Jump to content

Can you help out a beginner?


Liljeqvist

Recommended Posts

Hey guys

 

I really hope that you could help out a beginner here. I have two questions that I hope you could answer.

 

I have made a page that contains a sign up function, a log in function, and a comment section.

Its very basic PHP. I want registered users to be able to leave comments, and I as an admin would like to be able to manage the user information at the front-end.

 

I have a database called loginsystem, which contain two tables. "users" and "comments"

 

comments table:

 

cid

uid

date

message

 

user table

 

user_id

user_first

user_last

user_email

user_uid

user_pwd

 

PROBLEM 1

 

I want to be able to display the username in the comments inside my main.php page.

<?php
    date_default_timezone_get('Europe/Copenhagen');
	include_once 'header.php';
    include 'dbh.inc.php';
    include 'comments.inc.php';
    include '/login.inc.php'
?>

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<link href="comments.css" rel="stylesheet" type="text/css">
</head>

<body>


<video width="320" height="240" controls>
  <source src="movie.mp4" type="video/mp4">
  <source src="movie.ogg" type="video/ogg">
</video>

<?php
        if (isset($_SESSION['u_id'])) {
echo
"<form method='POST' action='".setComments($conn)."'>
<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
	<textarea name='message'></textarea><br>
	<button type='submit' name='commentSubmit'>Comment</button>
</form>";
    } else {
        echo "You need to be logged in to comment";
    }
	getComments($conn);
?>
</body>

<?php
	include_once 'footer.php';
?>

So far I have only been able to change it, so that when a user posts, the username will be shown as a number.

 

<?php
        if (isset($_SESSION['u_id'])) {
echo
"<form method='POST' action='".setComments($conn)."'>
<input type='hidden' name='uid' value='".$_SESSION['u_id']."'>
<input type='hidden' name='date' value='".date('Y-m-d H:i:s')."'>
<textarea name='message'></textarea><br>
<button type='submit' name='commentSubmit'>Comment</button>
</form>";
    } else {
        echo "You need to be logged in to comment";
    }
getComments($conn);
?>

 

I know the next step is to change something in the function inside the file comments.inc.php, but I have no idea what.

<?php

function setComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "INSERT INTO comments (uid, date, message) 
		VALUES ('$uid', '$date', '$message')";
		$result = mysqli_query($conn, $sql);
	}
}

function getComments($conn) {
	$sql = "SELECT * FROM comments order by cid desc";
	$result = mysqli_query($conn, $sql);
	while ($row = $result->fetch_assoc()) {	
	 echo "<div class='comment-box'><p>";
		echo $row['uid']."<br>";
		echo $row['date']."<br>";
		echo nl2br($row['message']);
	 echo "</p>
	 
	 <form class='delete-form' method='POST' action='".deleteComments($conn)."'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <button type='submit' name='commentDelete'>Delete</button>
	 
	 </form>
	 
	 <form class='edit-form' method='POST' action='editcomment.php'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <input type='hidden' name='uid' value='".$row['uid']."'>
	 <input type='hidden' name='date' value='".$row['date']."'>
	 <input type='hidden' name='message' value='".$row['message']."'>
	 <button>Edit</button>
	 
	 </form>
	 
	 </div>";
		
	}
}

function editComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$cid = $_POST['cid'];
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "UPDATE comments SET message='$message' WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

function deleteComments($conn) {
		if (isset($_POST['commentDelete'])) {
		$cid = $_POST['cid'];
		
		$sql = "DELETE FROM comments WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

PROBLEM 2
 
I have created an admin page, following a CRUD tutorial, and I have created the php file, where I want to access the user data and make changes to it or delete it.
The problem is that I am getting the error PHP Notice: Trying to get property of non-object in C:\MAMP\htdocs\php44\admin.php on line 34
 
<?php require_once 'dbh.inc.php'; ?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <link   href="css/bootstrap.min.css" rel="stylesheet">
    <script src="js/bootstrap.min.js"></script>
</head>
 
<body>
    <div class="container">
            <div class="row">
                <h3>PHP CRUD Grid</h3>
            </div>
            <div class="row">
                <p>
                    <a href="create.php" class="btn btn-success">Create</a>
                </p>
                <table class="table table-striped table-bordered">
                  <thead>
                    <tr>
                      <th>User ID</th>
                      <th>First name</th>
                      <th>Last name</th>
                      <th>Email Address</th>
                    </tr>
                  </thead>
                  <tbody>
                      <?php
            $sql = "SELECT * FROM users WHERE active = 1";
            $result = mysqli_query($conn, $sql);
 
            if($result->num_rows > 0) {
                while($row = $result->fetch_assoc()) {
                    echo "<tr>
                        <td>".$row['user_id']." </td>
                        <td>".$row['user_first']." </td>
                        <td>".$row['user_last']."</td>
                        <td>".$row['user_email']."</td>
                        <td>
                            <a href='edit.php?id=".$row['id']."'><button type='button'>Edit</button></a>
                            <a href='remove.php?id=".$row['id']."'><button type='button'>Remove</button></a>
                        </td>
                    </tr>";
                }
            } else {
                echo "<tr><td colspan='5'><center>No Data Avaliable</center></td></tr>";
            }
            ?>
                  </tbody>
            </table>
        </div>
    </div> <!-- /container -->
  </body>
</html>

 

 

This is probably easy for you guys, but I am completely lost.

I would appreciate if you could explain to me what I have done wrong. I have added the files as well.

dbh.inc.php

comments.inc.php

main.php

login.inc.php

signup.php

signup.inc.php

logout.inc.php

editcomment.php

admin.php

Link to comment
Share on other sites

comments table
   cid
   uid
   date      
   message

Don't use reserved words (e.g. "date") for column names.  Something more like "comment_date" will cause you far less grief in the long run. 

user table
   user_id
   user_first
   user_last
   user_email
   user_uid
   user_pwd

Never store the password that a user enters.  

Always hash the entered value and store the result of that.  To authenticate the user (when they log in), take the password they enter, hash it and compare that with what's in the table.

 

 

> "I want to be able to display the username in the comments inside my main.php page."

 

You need to learn a bit about SQL and how to "join" tables together when querying them. 

In this case, you need to pull data from both the comments and users tables, which you can do at the same time: 

select cid, u.uid, user_first, user_last, comment_date, message 
from comments c 
inner join users u 
      on   c.uid = u.uid 
order by cid desc 

Regards, 

  Phill  W.

 

Link to comment
Share on other sites

Hey Phill

 

Thank you for the advice.

 

I tried joining the tables using the code you provided me, but sadly it only results in the comment section vanishing, and now it appears that I suddenly have problems reading the login.inc.php file, which I had no problems with before.

[13-Sep-2017 11:07:25 UTC] PHP Warning:  include(/login.inc.php): failed to open stream: No such file or directory in C:\MAMP\htdocs\php44\main.php on line 6

[13-Sep-2017 11:07:25 UTC] PHP Warning:  include(): Failed opening '/login.inc.php' for inclusion (include_path='.;C:\php\pear') in C:\MAMP\htdocs\php44\main.php on line 6

[13-Sep-2017 11:07:25 UTC] PHP Fatal error:  Uncaught Error: Call to a member function fetch_assoc() on boolean in C:\MAMP\htdocs\php44\comments.inc.php:22
Stack trace:
#0 C:\MAMP\htdocs\php44\main.php(37): getComments(Object(mysqli))
#1 {main}
  thrown in C:\MAMP\htdocs\php44\comments.inc.php on line 22

Link to comment
Share on other sites

EDIT

 

Nevermind about the /login.inc.php error. I fixed that.

Now the only remaining error is the one in the file where I joined the tables.

<?php

function setComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "INSERT INTO comments (uid, date, message) 
		VALUES ('$uid', '$date', '$message')";
		$result = mysqli_query($conn, $sql);
	}
}

function getComments($conn) {
	$sql = "SELECT cid, u.uid, user_first, user_last, comment_date, message 
                FROM comments c 
                INNER JOIN users u 
                on   c.uid = u.uid 
                order by cid desc";
    
	$result = mysqli_query($conn, $sql);
	while ($row = $result->fetch_assoc()) {	
	 echo "<div class='comment-box'><p>";
		echo $row['uid']."<br>";
		echo $row['date']."<br>";
		echo nl2br($row['message']);
	 echo "</p>
	 
	 <form class='delete-form' method='POST' action='".deleteComments($conn)."'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <button type='submit' name='commentDelete'>Delete</button>
	 
	 </form>
	 
	 <form class='edit-form' method='POST' action='editcomment.php'>
	
	 <input type='hidden' name='cid' value='".$row['cid']."'>
	 <input type='hidden' name='uid' value='".$row['uid']."'>
	 <input type='hidden' name='date' value='".$row['date']."'>
	 <input type='hidden' name='message' value='".$row['message']."'>
	 <button>Edit</button>
	 
	 </form>
	 
	 </div>";
		
	}
}

function editComments($conn) {
	if (isset($_POST['commentSubmit'])) {
		$cid = $_POST['cid'];
		$uid = $_POST['uid'];
		$date = $_POST['date'];
		$message = $_POST['message'];
		
		$sql = "UPDATE comments SET message='$message' WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

function deleteComments($conn) {
		if (isset($_POST['commentDelete'])) {
		$cid = $_POST['cid'];
		
		$sql = "DELETE FROM comments WHERE cid='$cid'";
        $result = mysqli_query($conn, $sql);
		header("location: main.php");
		
	}
}

PHP Fatal error:  Uncaught Error: Call to a member function fetch_assoc() on boolean in C:\MAMP\htdocs\php44\comments.inc.php:22
Stack trace:
#0 C:\MAMP\htdocs\php44\main.php(37): getComments(Object(mysqli))
#1 {main}
  thrown in C:\MAMP\htdocs\php44\comments.inc.php on line 22
Link to comment
Share on other sites

I am getting closer and closer.

 

After hours of testing, I finally managed to keep the comment section AND make it show the usernames. 

This was done by inserting the following code.

function getComments($conn) {
	$sql = "SELECT * FROM comments INNER JOIN users order by cid desc";
	$result = mysqli_query($conn, $sql);
    $resultCheck = mysqli_num_rows($result); 

Not without issues though. Even if I am logged in as "User 1", when I write a comment, it will loop me through all usernames.

so first comment will be by user 1, but my second comment will display as being written by user 2.

 

Putting anything between SELECT and FROM or after "users" will cause the comment section to vanish and give out the error

 

mysqli_num_rows() expects parameter 1 to be mysqli_result

 

But so far, so good.

Link to comment
Share on other sites

The error is because apparently you are damaging your query statement by the use (preferred) of column names instead of the * (not recommended).

 

Good practice  in coding is to TEST the results of things that rely on external processes such as a query or a file open or a file write - things that can go wrong through no fault of PHP.  If you tested the query result variable before trying to use it you would have seen an error there probably.

 

So - show us the query statement using column names.

Link to comment
Share on other sites

Having comments INNER JOIN users, with no join criteria, will give every user joined with every comment. You need to specify which condition to match the records on.

 

In this case you want to use

... FROM comments c
      INNER JOIN users u
      ON c.uid = u.user_uid
Do not use "SELECT *". Specify the columns you need.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.