Article comments in PHP

[VanityCrush]

Hiya,

 

I have a database table which is storing articles posted by my users. I am using a function to dynamically display these on the webpage.

 

I would like to implement a feature where other registered users can comment on them. I believe these comments should be also stored in the database and linked with the article ID as I want to generate them dynamically (and assign them to an article on the page). Each comment should be unique to the article it belongs, therefore a comment to one article won't relate in any way with the other existent articles.

 

For this, I have created the following fields in my database: content_id, title, content, posted_by, date, comments, comment_by.

 

I have tried the below solution but even for me, it seems very messy. I have around 20-25 days experience with PHP, so if anyone could point me in the right direction I would really appreciate it.

 

First of all, I have written a function that is displaying the comments form:

function generate_captcha_forms() {
	echo "
	    <form method='post' action='' class='comments_form'>
	       <input type='text' name='username' placeholder='your name... *' id='name'>
	       <textarea name='comments' id='textarea' placeholder='your comment... *' cols='30' rows='6'></textarea>" . create_captcha() . "
	       <input type='submit' name='submit' id='post' value='post'>
	    </form>
	 ";
}

I use the above function because I cannot figure any other way to display one comment form for each article in my database. So I figured I can loop them as per below:

 

I am implementing the above function in the function that I use to list the articles from the database:

function list_articles() { 
	include('core/db/db_connection.php');
	$sql = "SELECT * FROM blog ORDER BY id DESC";
	$result = mysqli_query($dbCon, $sql);
	while ($row = mysqli_fetch_array($result)) {
		echo 
			"<h5 class='posted_by'>Posted by " . $posted_by = $row['posted_by'] . " on " . $row['date'] . "</h5>" . 
			"<h1 class='content_headers'>" . $title = $row['title'] . "</h1>" . 
			"<article>" . $content = $row['content'] . "</article>" . 
			"<hr class='artline'>";
		if (logged_in() === true) {
			generate_captcha_forms();
                        validate_blog_forms($_POST['username'], $_POST['comments']);
			echo "<hr class='artline'>";
		}
	}
}

I am also running the below function to validate the comment forms:

function validate_blog_forms($username, $comments) {
	include('core/db/db_connection.php');
	$username = mysqli_real_escape_string($dbCon, $_POST['username']);
	$comments = mysqli_real_escape_string($dbCon, $_POST['comments']);
	if (empty($_POST) === false) {
		if (strlen($username) > 17) {
			$errors[] = 'Your name must be less than 17 characters long';
		}
		if (strlen($comments) < 17) {
			$errors[] = 'Your comment must be more than 17 characters long';
		}
		if (empty($comments) || empty($username)) {
			$errors[] = 'Fields marked with an asterisk are required';
		}
		if (empty($_POST['captcha_results']) === true) {
			$errors[] = 'Please enter captcha.';
		} else if ($_POST['captcha_results'] != $_POST['num1'] + $_POST['num2']) {
			$errors[] = "Incorrect captcha.";
		}
	} 
	if (empty($_POST) === false && empty($errors) === true) {
		insert_comments($comments, $username);
	} else if (empty($errors) === false) {
		echo "<div id='blog_comment_errors'>" . output_errors($errors) . "</div>";
	}
}

The function that is inserting user comments in the database:

function insert_comments($comment_by, $comments) {
	include('core/db/db_connection.php');
	$comments = sanitize($comments);
	$comment_by = sanitize($comment_by);
	$sql = "INSERT INTO `blog` (`comments`, `comment_by`) VALUES ('$comments', '$comment_by')";
	mysqli_query($dbCon, $sql);
}

The bugs I get in doing so: 

• I have 4 articles. Whenever I try test the errors for one comment form, the errors are displaying to all the articles on the webpage.
• captcha will always return empty, and it never passes to the next step of validation where I'm checking to see if the number entered is correct.
• i have disabled the captcha to see if the comments would be stored properly. They are not. A comment for article 1 (for example) will be displayed for all the articles, however these are not even linked to the articles on the page, it just inserts 4 new fields in the database that act like articles.

Not having much experience, even describing what I'm trying to do gave me a headache, so please let me know if you require further clarification and I'll try to be more clear.

[Barand]

Add a hidden field to your form containing the id of whatever they are commenting on.

 

Save this id, comment and user_id to a comments table. The id will allow you to relate the comment to the original.

[VanityCrush]

I've tried to add a hidden field but I still can't get rid of the captcha 'empty field' error. I think my approach is just wrong, any suggestions on how I can improve it?