Jump to content

Blank Page Blog Problem

chicago

By chicago
in PHP Coding Help

 Share

Recommended Posts

chicago Newbie

chicago

Posted
Posted

Hi everyone,

I am trying to create a blog for a webiste I am creating and keep having a problem.

 

I have created a file called edit_comments.php which will obviously edit comments left about the blog. The problem I am having is that when I preview this page it's just blank, no error messages nothing.

 

This is my code:

<?php
mysql_connect ('localhost', '***', '***') ;
mysql_select_db ('***');

if (isset($_POST['edit'])) {
    $name = htmlspecialchars(strip_tags($_POST['name']));
    $comment = htmlspecialchars(strip_tags($_POST['comment']));
    $comment = nl2br($comment);
    $id = (int)$_POST['id'];

    if (!get_magic_quotes_gpc()) {
        $name = addslashes($name);
        $comment = addslashes($comment);
    }

    $result = mysql_query("UPDATE php_blog_comments SET name='$name', comment='$comment' WHERE id='$id' LIMIT 1") or print ("Can't update comment.<br />" . $result . "<br />" . mysql_error());
    if ($result != false) {
        print "<p>The comment has successfully been edited!</p>";
    }
}

if(isset($_POST['delete'])) {
$id = (int)$_POST['id'];
     $result = mysql_query("DELETE FROM php_blog_comments WHERE id='$id' LIMIT 1") or print ("Can't delete comment.<br />" . $result . "<br />" . mysql_error());
     if ($result != false) {
         print "<p>The comment has successfully been deleted!</p>";
     }
}

if (isset($_GET['id']) && !empty($_GET['id']) && is_numeric($_GET['id'])) {

$result = mysql_query ("SELECT * FROM php_blog_comments WHERE id='$_GET[id]'") or print ("Can't select comment.<br />" . mysql_error());

while ($row = mysql_fetch_array($result)) {
      $old_name = stripslashes($row['name']);
      $old_comment = stripslashes($row['comment']);
      $old_comment = str_replace('<br />', '', $old_comment);
}

?>

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <p><input type="hidden" name="id" id="id" value="<?php echo $_GET['id']; ?>">

    <strong><label for="name">Name:</label></strong> <input type="text" name="name" id="name" size="40" value="<?php echo $old_name; ?>" /></p>

    <p><strong><label for="comment">Comment:<label></strong><br />
    <textarea cols="80" rows="20" name="comment" id="comment"><?php echo $old_comment; ?></textarea></p>

    <p><input type="submit" name="edit" id="edit" value="Save Changes"> <input type="submit" name="delete" id="delete" value="Delete Comment"> <input type="submit" value="Never Mind"></p>

</form>
<?php

}
else {

$result = mysql_query("SELECT entry AS get_group FROM php_blog_comments GROUP BY get_group DESC LIMIT 10") or print ("Can't select comments.<br />" . $result . "<br />" . mysql_error());

while($row = mysql_fetch_array($result)) {
     $get_group = $row['get_group'];

     print "<p>";

    $result2 = mysql_query("SELECT timestamp, title FROM php_blog WHERE id='$get_group'");
    while($row2 = mysql_fetch_array($result2)) {
        $date = date("l F d Y",$row2['timestamp']);
        $title = stripslashes($row2['title']);
        print "<strong>" . $date . " - " . $title . "</strong><br />";
    }

    $result3 = mysql_query("SELECT * FROM php_blog_comments WHERE entry='$get_group' ORDER BY timestamp DESC");
    while($row3 = mysql_fetch_array($result3)) {
        $id = $row3['id'];
        $name = stripslashes($row3['name']);
        $comment = stripslashes($row3['comment']);
        $date = date("l F d Y",$row3['timestamp']);

        if (strlen($comment) > 75 || strstr($comment, "<br />") || strstr($comment, "\n")) {
            $comment = substr($comment,0,75) . "...";
            $comment = str_replace("<br />", "", $comment);
            $comment = str_replace("\n", " ", $comment);
        }

        print "<a href=\"editcomments.php?id=" . $id . "\">" . $comment . "</a><br />Comment by " . $name . " @ " . $date;
        print "</p>";

    }
}
}
mysql_close();

?>

 

Sorry it's a bit long.

 

If anybody could help me understand what's happening I would really appreciate it thanks!!! :)

Link to comment
Share on other sites
chicago Newbie

chicago

Posted
  • Author
Posted

I added a comment to one of the blog posts as a test and it worked but for some reason it saved it as an alteration to the original blog not a seperate comment so it saved it within the php_blog table not the php_blog_comments table.

 

This is my code that adds a comment to a chosen post:

<?php

if (isset($_POST['submit_comment'])) {

}

if (isset($_POST['submit_comment'])) {

    if (empty($_POST['name']) || empty($_POST['comment'])) {
        die("You have forgotten to fill in one of the required fields! Please make sure you submit a name, e-mail address and comment.");
    }

    $entry = htmlspecialchars(strip_tags($_POST['entry']));
    $timestamp = htmlspecialchars(strip_tags($_POST['timestamp']));
    $name = htmlspecialchars(strip_tags($_POST['name']));
    $comment = htmlspecialchars(strip_tags($_POST['comment']));
    $comment = nl2br($comment);

    if (!get_magic_quotes_gpc()) {
        $name = addslashes($name);
        $comment = addslashes($comment);
    }

mysql_connect ('localhost', '***', '***') ;
    mysql_select_db ('***');

$result = mysql_query("INSERT INTO php_blog_comments (entry, timestamp, name, comment) 
VALUES ('$entry','$timestamp','$name','$comment')");

header("Location: journal.php?id=" . $entry);
}
else {
    die("Error: you cannot access this page directly.");
}
?>

 

I've told it to insert it into php_blog_comments I don't understand why its not. Can you see anything that I have done wrong?

Thanks for replying :)

Link to comment
Share on other sites
MrXHellboy Member

MrXHellboy

Posted
Posted

First of all, remove the die() function over there. It will scare your visitors away. It makes no sense at all when you halt the execution of the script because one of the fields was empty.

 

Second of all,

remove this part

if (!get_magic_quotes_gpc()) {        $name = addslashes($name);        $comment = addslashes($comment);    }

 

TThis will mess up your DB fields......

 

Use mysql_real_escape_string() instead.

 

 

 

Please post your whole page and the exact problem once more as i dont get what you want

Link to comment
Share on other sites
chicago Newbie

chicago

Posted
  • Author
Posted

Hi thanks for replying.

 

My whole code to submit the  comments is:

<?php

if (isset($_POST['submit_comment'])) {

}

if (isset($_POST['submit_comment'])) {

    if (empty($_POST['name']) || empty($_POST['comment'])) {
    }

    $entry = htmlspecialchars(strip_tags($_POST['entry']));
    $timestamp = htmlspecialchars(strip_tags($_POST['timestamp']));
    $name = htmlspecialchars(strip_tags($_POST['name']));
    $comment = htmlspecialchars(strip_tags($_POST['comment']));
    $comment = nl2br($comment);

    if (!get_magic_quotes_gpc()) {
        $name = addslashes($name);
        $comment = addslashes($comment);
    }

mysql_connect ('localhost', 'admin', 'xyz') ;
    mysql_select_db ('teachDirectory');

$result = mysql_query("INSERT INTO php_blog_comments (entry, timestamp, name, comment) 
VALUES ('$entry','$timestamp','$name','$comment')");

header("Location: journal.php?id=" . $entry);
}
else {
    die("Error: you cannot access this page directly.");
}
?>

 

I have taken out the die command like you said, your right it would scare them off, I have kept in the if statement you told me to take out just so I know where the mysql_real_escape_string() will go. I will take it out eventually. However I am new to php and I don't know how to code the mysql_real_escape_string() for it to do what I want I would appreciate the help here.

My problem is that the comments don't seem to be posted themselves into he php_blog_comments table which I set up in my database, however the code is telling it to place them there.

Any ideas?? I understand i'm asking for a lot but I really appreciate it :)

Link to comment
Share on other sites
MrXHellboy Member

MrXHellboy

Posted
Posted

Remove this:

if (!get_magic_quotes_gpc()) {        $name = addslashes($name);        $comment = addslashes($comment);    }

 

replace with

$name = mysql_real_escape_string($name);
$comment = mysql_real_escape_string($comment);

 

This function will put slashes \ before quotes and other characters which needs to be escaped. This function is also useful against SQL injection attackes.

 

Your insert into query is OK. In which tables will the comments be placed ?

Or nothing at all ?

 

Check the name of the table once more, just to be sure.

Link to comment
Share on other sites
chicago Newbie

chicago

Posted
  • Author
Posted

Thanks for that.

 

The comments will be placed in the php_blog_comments table which is what I have said in the code. I've triple checked the spelling to make sure I didn't just make a stupid mistake. It's puzzling, can you not see whats wrong with it?

 

Thanks again for the help!! :)

Link to comment
Share on other sites
aabid Member

aabid

Posted
Posted 

<?php

if (isset($_POST['submit_comment'])) {

}

if (isset($_POST['submit_comment'])) {

 

why are you double checking the $_POST[submit_comment], in the first check you kept the body of if blanked, may be this has to do something with the problem. Remove it try agin to insert the comment and then let us know what's happening.....

Link to comment
Share on other sites
chicago Newbie

chicago

Posted
  • Author
Posted

Oh my gosh,

 

Can you believe it I checked all the table names but didn't check the database name that was the problem. Thanks for the help guys!!!

 

However I have another little problem I hope you can help with.

 

$sql = "SELECT * FROM php_blog_comments WHERE entry='$id' ORDER BY timestamp";
$result = mysql_query ($sql) or print ("Can't select comments from table php_blog_comments.<br />" . $sql . "<br />" . mysql_error());
while($row = mysql_fetch_array($result)) {
    $timestamp = date("l F d Y", $row['timestamp']);
    printf("<hr />");
    print("<p>" . stripslashes($row['comment']) . "</p>");
    printf("<p>Comment by <a href=\"%s\">%s</a> @ %s</p>", stripslashes($row['url']), stripslashes($row['name']), $timestamp); //THIS LINE
    printf("<hr />");
}

 

I want to delete the stripslashes($row['url']), from the line I have highlighted as i'm not using url anymore however when I try to do this I get the following error:

 

Warning: printf() [function.printf]: Too few arguments in C:\wamp\www\Blog\journal.php on line 65

 

Line 65 is the line I have highlighted.

 

Please can you help thanks :)

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted
when I try to do this I get the following error

 

The code you posted doesn't produce that error. You would need to post the actual code where you tried to remove the URL if you want help with what is wrong with it.

 

AND if your data is being properly escaped (only one time) when it is inserted in to your database (the \ escape characters won't be present in database) and magic_quotes_runtime is turned off so that it won't get escaped when being retrieved, there is no need to use stripslashes() on the data when you retrieve and output it.

Link to comment
Share on other sites
chicago Newbie

chicago

Posted
  • Author
Posted

This code:

$sql = "SELECT * FROM php_blog_comments WHERE entry='$id' ORDER BY timestamp";
$result = mysql_query ($sql) or print ("Can't select comments from table php_blog_comments.<br />" . $sql . "<br />" . mysql_error());
while($row = mysql_fetch_array($result)) {
    $timestamp = date("l F d Y", $row['timestamp']);
    printf("<hr />");
    print("<p>" . stripslashes($row['comment']) . "</p>");
    printf("<p>Comment by <a href=\"%s\">%s</a> @ %s</p>", stripslashes($row['url']), stripslashes($row['name']), $timestamp);
    printf("<hr />");
}

 

I tried to remove stripslashes($row['url']), from here and it gave me that error.

Any ideas? :)

Link to comment
Share on other sites
DavidAM Member

DavidAM

Posted
Posted 

printf("<p>Comment by <a href=\"%s\">%s</a> @ %s</p>", stripslashes($row['url']), stripslashes($row['name']), $timestamp);

The printf() function replaces placeholders in the first argument with data from the remaining arguments. In this statement there are three placeholders (they are the "%s" codes in the first argument). You have only supplied two values to replace these three, so you have provided "Too few arguments" (i.e. not enough). Since you removed the timestamp at the end, I guess you want to remove the "@ %s" in the format string (the first argument).

 

printf("<p>Comment by <a href=\"%s\">%s</a></p>", stripslashes($row['url']), stripslashes($row['name']), $timestamp);

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.