ncovill Posted October 27, 2009 Share Posted October 27, 2009 Hey everyone... So, I have a form that submits a message, name, userid, category, and datetime into the database. It all works fine except the userid... I had it working before, but now I have no clue why it stopped working If a person is logged in, the "username" field becomes a dropdown menu and they can choose between Anonymous or their Username. I want it to insert the users 'id' (users table in the DB) into the post as well as update a post count in the users table. It confuses the hell out of me because the same exact fetch array to display their info if they're logged in or not works perfectly (using sessions)... but for w/e reason it's not working in this particular INSERT function. Anyway, here's the add_post.php which displays errors or success, then processes the function if it's a success - db_connect(); is a function to connect to the DB: <?php require_once('functions.php'); db_connect(); $message = $_POST['guestbook_message']; $name = $_POST['guestbook_name']; $datetime = $_POST['datetime']; $category = $_POST['category']; if (strlen($message) < 50) { $msgerror = "<strong>Error:</strong> Your message length is too short."; } if ($category == 1) { $msgerror = "<strong>Error:</strong> Please choose a category."; } $bad_word_list = "<object, </object>, <script, <param, </script>, </param>, <a href, jav, jav&, javas, 	, 
, 
, alert\(, <iframe, <embed, <meta, http://, www., .com, .net, .org, dot com, dot net, dot org, (dot) com, (dot) net, (dot) org"; $bad_words = explode(", ",$bad_word_list); foreach ($bad_words as $word) { if (false !== stripos($message, $word)) { $msgerror = "<strong>Error:</strong> Your message might contain unauthorized words."; } } if($msgerror) { $postmsg = $msgerror; echo "<span class='posterror'>". $postmsg ."</span>"; } else { add_post($message, $name, $userid, $datetime, $category); $postmsg = "<strong>Success!</strong> Your comment has been posted. <script type=\"text/javascript\"><!-- setTimeout('Redirect()',1000); function Redirect() { location.href = 'index.php'; } // --></script>"; echo "<span class='postsuccess'>". $postmsg ."</span>"; } ?> And here is the function: function add_post($message, $name, $userid, $datetime, $category) { $name = mysql_real_escape_string($name); $message = mysql_real_escape_string(stripslashes(ereg_replace("\r\n", "<br />", $message))); $time = strtotime("now"); $time = $time + 3600; $datetime = date("m/d/y @ h:i:sa", $time); $connection = db_connect(); $username = $_SESSION['user']['username']; $user_array = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `username` = '$username'")); $userid = $user_array['id']; $query = "INSERT INTO `posts`(name, userid, content, datetime, category) VALUES('$name', '$userid', '$message', '$datetime', '$category')"; mysql_query($query, $connection); // find the user and update comment count $sql = "SELECT * FROM `users` WHERE `id` = '$userid'"; $result = mysql_query($sql); $rows = mysql_fetch_array($result); if ($rows) { $max_post = $rows['posts'] + 1; } else { $max_post = 1; } $q = "UPDATE `users` SET `posts` = '$max_post' WHERE `id` = '$userid'"; mysql_query($q); db_close($connection); } And I am not sure this is needed but this is the code that works fine, displaying whether or not they're logged in: $session = $_SESSION['in']; if ($session) { $username = $_SESSION['user']['username']; } if($session != "yes") // generate login form { $login = '<form action="login.php" method="post"> <p> <label class="loginField">Username:</label> <input class="login" type="text" name="log" id="log" value="" /> </p> <p> <label class="loginField">Password:</label> <input class="login" type="password" name="pwd" id="pwd" value="" /> </p> <div style="text-align: right;"> <input type="submit" name="submitlogin" value="Submit" class="button_login" id="submit" /> </div> </form><br /> <div id="loginajax"><a href="#submit_register" name="modal"><strong>Sign up</strong> </a> | <a href="forgot.php">Forgot Password?</a></div>'; } else { db_connect(); $username = $_SESSION['user']['username']; $user_array = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `username` = '$username'")); $login = 'Welcome back, <strong>'. $user_array['name'] .'</strong>. <a href="logout.php" name="logout" id="logout">Logout</a><br /><br /><br /> <a href="settings.php">Edit Profile</a> | <a href="profile.php?user='. $username .'">View Profile</a>'; } Like I said...that fetch array brings up the appropriate info, but for w/e reason does not work in the add_post function Any help would be greatly appreciated!!! Link to comment https://forums.phpfreaks.com/topic/179252-php-form-submission-with-sessions/ Share on other sites More sharing options...
ncovill Posted October 28, 2009 Author Share Posted October 28, 2009 lol, simplest thing and it works. I needed to add session_start(); to add_post.php Link to comment https://forums.phpfreaks.com/topic/179252-php-form-submission-with-sessions/#findComment-945916 Share on other sites More sharing options...
iloveoct Posted October 28, 2009 Share Posted October 28, 2009 Or, you can edit php.ini in order to auto start session. Link to comment https://forums.phpfreaks.com/topic/179252-php-form-submission-with-sessions/#findComment-946093 Share on other sites More sharing options...
ncovill Posted October 28, 2009 Author Share Posted October 28, 2009 Or, you can edit php.ini in order to auto start session. I keep hearing about this php.ini file, but I can't find it anywhere, nor do I even know if I have it lol. I do need something to expire sessions ;x Link to comment https://forums.phpfreaks.com/topic/179252-php-form-submission-with-sessions/#findComment-946125 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.