Jump to content

Recommended Posts

Hi Guys

 

I have some code, written by somebody else, which i think updates a 'comments' table when a comment is written on my home page...

 

<?php
include("db.php");
if(isSet($_POST['comentario_valor'])){
	$id=time();// Demo Use
	$comment=$_POST['comentario_valor'];
	$id=$_POST['id'];

	$sql=mysql_query("insert into comments(comment,msg_id_fk)values('$comment','$id')");
	$result=mysql_query("select * from comments order by com_id desc");
	$row=mysql_fetch_array($result);
	$com_id=$row['com_id'];
	$comment=$row['comment'];	
}
?>

 

What i need to do now tho is try to ammend this script to also update the table with the 'userid' of the person who posted the comment. The userid should be the same as in my 'users' table.

 

Can anybody point me in the right direction? I am new to PHP and trying to decipher this peice is code is beyond me at the minute

 

Many thanks

Link to comment
https://forums.phpfreaks.com/topic/234220-newbie-needs-help-ammending-code/
Share on other sites

Hi

 

I'm assuming that the variable $id is the userid?

 

If so, it looks as though this is written with the comment

$sql=mysql_query("insert into comments(comment,msg_id_fk)values('$comment','$id')");

 

this basically says write into comments table the comment ($comment) and the id ($id).  If this is incorrect, we'd need the structure of your user table to create the SELECt statement to pull the user id and write with the comment.

 

Stu

Stu - Can i start again please - i feel i have made a rookie mistake!!

 

The code i posted originally is incorrect. Basically, i am operating a wall post system which allows users to leave a 'message' and then other users to leave a 'comment'. The code i posted was for the 'comment'

 

Here is the code for the message which i need to ammend first - AND then i can look at ammending the comment code if needed. Sorry if this is all very confusing

 

<?php
include("db.php");
// if content has been sent
if(isset($_POST["textarea_noticia"])){
	$msg = $_POST["textarea_noticia"];
	// Insert information
	$sql = mysql_query("INSERT INTO messages(message)values('$msg')");
	$result = mysql_query("SELECT * FROM messages order by msg_id desc");
	$row = mysql_fetch_assoc($result);
	$id = $row["msg_id"];
	$msg = $row["message"];
}
?>

Thanks Stu

 

The userid comes from the 'users' table. It is an auto increment when a new user registers

 

Users log in using their usernames and a session is started. Im using dreamweaver so the code created is standard i think

 

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['Username'])) {
  $loginUsername=$_POST['Username'];
  $password=$_POST['Password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "index.php";
  $MM_redirectLoginFailed = "Register.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_pwnedbook, $pwnedbook);
  
  $LoginRS__query=sprintf("SELECT username, password FROM users WHERE username=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $pwnedbook) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

 

Ok

 

Once the user is logged in, you need to pull the userid from the user table.  I'd add this into the login script and declare it to a session variable so it can be used wherever you need.

<?php
$LoginRS__query=sprintf("SELECT username, password, userid FROM users WHERE username=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
$LoginRS = mysql_query($LoginRS__query, $pwnedbook) or die(mysql_error());
$userid=mysql_fetch_array($LoginRS);
$_SESSION['userid']=$userid['userid'];

 

I think this should work, you now have a session variable $_SESSION['userid'] which carries their userid and you can use this all over your scripting.

 

Stu

OK - so i have added the above code to my login page (although i changed some 'userid' to 'id' as that is what its called in my table and i can log in fine.

 

$LoginRS__query=sprintf("SELECT username, password, id FROM users WHERE username=%s AND password=%s",    
     GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
     $LoginRS = mysql_query($LoginRS__query, $pwnedbook) or die(mysql_error());
     $userid=mysql_fetch_array($LoginRS);
     $_SESSION['id']=$userid['id'];

 

So now im guessing we have created the variable $_SESSION['userid'] which can be used anywhere in my script?

 

And i understand that i can now use this variable to write the userid to the messages table along with the message?

 

Thank you for your help - you have been very understanding!

 

 

Stu - Im still struggling with this!

 

I have changed the insert info code to include the $_SESSION['id']

 

<?php
include("db.php");
// if sent content
if(isset($_POST["textarea_noticia"])){
	$msg = $_POST["textarea_noticia"];

	// Insert information
	$sql = mysql_query("INSERT INTO messages(message)values('$msg')");
	$sql = mysql_query("INSERT INTO messages(userid)values('$_SESSION['id']')");
	$result = mysql_query("SELECT * FROM messages order by msg_id desc");
	$row = mysql_fetch_assoc($result);
	$id = $row["msg_id"];
	$msg = $row["message"];
}
?>

 

but this isnt working!

 

Im guessing i am doing this incredibly wrong?

Have you created a column in your DB table (messages) for userid?

 

To test whether the $_SESSION variable is working, try a vardump.  This way it will identify where the error lies.  Either in the code to put it into the table or the code to get it out of the user table.

One issue with the code is that you're using single quotes inside single quotes.

 

<?php
...

$sql = mysql_query("INSERT INTO messages(userid)values('$_SESSION['id']')");

...
?>

 

 

You could do something like:

 

<?php
...

$sql = mysql_query("INSERT INTO messages(userid)values('" . $_SESSION['id'] . "')");

...
?>

Hi Stu

 

I have created the column - it is identical to the original id column in the users table

 

Also - as you can probably guess - i have no idea what a vardump is!

What do you mean "identical"? did you make it an AUTO_INC field? cause that won't work.

 

change your code to this:

		//insert information
	$id = $_SESSION['id'];
                $sql = mysql_query("INSERT INTO messages(message, userid)values('$msg', $id)") or die ('ERROR! During Insert :<br> '.mysql_error());
	$result = mysql_query("SELECT msg_id, message FROM messages order by msg_id desc")or die ('ERROR! During Read :<br> '.mysql_error());
WHILE ($row = mysql_fetch_assoc($result))
{
$id = $row["msg_id"];
$msg = $row["message"];
}
}

Hi - no its not set to auto - increment.

 

I have used the code you have kindly supplied, and while this is allowing users to create a new message, and updating the messages table with the message, the userid column is being updated as '0' and not equal to the userid in the users table

 

any suggestions?

Hi Guys

 

Ive been working on this for a few nights now and have finaly managed to make it so that when a users creates a message, the username of the person is stored in the same table as the message.

 

Instead of creating a variable to store the userid, i just used the already created session username variable.

 

What i now need to do tho is ammend some more code which will alow me to display the profile picture of the user who created the message.

 

I have the below code which displays the picture of the person who is logged in.

 

<?php
//to display image from source
$dir = "profpics";

$sql = "SELECT prof_pic FROM users WHERE username = '{$_SESSION['MM_Username']}'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) == 0) die("Username not found in database.");

$row = mysql_fetch_array($res);
echo "<img src='$dir/{$row['prof_pic']}' width='88' height='88'><br>";
?>

 

Can anybody tell me how i can ammed this to say something like - select prof_pic from users where username in users table is the same as the username in the messages table?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.