Lone_Ranger Posted September 9, 2014 Share Posted September 9, 2014 if ($action == "discussion") { if ($_POST['comment'] == "") { echo "<p align=center>Sorry your comment was not posted due to the comment being blank. You will be redirected in a few seconds so please try again</p> <p align=center>If you have not returned to your page <a href=http://www.sentuamessage.com/blog.php?who=$content[id]>Click Here</a>"; echo "<meta http-equiv=refresh content=15;URL=http://www.sentuamessage.com/blog.php?who=$content[id] />"; include("bottom.php"); exit; } if (isset($_POST) && !empty($_POST)) { if (isset($_SESSION['posttimer'])) { if ( (time() - $_SESSION['posttimer']) <= 10) { echo "<p align=center><b>Bit of a problem here, Double Post attempt has been found. Don't worry we stopped it.</b></p>"; echo "<p align=center>If you have not returned to your page <a href=http://www.sentuamessage.com/blog.php?who=$content[id]>Click Here</a>"; echo "<meta http-equiv=refresh content=15;URL=http://www.sentuamessage.com/blog.php?who=$content[id] />"; } else { $sumscore = $row[score] + 2; $sumcomments = $row[comments] + 1; $con=mysqli_connect("DETAILS FOR SQL STUFF IN HERE BUT DELETED FOR PURPOSES OF THE FORUM"); if (mysqli_connect_errno()) { echo "<p align=center>Failed to connect to MySQL: </p>" . mysqli_connect_error(); } $sql="INSERT INTO comments (userid, topicid, category, topicname, comment, date, name, address, avatar) VALUES ('$row[id]','$content[id]','blogs','$content[topic]','$_POST[comment]','$today','$row[name]','http://www.sentuamessage.com/blog.php?who=$content[id]', '$row[cavatar]')"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } mysql_query("INSERT INTO notifications (userid, username, nuser, message, address, date, time) VALUES ('$row[id]','$row[name]','$content[postedid]','$row[name] has commented on your Blog','http://www.sentuamessage.com/blog.php?who=$who','$today', '$time')") or die(mysql_error()); mysql_query("UPDATE userdb SET comments='$sumcomments', score='$sumscore' WHERE username='$_SESSION[username]'") or die(mysql_error()); echo "<p align=center>Your comment has been submitted. You should be redirected back to your page in a few seconds</p> <p align=center>If you have not returned to your page <a href=http://www.sentuamessage.com/blog.php?who=$content[id]>Click Here</a>"; echo "<meta http-equiv=refresh content=2;URL=http://www.sentuamessage.com/blog.php?who=$content[id] />"; mysqli_close($con); } } $_SESSION['posttimer'] = time(); } include("bottom.php"); exit; } I am rattling my brain here. I had added a code into my script to get rid of double posts, it has a timer which stops people double posting within 10 seconds. Though since inserting the code you have an error where you will have to double post the same post because instead of inserting the post content into the database the submit button comes back with a blank result. Why is this happening? (blank result instead of saying "post successfully posted etc." or "post not posted" it just comes up blank with no entry going into the database. This results in you having to re type your comment and re submit it hoping second time lucky) This is my code once the submit has been hit. Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/ Share on other sites More sharing options...
CroNiX Posted September 10, 2014 Share Posted September 10, 2014 Does mixing mysql and mysqli functions actually work? (mysql_query(), mysqli_query()) Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1490531 Share on other sites More sharing options...
Lone_Ranger Posted September 10, 2014 Author Share Posted September 10, 2014 if (isset($_SESSION['posttimer'])) { if ( (time() - $_SESSION['posttimer']) <= 10) { echo "<p align=center><b>Bit of a problem here, Double Post attempt has been found. Don't worry we stopped it.</b></p>"; echo "<p align=center>If you have not returned to your page <a href=http://www.sentuamessage.com/blog.php?who=$content[id]>Click Here</a>"; echo "<meta http-equiv=refresh content=15;URL=http://www.sentuamessage.com/blog.php?who=$content[id] />"; } else { } } $_SESSION['posttimer'] = time(); } I've had no problems with it, works fine, like I stated the script worked perfectly fine before I added in that in is when I started to occur problems where the blank result would come up when creating a post. Like I said the post would create a blank result the first time but the second time of trying it would respond and add the content into the database or if any error message needed to be displayed like "double post" or "blank field" error those would appear. Any help why I am getting that problem? Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1490533 Share on other sites More sharing options...
CroNiX Posted September 10, 2014 Share Posted September 10, 2014 It probably has to do with where you set $_SESSION['posttimer']. Hard to follow with all of the misaligned braces. Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1490534 Share on other sites More sharing options...
Lone_Ranger Posted September 10, 2014 Author Share Posted September 10, 2014 if (isset($_POST) && !empty($_POST)) { if (isset($_SESSION['posttimer'])) { if ( (time() - $_SESSION['posttimer']) <= 10) { //less than 10 seconds result } else { //more than 10 seconds result } } $_SESSION['posttimer'] = time(); } To be fair if I break it up simpler the whole way the timer is scripted as follows is that easier to understand? Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1490542 Share on other sites More sharing options...
Ch0cu3r Posted September 10, 2014 Share Posted September 10, 2014 Why are you using mysql_ and mysqli_ functions? The mysql and mysqli functions are not compatible with each other. Use one or the other, preferably mysqli as the mysql_* functions are deprecated and no longer supported. Never use raw user input in your queries as this will lead to SQL Injection. If you are using mysqli then use prepared queries . Prepared queries help to eliminate sql injection from occurring. However you should still sanitize the users data before displaying it in the browser to prevent other attacks such as Cross Site Scripting (XSS). Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1490574 Share on other sites More sharing options...
Lone_Ranger Posted September 15, 2014 Author Share Posted September 15, 2014 ok I have a weeks holiday very soon I will look into that but do you think this is related to why when I try to do a post that I get a blank result? See the problem is when I get the blank result and go back to redo the post I get an my selective double post error. Once my timer has expired and I try do the same post again it works fine and I get a success message saying my post went through. I just do not understand why I get a blank result? Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1491215 Share on other sites More sharing options...
Solution Lone_Ranger Posted September 16, 2014 Author Solution Share Posted September 16, 2014 Resolved it my thanks but thank you for everyone for the tips Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1491216 Share on other sites More sharing options...
Jacques1 Posted September 16, 2014 Share Posted September 16, 2014 And how did you solve the problem? Note that this is a forum which may be read by other people who have the same problem. It's extremely frustrating to read a discussion only to find out that the last reply is “Fixed it. Bye.” Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1491236 Share on other sites More sharing options...
Shiftoii Posted September 16, 2014 Share Posted September 16, 2014 And how did you solve the problem? Note that this is a forum which may be read by other people who have the same problem. It's extremely frustrating to read a discussion only to find out that the last reply is “Fixed it. Bye.” I second this. Quote Link to comment https://forums.phpfreaks.com/topic/290956-script-problem/#findComment-1491261 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.