not sure what im doing wrong or what im missing..

[dominic600]

well when i am in my forum thing and i go to click on a 'topic' it says no topic exists. and there is one there idk what im missing in the code to make it view it in my table..

 

<?php require("top.php");

?>
<div id='content'>

<div id='homepageright'>
<?php

include_once("scripts/connect.php");

if($username){


$cid = $_GET['cid'];
$tid = $_GET['tid'];

$sql = "SELECT * FROM topics WHERE category_id='".$cid."' AND id='".$tid."' LIMIT 1";
$res = mysql_query($sql) or die(mysql_error());

if(mysql_num_rows($res) == 1){

echo "<table width='100%'>"; 
if($username){
echo "<tr><td colspan='2'><input type='submit' value='Add Reply' onClick=\"window.location = post_reply.php?cid=".$cid."&tid=".$tid."\" /><hr /> ";
}

While ($row = mysql_fetch_assoc($res)) {
$sql2 = "SELECT * FROM posts WHERE category_id='".$cid."' AND topic_id= '".$tid."'";
$res2 = mysql_query($sql2) or die(mysql_error());
while ($row2 = mysql_fetch_assoc($res2)) {
echo "<tr><td valign='top' style='border: 1px solid #000000;'><div style='min-height: 125px;
'>".$row['topic_title']."<br /> by ".$row2['post_creator']." - ".$row2['post_date'].
"<hr /> ".$row2['post_content']."</div></td><td width='200' valign='top' 
align='center' style='border: 1px solid #000000;'>User Info Here</td></tr><tr><td 
colspan='2'><hr /></td></tr>";
}
echo "</table>";

}

}

else{
echo "This Topic Does Not Exist.";
}

}
else{
echo "You Must Be Logged In To Continue.";
}
?>
</div>
<div id='homepageleft'>
<?php


?>
</div>

</html>
</body>

[JKG]

echo the sql, check there is a topic with the cid and tid

[dominic600]

i echo out the sql and i get

 

 

SELECT * FROM topics WHERE category_id='36=6' AND id='' LIMIT 1

 

forsome reason it just dont look right to me, it seems like i have double quotes messed up or something.

 

 

[jcbones]

Where is your links built, because cid seems to be holding the category id and the id.

[Pandemikk]

Nope. As you can see there is no ID. You should be sanitizing your input before even using.

 

You shouldn't need a LIMIT in your query. There should one be one value for the category id and thread id. Both these columns in the database should be unsigned integers. The topic id should be auto-increment. Your topic is should NEVER be 0.

<?php
// sanitize your input! without intval I could perform an sql injection so easy!
$cid = intval($_GET['cid']);
$tid = intval($_GET['tid']);

// numbers dont need single quotes and double quoted strings parse variables.
$sql = "SELECT * FROM topics WHERE category_id = $cid AND id = $tid";
$res = mysql_query($sql) or die(mysql_error());
?>

 

And I don't understand the logic of your code one bit. If you're grabbing one thread, why are you using a while loop? And why are you querying the same data twice?

 

 

 

EDIT:

 

And the reason $cid has both your url parameters is because your it looks something like this: cid=36=6

It should look like this: cid=36&tid=6

 

The ampersand is essential.

[dominic600]

i didnt know about that but ill start doing that

 

but when i canged that it still says that but now its

 

SELECT * FROM topics WHERE category_id = 34 AND id = 0

 

i think the problem is that its not picking up my tid cause no matter which one i click on it stays 0

[Pandemikk]

That's because you aren't paying attention. Your link needs to show something like: cid=36&tid=6 so that you can GET the cid AND the tid.

 

You should also make sure the IDs aren't negative values.

 

if ($cid <= 0 )
{
die("This is not a valid Category ID")
}
if ($tid <= 0 )
{
die("This is not a valid Topic ID")
}

[dominic600]

im trying to pay attention the best i can, just im not very fluent in php but thats the problem is the link isnt showing my &tid, im working on getting that to show up and im sure that would fix it possibly

this is that my link looks like "view_topic.php?cid=36=6"

[Pandemikk]

You'll need to provide us with the code that actually shows how the link is being built.

[dominic600]

where does that code go... sorry im new to this, and im watching/reading a tutorial and this is like this code that it says to do so idk why it has a while loop..

[Pandemikk]

I don't know where that code goes. I don't know what you're using or where you got it from. You should look into the PHP file of whatever page the links are shown on.

[dominic600]

oh ok, i just wish i knew more a about php so i can code on my own and code good, but i got it solved not sure what i did but its working.