Jump to content

Recommended Posts

Why can I still post when the thread is locked? It's basically doing, if $locked==1 - You cannot post. Why won't it stop me from posting?

 

<?php session_start(); ?>
<style>
a {
color:black;
font-weight:bold;
}

holder {
width:600px;
}

table {
width:600px;
}
</style>
<?php
session_start();
$session = $_SESSION['user'];
$thread = $_GET['thread'];

mysql_connect($mysql_host, $mysql_user, $mysql_password);
mysql_select_db($mysql_database);

$get_thread_exist = mysql_query("SELECT COUNT(id) FROM topics WHERE id='$id'");
$reply = $_POST['message'];
$reply = mysql_real_escape_string($reply);
$thread_post = $_POST['hidden'];
$ip = $_SERVER['REMOTE_ADDR'];
$date = date("M-D-Y");

$get_thread_lock = mysql_query("SELECT locked FROM topics WHERE id='$id'");
$locked = mysql_fetch_assoc($get_thread_lock);

if(!$session)
{
  
	echo "<center><div class='holder'><table border='1'><tr><td><center>Sorry, you must be logged in to access this page! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
}
elseif(!$thread && !$thread_post)
{
	echo "". $locked ."<center><div class='holder'><table border='1'><tr><td><center>You haven't selected a thread to reply to! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
}
elseif(!$get_thread_exist)
{
	echo "<center><div class='holder'><table border='1'><tr><td><center>You are trying to reply to a thread that doesn't exist! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
}
elseif($locked==1)
{
	echo "<center><div class='holder'><table border='1'><tr><td><center>This topic is locked! <a href='viewtopic.php?id=". $id ."'>Back to topic</a></center> <br/></td></tr></table></div></center>";
}
elseif(!$reply)
{
 echo "<center><div class='holder'><table border='1'><tr><td><center><form action='reply.php' method='POST'><br/>Message: <br/><textarea name='message' rows='20' cols='35' maxlength='3000'></textarea><br/><br/> <input type='hidden' value='". $thread ."' name='hidden'><input type='submit' value='Submit Post'></form></center> <br/></td></tr></table></div></center>";
}
elseif(strlen($reply) >= 15)
{
	mysql_query("INSERT INTO posts VALUES ('', '$ip', '$date', '$session', '$reply', '$thread_post')");
	mysql_query("UPDATE users SET postcount = postcount + 1 WHERE username='$session'");
	mysql_query("UPDATE topics SET replies = replies + 1 WHERE  id='$thread_post'");
  echo "<center><div class='holder'><table border='1'><tr><td><center>Your post has been posted! <a href='viewtopic.php?id=". $thread_post ."'>Go back to thread</a>.</center> <br/></td></tr></table></div></center>";
}
else
{
 echo "<center><div class='holder'><table border='1'><tr><td><center>Sorry, you need to have at least 15 characters in your post!</center> <br/></td></tr></table></div></center>";
}


?>

Link to comment
https://forums.phpfreaks.com/topic/206342-wont-say-thread-is-locked/
Share on other sites

<?php session_start(); ?>
<style>
a {
color:black;
font-weight:bold;
}

holder {
width:600px;
}

table {
width:600px;
}
</style>
<?php
session_start();
$session = $_SESSION['user'];
$thread = $_GET['thread'];

mysql_connect($mysql_host, $mysql_user, $mysql_password);
mysql_select_db($mysql_database);

$get_thread_exist = mysql_query("SELECT COUNT(id) FROM topics WHERE id='$id'");
$reply = $_POST['message'];
$reply = mysql_real_escape_string($reply);
$thread_post = $_POST['hidden'];
$ip = $_SERVER['REMOTE_ADDR'];
$date = date("M-D-Y");

$get_thread_lock = mysql_query("SELECT locked FROM topics WHERE id='$id'");
$locked = mysql_fetch_assoc($get_thread_lock);

if(!$session)
{
  
	echo "<center><div class='holder'><table border='1'><tr><td><center>Sorry, you must be logged in to access this page! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
}
elseif($locked['locked'] == 1)
{
	echo "<center><div class='holder'><table border='1'><tr><td><center>This topic is locked! <a href='viewtopic.php?id=". $id ."'>Back to topic</a></center> <br/></td></tr></table></div></center>";
}
elseif(!$thread && !$thread_post)
{
	echo "". $locked ."<center><div class='holder'><table border='1'><tr><td><center>You haven't selected a thread to reply to! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
}
elseif(!$get_thread_exist)
{
	echo "<center><div class='holder'><table border='1'><tr><td><center>You are trying to reply to a thread that doesn't exist! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
}
elseif(!$reply)
{
 echo "<center><div class='holder'><table border='1'><tr><td><center><form action='reply.php' method='POST'><br/>Message: <br/><textarea name='message' rows='20' cols='35' maxlength='3000'></textarea><br/><br/> <input type='hidden' value='". $thread ."' name='hidden'><input type='submit' value='Submit Post'></form></center> <br/></td></tr></table></div></center>";
}
elseif(strlen($reply) >= 15)
{
	mysql_query("INSERT INTO posts VALUES ('', '$ip', '$date', '$session', '$reply', '$thread_post')");
	mysql_query("UPDATE users SET postcount = postcount + 1 WHERE username='$session'");
	mysql_query("UPDATE topics SET replies = replies + 1 WHERE  id='$thread_post'");
  echo "<center><div class='holder'><table border='1'><tr><td><center>Your post has been posted! <a href='viewtopic.php?id=". $thread_post ."'>Go back to thread</a>.</center> <br/></td></tr></table></div></center>";
}
else
{
 echo "<center><div class='holder'><table border='1'><tr><td><center>Sorry, you need to have at least 15 characters in your post!</center> <br/></td></tr></table></div></center>";
}


?>

Remove one of your session_start()'s.  Won't fix the issue at hand, but you don't need two.

 

Where are you defining the following variables: $mysql_host, $mysql_user, $mysql_password?

 

You can't echo $locked as it's an array of results from a query:

 

echo "". $locked ." ... ";

 

You need to read up on working with databases.

 

Do you even have a field/column in the table called 'locked'?

Remove one of your session_start()'s.  Won't fix the issue at hand, but you don't need two.

 

Where are you defining the following variables: $mysql_host, $mysql_user, $mysql_password?

 

You can't echo $locked as it's an array of results from a query:

 

echo "". $locked ." ... ";

 

You need to read up on working with databases.

 

Do you even have a field/column in the table called 'locked'?

 

Didn't notice the two session starts, thank you. Removed.

 

Yes, I'm connecting to the database with the correct variables, I just decided to remove the MySQL details.

 

The echo is from older code I left behind, removed.

 

Yes, their is a row that is called locked. It is an integer.

An easy way to eliminate headaches and confusion down the road is to name your variables appropriately.  For example:

 

$session = $_SESSION['user'];

 

If you, or somebody else for that matter, came across this variable 8,000 lines deep in your code, they wouldn't know what $session was.  Instead, name it $user, or something that is related to the value.  Just good practice.

 

 

Okay .. I changed up some things to handle some errors so you (we) can see where you're at.

 

<?php
$get_thread_lock = sprintf("
SELECT `locked`
FROM `topics`
WHERE `id` = %d
", $id);

// uncomment following line to view query;
//echo "<pre>{$get_thread_lock}</pre>"; //uncomment me!

// copy the query from your screen and paste directly into phpmyadmin to see if you are getting any results;
// If yes, continue.  If no results, check your table.

if ($result = @mysql_query($get_thread_lock)) {
if (mysql_num_rows($result) > 0) {
	$locked = mysql_fetch_assoc($get_thread_lock);

	if (!$session) {
		echo "<center><div class='holder'><table border='1'><tr><td><center>Sorry, you must be logged in to access this page! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
	}
	elseif ($locked['locked'] == 1) {
		echo "<center><div class='holder'><table border='1'><tr><td><center>This topic is locked! <a href='viewtopic.php?id=". $id ."'>Back to topic</a></center> <br/></td></tr></table></div></center>";
	}
	elseif (!$thread && !$thread_post) {
		echo "". $locked ."<center><div class='holder'><table border='1'><tr><td><center>You haven't selected a thread to reply to! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
	}
	elseif (!$get_thread_exist) {
		echo "<center><div class='holder'><table border='1'><tr><td><center>You are trying to reply to a thread that doesn't exist! <a href='index.php'>Home</a></center> <br/></td></tr></table></div></center>";
	}
	elseif (!$reply) {
		echo "<center><div class='holder'><table border='1'><tr><td><center><form action='reply.php' method='POST'><br/>Message: <br/><textarea name='message' rows='20' cols='35' maxlength='3000'></textarea><br/><br/> <input type='hidden' value='". $thread ."' name='hidden'><input type='submit' value='Submit Post'></form></center> <br/></td></tr></table></div></center>";
	}
	elseif (strlen($reply) >= 15) {
		mysql_query("INSERT INTO posts VALUES ('', '$ip', '$date', '$session', '$reply', '$thread_post')");
		mysql_query("UPDATE users SET postcount = postcount + 1 WHERE username='$session'");
		mysql_query("UPDATE topics SET replies = replies + 1 WHERE  id='$thread_post'");
		echo "<center><div class='holder'><table border='1'><tr><td><center>Your post has been posted! <a href='viewtopic.php?id=". $thread_post ."'>Go back to thread</a>.</center> <br/></td></tr></table></div></center>";
	}
	else {
		echo "<center><div class='holder'><table border='1'><tr><td><center>Sorry, you need to have at least 15 characters in your post!</center> <br/></td></tr></table></div></center>";
	}
}
else {
	echo 'No records for ID: '. $id;
}
}
else {
trigger_error(mysql_error()); //remove when in production;
}

 

Keep in mind, if $session is not set, your:

 

elseif($locked['locked'] == 1)

 

will not execute.

 

DISCLAIMER: Not tested.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.