Infectious Posted September 12, 2013 Share Posted September 12, 2013 Hello everybody. I successfully got a forum up and running a bit ago, but there is only 1 problem. when 1 user posts, it duplicates that post from every other user registered. heres is the link you can make an account and test it yourself. http://www.gameblaze.net/forum Please if you can help I would be oh so greatful. Sincerely, Infectious Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/ Share on other sites More sharing options...
Muddy_Funster Posted September 12, 2013 Share Posted September 12, 2013 it would be more practical if you could let us see the code that deals with the post submit. Is this a forum you have coded your self or an off the shelf solution? Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449239 Share on other sites More sharing options...
Maq Posted September 12, 2013 Share Posted September 12, 2013 Probably your code is wrong. Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449255 Share on other sites More sharing options...
Infectious Posted September 12, 2013 Author Share Posted September 12, 2013 (edited) here is the reply.php code <?php include 'connect.php'; include 'header.php'; if($_SERVER['REQUEST_METHOD'] != 'POST') { echo 'This file cannot be called directly.'; } else { if(!$_SESSION['signed_in']) { echo 'You must be signed in to post a reply.'; } else { $sql = "INSERT INTO posts(post_content, post_date, post_topic, post_by) VALUES ('" . $_POST['reply-content'] . "', NOW(), " . mysql_real_escape_string($_GET['id']) . ", " . $_SESSION['user_id'] . ")"; $result = mysql_query($sql); if(!$result) { echo 'Your reply has not been saved, please try again later.'; } else { echo 'Your reply has been saved, check out <a href="topic.php?id=' . htmlentities($_GET['id']) . '">the topic</a>.'; } } } include 'footer.php'; ?> Edited September 12, 2013 by Infectious Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449283 Share on other sites More sharing options...
Monkuar Posted September 12, 2013 Share Posted September 12, 2013 (edited) You need to cast proper variables on those id's and check for integer/etc. mysql_real_escape_string wont help you from XSS. Also you need to have a primary key that is SET TO AUtO INcREMNET in that database, lol. (for new postS) Edited September 12, 2013 by Monkuar Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449307 Share on other sites More sharing options...
Infectious Posted September 12, 2013 Author Share Posted September 12, 2013 would you be able to help me with that? Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449308 Share on other sites More sharing options...
Infectious Posted September 12, 2013 Author Share Posted September 12, 2013 I was able to make it not duplicate but now the sot wont show the user ID of whom who posted it Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449310 Share on other sites More sharing options...
Solution Infectious Posted September 12, 2013 Author Solution Share Posted September 12, 2013 Okay nvm guys I figured it all out it 100% functional now. Quote Link to comment https://forums.phpfreaks.com/topic/282088-help-with-php-forum/#findComment-1449311 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.