Hope it helps.

 

Thanks again for all the help......

 

Do you recon will I have to design my php code in the same fashion as below but that is applying your fashion?

$msg = mss($_POST['reply']);
$tid = mss($_GET['id']);



if($tid){



	echo $id;



	$sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
	$res = mysql_query($sql) or die(mysql_error());
	if(mysql_num_rows($res) == 0){
		echo "This topic does not exist!";
	}else {
		$row = mysql_fetch_assoc($res);
		$sql2 = "SELECT admin FROM `forum_sub_cats` WHERE `id`='".$row['cid']."'";
		$res2 = mysql_query($sql2) or die(mysql_error());
		$row2 = mysql_fetch_assoc($res2);

 

Because, I am getting confused on how to get the data as I want to get tid and id of the reply.....

[fry2010]

tbh im not really sure what that script you show is for. It looks like that is a reply to a reply.

But I have noticed a couple of errors there.

 

1)You are trying to echo out $id but you havnt given $id a value.

2)You are looking for a forum_reply where the id is equal to the topic id or tid. Is this correct? Or should you be looking for the actual topic id to be the same?

 

Can you post the actual html form that sends to this script so that I can see what you need to get/change/insert etc..

I think what has happened is your values are totally mixed up, its difficult to see what needs doing unless I am at your computer and can see everything.