Jump to content


Photo

Can you help out a beginner?


  • Please log in to reply
7 replies to this topic

#1 Liljeqvist

Liljeqvist
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 13 September 2017 - 09:16 AM

Hey guys

 

I really hope that you could help out a beginner here. I have two questions that I hope you could answer.

 

I have made a page that contains a sign up function, a log in function, and a comment section.

Its very basic PHP. I want registered users to be able to leave comments, and I as an admin would like to be able to manage the user information at the front-end.

 

I have a database called loginsystem, which contain two tables. "users" and "comments"

 

comments table:

 

cid

uid

date

message

 

user table

 

user_id

user_first

user_last

user_email

user_uid

user_pwd

 

PROBLEM 1

 

I want to be able to display the username in the comments inside my main.php page.

<?php
    date_default_timezone_get('Europe/Copenhagen');
	include_once 'header.php';
    include 'dbh.inc.php';
    include 'comments.inc.php';
    include '/login.inc.php'
?>

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<link href="comments.css" rel="stylesheet" type="text/css">
</head>

<body>


<video width="320" height="240" controls>
  <source src="movie.mp4" type="video/mp4">
  <source src="movie.ogg" type="video/ogg">
</video>

<?php
        if (isset($_SESSION['u_id'])) {
echo
"<form method='POST' action='".setComments($conn)."'>
<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
	<textarea name='message'></textarea><br>
	<button type='submit' name='commentSubmit'>Comment</button>
</form>";
    } else {
        echo "You need to be logged in to comment";
    }
	getComments($conn);
?>
</body>

<?php
	include_once 'footer.php';
?>

So far I have only been able to change it, so that when a user posts, the username will be shown as a number.

 

<?php
        if (isset($_SESSION['u_id'])) {
echo
"<form method='POST' action='".setComments($conn)."'>
<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
<textarea name='message'></textarea><br>
<button type='submit' name='commentSubmit'>Comment</button>
</form>";
    } else {
        echo "You need to be logged in to comment";
    }
getComments($conn);
?>

 

I know the next step is to change something in the function inside the file comments.inc.php, but I have no idea what.

<?php

function setComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "INSERT INTO comments (uid, date, message) 
		VALUES ('$uid', '$date', '$message')";
		$result = mysqli_query($conn, $sql);
	}
}

function getComments($conn) {
	$sql = "SELECT * FROM comments order by cid desc";
	$result = mysqli_query($conn, $sql);
	while ($row = $result->fetch_assoc()) {	
	 echo "<div class='comment-box'><p>";
		echo $row['uid']."<br>";
		echo $row['date']."<br>";
		echo nl2br($row['message']);
	 echo "</p>
	 
	 <form class='delete-form' method='POST' action='".deleteComments($conn)."'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <button type='submit' name='commentDelete'>Delete</button>
	 
	 </form>
	 
	 <form class='edit-form' method='POST' action='editcomment.php'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <input type='hidden' name='uid' value='".$row['uid']."'>
	 <input type='hidden' name='date' value='".$row['date']."'>
	 <input type='hidden' name='message' value='".$row['message']."'>
	 <button>Edit</button>
	 
	 </form>
	 
	 </div>";
		
	}
}

function editComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$cid = $_POST['cid'];
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "UPDATE comments SET message='$message' WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

function deleteComments($conn) {
		if (isset($_POST['commentDelete'])) {
		$cid = $_POST['cid'];
		
		$sql = "DELETE FROM comments WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

PROBLEM 2
 
I have created an admin page, following a CRUD tutorial, and I have created the php file, where I want to access the user data and make changes to it or delete it.
The problem is that I am getting the error PHP Notice: Trying to get property of non-object in C:\MAMP\htdocs\php44\admin.php on line 34
 
<?php require_once 'dbh.inc.php'; ?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <link   href="css/bootstrap.min.css" rel="stylesheet">
    <script src="js/bootstrap.min.js"></script>
</head>
 
<body>
    <div class="container">
            <div class="row">
                <h3>PHP CRUD Grid</h3>
            </div>
            <div class="row">
                <p>
                    <a href="create.php" class="btn btn-success">Create</a>
                </p>
                <table class="table table-striped table-bordered">
                  <thead>
                    <tr>
                      <th>User ID</th>
                      <th>First name</th>
                      <th>Last name</th>
                      <th>Email Address</th>
                    </tr>
                  </thead>
                  <tbody>
                      <?php
            $sql = "SELECT * FROM users WHERE active = 1";
            $result = mysqli_query($conn, $sql);
 
            if($result->num_rows > 0) {
                while($row = $result->fetch_assoc()) {
                    echo "<tr>
                        <td>".$row['user_id']." </td>
                        <td>".$row['user_first']." </td>
                        <td>".$row['user_last']."</td>
                        <td>".$row['user_email']."</td>
                        <td>
                            <a href='edit.php?id=".$row['id']."'><button type='button'>Edit</button></a>
                            <a href='remove.php?id=".$row['id']."'><button type='button'>Remove</button></a>
                        </td>
                    </tr>";
                }
            } else {
                echo "<tr><td colspan='5'><center>No Data Avaliable</center></td></tr>";
            }
            ?>
                  </tbody>
            </table>
        </div>
    </div> <!-- /container -->
  </body>
</html>

 

 

This is probably easy for you guys, but I am completely lost.

I would appreciate if you could explain to me what I have done wrong. I have added the files as well.

Attached Files


Edited by Liljeqvist, 13 September 2017 - 09:28 AM.


#2 Phi11W

Phi11W
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 13 September 2017 - 10:32 AM

comments table
   cid
   uid
   date      
   message

Don't use reserved words (e.g. "date") for column names.  Something more like "comment_date" will cause you far less grief in the long run. 

user table
   user_id
   user_first
   user_last
   user_email
   user_uid
   user_pwd

Never store the password that a user enters.  

Always hash the entered value and store the result of that.  To authenticate the user (when they log in), take the password they enter, hash it and compare that with what's in the table.

 

 

> "I want to be able to display the username in the comments inside my main.php page."

 

You need to learn a bit about SQL and how to "join" tables together when querying them. 

In this case, you need to pull data from both the comments and users tables, which you can do at the same time: 

select cid, u.uid, user_first, user_last, comment_date, message 
from comments c 
inner join users u 
      on   c.uid = u.uid 
order by cid desc 

Regards, 
  Phill  W.

 



#3 Liljeqvist

Liljeqvist
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 13 September 2017 - 11:11 AM

Hey Phill

 

Thank you for the advice.

 

I tried joining the tables using the code you provided me, but sadly it only results in the comment section vanishing, and now it appears that I suddenly have problems reading the login.inc.php file, which I had no problems with before.

[13-Sep-2017 11:07:25 UTC] PHP Warning:  include(/login.inc.php): failed to open stream: No such file or directory in C:\MAMP\htdocs\php44\main.php on line 6

[13-Sep-2017 11:07:25 UTC] PHP Warning:  include(): Failed opening '/login.inc.php' for inclusion (include_path='.;C:\php\pear') in C:\MAMP\htdocs\php44\main.php on line 6

[13-Sep-2017 11:07:25 UTC] PHP Fatal error:  Uncaught Error: Call to a member function fetch_assoc() on boolean in C:\MAMP\htdocs\php44\comments.inc.php:22
Stack trace:
#0 C:\MAMP\htdocs\php44\main.php(37): getComments(Object(mysqli))
#1 {main}
  thrown in C:\MAMP\htdocs\php44\comments.inc.php on line 22



#4 Liljeqvist

Liljeqvist
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 13 September 2017 - 11:29 AM

EDIT

 

Nevermind about the /login.inc.php error. I fixed that.

Now the only remaining error is the one in the file where I joined the tables.

<?php

function setComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "INSERT INTO comments (uid, date, message) 
		VALUES ('$uid', '$date', '$message')";
		$result = mysqli_query($conn, $sql);
	}
}

function getComments($conn) {
	$sql = "SELECT cid, u.uid, user_first, user_last, comment_date, message 
                FROM comments c 
                INNER JOIN users u 
                on   c.uid = u.uid 
                order by cid desc";
    
	$result = mysqli_query($conn, $sql);
	while ($row = $result->fetch_assoc()) {	
	 echo "<div class='comment-box'><p>";
		echo $row['uid']."<br>";
		echo $row['date']."<br>";
		echo nl2br($row['message']);
	 echo "</p>
	 
	 <form class='delete-form' method='POST' action='".deleteComments($conn)."'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <button type='submit' name='commentDelete'>Delete</button>
	 
	 </form>
	 
	 <form class='edit-form' method='POST' action='editcomment.php'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <input type='hidden' name='uid' value='".$row['uid']."'>
	 <input type='hidden' name='date' value='".$row['date']."'>
	 <input type='hidden' name='message' value='".$row['message']."'>
	 <button>Edit</button>
	 
	 </form>
	 
	 </div>";
		
	}
}

function editComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$cid = $_POST['cid'];
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "UPDATE comments SET message='$message' WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

function deleteComments($conn) {
		if (isset($_POST['commentDelete'])) {
		$cid = $_POST['cid'];
		
		$sql = "DELETE FROM comments WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

PHP Fatal error:  Uncaught Error: Call to a member function fetch_assoc() on boolean in C:\MAMP\htdocs\php44\comments.inc.php:22
Stack trace:
#0 C:\MAMP\htdocs\php44\main.php(37): getComments(Object(mysqli))
#1 {main}
  thrown in C:\MAMP\htdocs\php44\comments.inc.php on line 22

Edited by Liljeqvist, 13 September 2017 - 11:32 AM.


#5 Barand

Barand
  • Moderators
  • Sen . ( ile || sei )
  • 17,683 posts

Posted 13 September 2017 - 11:48 AM

The column name in the user table is user_uid, not uid, so the query is failing. (You should be checking for mysqli errors)
If you are still using mysql_ functions, STOP! Use mysqli_ or PDO. The longer you leave it the more you will have to rewrite.

Donations gratefully received






moon.png

|baaGrid| easy data tables - and more
|baaChart| easy line, column and pie charts

#6 Liljeqvist

Liljeqvist
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 13 September 2017 - 02:14 PM

I am getting closer and closer.

 

After hours of testing, I finally managed to keep the comment section AND make it show the usernames. 

This was done by inserting the following code.

function getComments($conn) {
	$sql = "SELECT * FROM comments INNER JOIN users order by cid desc";
	$result = mysqli_query($conn, $sql);
    $resultCheck = mysqli_num_rows($result); 

Not without issues though. Even if I am logged in as "User 1", when I write a comment, it will loop me through all usernames.

so first comment will be by user 1, but my second comment will display as being written by user 2.

 

Putting anything between SELECT and FROM or after "users" will cause the comment section to vanish and give out the error

 

mysqli_num_rows() expects parameter 1 to be mysqli_result

 

But so far, so good.



#7 ginerjm

ginerjm
  • Members
  • PipPipPip
  • Handball player
  • 3,928 posts
  • LocationVoorheesville NY

Posted 13 September 2017 - 02:26 PM

The error is because apparently you are damaging your query statement by the use (preferred) of column names instead of the * (not recommended).

 

Good practice  in coding is to TEST the results of things that rely on external processes such as a query or a file open or a file write - things that can go wrong through no fault of PHP.  If you tested the query result variable before trying to use it you would have seen an error there probably.

 

So - show us the query statement using column names.


JG
PS - If you're posting here you should be using:
        error_reporting(E_ALL);
        ini_set('display_errors', '1');

at the top of ALL php code while you develop it!

#8 Barand

Barand
  • Moderators
  • Sen . ( ile || sei )
  • 17,683 posts

Posted 13 September 2017 - 02:33 PM

Having comments INNER JOIN users, with no join criteria, will give every user joined with every comment. You need to specify which condition to match the records on.

In this case you want to use
... FROM comments c
      INNER JOIN users u
      ON c.uid = u.user_uid
Do not use "SELECT *". Specify the columns you need.
If you are still using mysql_ functions, STOP! Use mysqli_ or PDO. The longer you leave it the more you will have to rewrite.

Donations gratefully received






moon.png

|baaGrid| easy data tables - and more
|baaChart| easy line, column and pie charts




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users