Jump to content

Recommended Posts

Heres a snipet from a script I made, the reply form at the bottom is what I believe is causing the problem.

 

$_SESSION['mydisplayname']=$mydisplayname;
if (isset($_REQUEST['viewtopic']))
{
$id=$_REQUEST['viewtopic'];

echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'>
<tr>
<td><table width='100%' border='0' cellpadding='3' cellspacing='1' bordercolor='1' bgcolor='#000000'>
<tr>
<td align='center' bgcolor='#ccddcc' colspan='2'><strong>".$rows1['title']."</strong>
</tr>
<tr>
<td bgcolor='#F8F7F1' align='center'><strong>".$rows1['authordisplay']."</strong><br>
<td bgcolor='#F8F7F1'>Date/Time : ".$rows1['datetime']."</td>
</tr>
<tr>
<td bgcolor='#Ffffff' width='15%'>User information will eventually go in here. Area under construction.</td>
<td bgcolor='#Ffffff'>".$rows1['content']."</td>
</tr>
</table></td>
</tr>
</table>
<BR>";

$sql2="SELECT * FROM $tablereplies WHERE questionid='".$_REQUEST['viewtopic']."'";
$result2=mysql_query($sql2);
while($rows5=mysql_fetch_array($result2))
	{
	echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'>
	<tr>
	<td><table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#000000'>
	<tr>
	<td bgcolor='#F8F7F1' align='center'><strong>".$rows5['authordisplay']."</strong></td>
	<td bgcolor='#F8F7F1'>".$rows5['datetime']."</td>
	</tr>
	<tr>
	<td bgcolor='#ffffff' width='15%'>User information will eventually go in here. Area under construction.</td>
	<td bgcolor='#ffffff'>".$rows5['content']."</td>
	</tr>
	</table></td>
	</tr>
	</table><br>";
	}

if(session_is_registered(myusername))
	{
	echo "<table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='reply' method='post' action='index.php?action=reply'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'>
	<tr>
	<td valign='top'><strong>Post</strong></td>
	<td valign='top'>:</td>
	<td><textarea name='content' cols='45' rows='3' id='content'></textarea></td>
	</tr>
	<tr>
	<td> </td>
	<td><input name='id' type='hidden' value='".$viewtopic."'></td>
	<td><input type='submit' name='Submit' value='Submit'> <input type='reset' name='Submit2' value='Reset'></td>
	</tr>
	</table>
	</td>
	</form>";
	}
else
	{
	echo "<a href='index.php?action=login'>Login</a> to reply to topics!";
	}

$sql3="SELECT views FROM $tableposts WHERE id='$id'";
$result3=mysql_query($sql3);
$rows3=mysql_fetch_array($result3);
$views3=$rows3['views'];

if(empty($views3))
	{
	$views3=1;
	$sql4="INSERT INTO $tableposts(views) VALUES('$views3') WHERE id='$id'";
	$result4=mysql_query($sql4);
	}

$addview=$views3+1;
$sql5="update $tableposts set views='$addview' WHERE id='$id'";
$result5=mysql_query($sql5);

exit;
}

 

 

The form from above is called by this when the user goes to index.php?action=reply

 

 

if($action == "reply")
	{
	$id=$_REQUEST['id'];
	$sql8="SELECT MAX(answerid) AS Maxanswerid FROM $tablereplies WHERE questionid='$id'";
	$result8=mysql_query($sql8);
	$rows8=mysql_fetch_array($result8);

	if ($rows8) 
		{
		$Max_id = $rows8['Maxanswerid']+1;
		}
	else 
		{
		$Max_id = 1;
		}
	$myusername=$_SESSION['myusername'];
	$mydisplayname=$displayname;
	$content=$_REQUEST['content'];
	$author=$myusername;
	$authordisplay=$displayname;
	$datetime=date("d/m/y H:i:s"); // create date and time 

	$sql9="INSERT INTO $tablereplies(questionid, answerid, author, authordisplay, content, datetime)VALUES('$id', '$Max_id',  '$author', '$authordisplay', '$content', '$datetime')";
        $result9=mysql_query($sql9);

	if($result9)
		{
		echo "<br><br>Successful<BR>";
		echo "<a href='index.php?viewtopic=".$id."'>View your answer</a>";

		$sql10="UPDATE $tableposts SET replies='$Max_id' WHERE id='$id'";
		$result10=mysql_query($sql10);
		}
	else 
		{
		echo "ERROR";
		}

	}

 

Can anyone spot the problem?

 

Thanks,

 

~Shaun

 

 

Link to comment
https://forums.phpfreaks.com/topic/50422-small-script-problem/
Share on other sites

It doesn't give me an error. Here is the whole script:

 

<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE);

// ===========================
// whats my database info?
// ===========================


// ==========================
// lets connect!
// ==========================
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// ===========================
// what table?
// ===========================
$tablemembers="members";
$tableposts="posts";
$tablereplies="replies";

// etc. variables
$id=$_REQUEST['viewtopic'];
$myusername=$_SESSION['myusername'];

// actions
$viewtopic=$_REQUEST['viewtopic'];
$action=$_REQUEST['action'];
// end actions

// =============================
// what goes in the header?
// =============================
$mainsql="SELECT * FROM $tableposts ORDER BY id DESC";
$mainresult=mysql_query($mainsql);

$sql1="SELECT * FROM $tableposts WHERE id='$id'";
$result1=mysql_query($sql1);
$rows1=mysql_fetch_array($result1);

$mydn="SELECT displayname FROM $tablemembers WHERE username = '$myusername'";
$mydisplayname=mysql_query($mydn);
?>
<center>
<?php

if (mysql_num_rows($mydisplayname)>0) {
while ($row = mysql_fetch_assoc($mydisplayname)) {
	extract($row);
        if(isset($_SESSION['myusername'])){
        	echo "Welcome , $displayname | <a href='index.php?action=logout'>Logout</a>";
        }
    }
}
elseif (!isset($_SESSION['myusername'])) {
   echo "<a href='index.php?action=login'>Login</a> | <a href='index.php?action=register'>Register</a>";
}

echo "<br>Your Location: <a href='index.php'>ShaunsBoards</a>";

if(isset($_REQUEST['viewtopic']))
{
echo " > <a href='index.php?viewtopic=".$rows1['id']."'>".$rows1['title']."<br><br>";
}
elseif(isset($action))
{
if($action == "post")
	{
	echo " > <a href='index.php?action=post'>Post New Topic</a>";
	}

elseif($action == "posttopic")
	{
	echo " > <a href='index.php?action=post'>Post New Topic</a>";
	}

elseif($action == "login")
	{
	echo " > <a href='index.php?action=login'>Login</a>";
	}

elseif($action == "register")
	{
	echo " > <a href='index.php?action=register'>Register</a>";
	}

elseif($action == "reply")
	{
	echo " > <a href='index.php?action=reply'>Reply To Topic</a>";
	}
}
else
{
echo "<a href='index.php'></a>";
}

$_SESSION['mydisplayname']=$displayname;
// ===============================
// actions
// ===============================

// --------------------------
// are they viewing a topic?
// --------------------------
$_SESSION['mydisplayname']=$mydisplayname;
if (isset($_REQUEST['viewtopic']))
{
$id=$_REQUEST['viewtopic'];

echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'>
<tr>
<td><table width='100%' border='0' cellpadding='3' cellspacing='1' bordercolor='1' bgcolor='#000000'>
<tr>
<td align='center' bgcolor='#ccddcc' colspan='2'><strong>".$rows1['title']."</strong>
</tr>
<tr>
<td bgcolor='#F8F7F1' align='center'><strong>".$rows1['authordisplay']."</strong><br>
<td bgcolor='#F8F7F1'>Date/Time : ".$rows1['datetime']."</td>
</tr>
<tr>
<td bgcolor='#Ffffff' width='15%'>User information will eventually go in here. Area under construction.</td>
<td bgcolor='#Ffffff'>".$rows1['content']."</td>
</tr>
</table></td>
</tr>
</table>
<BR>";

$sql2="SELECT * FROM $tablereplies WHERE questionid='".$_REQUEST['viewtopic']."'";
$result2=mysql_query($sql2);
while($rows5=mysql_fetch_array($result2))
	{
	echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'>
	<tr>
	<td><table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#000000'>
	<tr>
	<td bgcolor='#F8F7F1' align='center'><strong>".$rows5['authordisplay']."</strong></td>
	<td bgcolor='#F8F7F1'>".$rows5['datetime']."</td>
	</tr>
	<tr>
	<td bgcolor='#ffffff' width='15%'>User information will eventually go in here. Area under construction.</td>
	<td bgcolor='#ffffff'>".$rows5['content']."</td>
	</tr>
	</table></td>
	</tr>
	</table><br>";
	}

if(session_is_registered(myusername))
	{
	echo "<table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='reply' method='post' action='index.php?action=reply'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'>
	<tr>
	<td valign='top'><strong>Post</strong></td>
	<td valign='top'>:</td>
	<td><textarea name='content' cols='45' rows='3' id='content'></textarea></td>
	</tr>
	<tr>
	<td> </td>
	<td><input name='id' type='hidden' value='".$viewtopic."'></td>
	<td><input type='submit' name='Submit' value='Submit'> <input type='reset' name='Submit2' value='Reset'></td>
	</tr>
	</table>
	</td>
	</form>";
	}
else
	{
	echo "<a href='index.php?action=login'>Login</a> to reply to topics!";
	}

$sql3="SELECT views FROM $tableposts WHERE id='$id'";
$result3=mysql_query($sql3);
$rows3=mysql_fetch_array($result3);
$views3=$rows3['views'];

if(empty($views3))
	{
	$views3=1;
	$sql4="INSERT INTO $tableposts(views) VALUES('$views3') WHERE id='$id'";
	$result4=mysql_query($sql4);
	}

$addview=$views3+1;
$sql5="update $tableposts set views='$addview' WHERE id='$id'";
$result5=mysql_query($sql5);

exit;
}
// ==================
// repeat vars
// ==================
$tablemembers="members";
$tableposts="posts";
$tablereplies="replies";

// etc. variables
$id=$_REQUEST['viewtopic'];
$myusername=$_SESSION['myusername'];

// actions
$viewtopic=$_REQUEST['viewtopic'];
$action=$_REQUEST['action'];

$mainsql="SELECT * FROM $tableposts ORDER BY id DESC";
$mainresult=mysql_query($mainsql);

$sql1="SELECT * FROM $tableposts WHERE id='$id'";
$result1=mysql_query($mainsql);
$rows1=mysql_fetch_array($result1);

$mydn="SELECT displayname FROM $tablemembers WHERE username = '$myusername'";
$mydisplayname=mysql_query($mydn);

//===============
// end vars
//===============

// ---------------
// action=post!
// ---------------
$action=$_REQUEST['action'];
if(isset($action))
{
if($action == "post")
	{
	echo "<br><br><table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form id='post' name='post' method='post' action='index.php?action=posttopic'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'>
	<tr>
	<td colspan='3' bgcolor='#E6E6E6'><strong>Create New Topic</strong> </td>
	</tr>
	<tr>
	<td width='14%'><strong>Title</strong></td>
	<td width='2%'>:</td>
	<td width='84%'><input name='title' type='text' id='title' size='50' /></td>
	</tr>
	<tr>
	<td valign='top'><strong>Post</strong></td>
	<td valign='top'>:</td>
	<td><textarea name='content' cols='50' rows='3' id='content'></textarea></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type='submit' name='Submit' value='Submit' /> <input type='reset' name='Submit2' value='Reset' /></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table>";
	}
if($action == "posttopic")
	{
	$title=$_REQUEST['title'];
	$content=$_REQUEST['content'];
	$author=$_SESSION['myusername'];
	$authordisplay=$displayname;
	$datetime=date("d/m/y h:i:s"); //create date time

	$sql6="INSERT INTO $tableposts(title, content, author, authordisplay, datetime)VALUES('$title', '$content', '$author', 						        '$authordisplay', '$datetime')";
	$result6=mysql_query($sql6);

	if($result6)
		{
		echo "<br><br>Successful<BR>";
		echo "<a href=index.php>Go to forum index!</a>";
		}
	else 
		{
		echo "ERROR";
		}
	}

if($action == "login")
	{
	echo "<br><br><table width='300' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='form1' method='post' action='index.php?action=logincheck'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#CCDDCC'>
	<tr>
	<td colspan='3' align='center'><strong><font color='#336633'>ShaunsBoards Login </font></strong></td>
	</tr>
	<tr>
	<td width='78'>Username</td>
	<td width='6'>:</td>
	<td width='294'><input name='myusername' type='text' id='myusername'></td>
	</tr>
	<tr>
	<td>Password</td>
	<td>:</td>
	<td><input name='mypassword' type='password' id='mypassword'></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type='submit' name='Submit' value='Login'>
	</td>
	</tr>
	<tr>
	<td align='center' colspan='4'><a href='index.php?action=register'>Register</a></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table><br /><br /><br />";
	}
if($action == "logincheck")
	{
	$myusernamereq=$_REQUEST['myusername']; 
	$mypasswordreq=$_REQUEST['mypassword'];

	$sql7="SELECT * FROM $tablemembers WHERE username='$myusernamereq' and password='$mypasswordreq'";
	$result7=mysql_query($sql7);

	$count1=mysql_num_rows($result7);
	if($count1==1)
		{
		// Register $myusername, $mypassword and redirect to file "login_success.php"
		$_SESSION['myusername'] = $_POST['myusername'];
		$_SESSION['mypassword'] = $_POST['mypassword'];
		echo "<br><br>Login Successful, <a href='index.php'>Go to forum index!</a>";

		}
	else 
		{
	echo "Wrong Username or Password";
		}
	}
if($action == "logout")
	{
	session_start();
	session_destroy();
	echo "<br><br>Logout Successful, <a href='index.php'>Go to forum index!</a>";
	}

if($action == "reply")
	{
	$id=$_REQUEST['id'];
	$sql8="SELECT MAX(answerid) AS Maxanswerid FROM $tablereplies WHERE questionid='$id'";
	$result8=mysql_query($sql8);
	$rows8=mysql_fetch_array($result8);

	if ($rows8) 
		{
		$Max_id = $rows8['Maxanswerid']+1;
		}
	else 
		{
		$Max_id = 1;
		}
	$myusername=$_SESSION['myusername'];
	$mydisplayname=$displayname;
	$content=$_REQUEST['content'];
	$author=$myusername;
	$authordisplay=$displayname;
	$datetime=date("d/m/y H:i:s"); // create date and time 

	$sql9="INSERT INTO $tablereplies(questionid, answerid, author, authordisplay, content, datetime)VALUES('$id', '$Max_id',  '$author', '$authordisplay', '$content', '$datetime')";
        $result9=mysql_query($sql9);

	if($result9)
		{
		echo "<br><br>Successful<BR>";
		echo "<a href='index.php?viewtopic=".$id."'>View your answer</a>";

		$sql10="UPDATE $tableposts SET replies='$Max_id' WHERE id='$id'";
		$result10=mysql_query($sql10);
		}
	else 
		{
		echo "ERROR";
		}

	}

if($action == "register")
	{
	echo "<br><br><table width='300' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='register' action='index.php?action=registeruser' method='post'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#CCDDCC'>
	<tr>
	<td colspan='3'><strong><font color='#336633'>ShaunsBoards Register</font></strong></td>
	</tr>
	<tr>
	<td width='81' align='senter'>Username</td>
	<td width='3'>:</td>
	<td width='294'><input name='username' type='text' /></td>
	</tr>
	<tr>
	<td>Display Name</td>
	<td>:</td>
	<td><input name='displayname' type='text' /></td>
	</tr>
	<tr>
	<td>Password</td>
	<td>:</td>
	<td><input name='password' type='password' /></td>
	</tr>
	<tr>
	<td>Password Again</td>
	<td>:</td>
	<td><input name='password_again' type='password' /></td>
	</tr>
	<tr>
	<td>E-Mail</td>
	<td>:</td>
	<td><input name='email' type='text' /></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type='submit' value='Register'></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table>";
	}
if($action == "registeruser")
	{
	$username1 = $_REQUEST['username'];
	$displayname1 = $_REQUEST['displayname'];
	$password1 = $_REQUEST['password'];
	$pass_again1 = $_REQUEST['password_again'];
	$email1 = $_REQUEST['email'];

	if(empty($username1))
		{
		die("You didn't enter a username!<br>");
		}

	if(empty($displayname1))
		{
		die("You didn't enter a username!<br>");
		}

	if(empty($password1))
		{
		die("You didn't enter a password!<br>");
		}

	if(empty($pass_again1))
		{
		die("You didn't confirm your password!<br>");
		}

	if(empty($email1))
		{
		die("You didn't enter your email!");
		}

	$user_check = mysql_query("SELECT username FROM $tablemembers WHERE username='$username1'");
	$do_user_check = mysql_num_rows($user_check);
	$display_check = mysql_query("SELECT username FROM $tablemembers WHERE displayname='$displayname1'");
	$do_display_check = mysql_num_rows($display_check);
	$email_check = mysql_query("SELECT email FROM $tablemembers WHERE email='$email1'");
	$do_email_check = mysql_num_rows($email_check);

	if($do_user_check > 0)
		{
		die("<br><br>Sorry, that username is in use.<br>");
		}

	if($do_display_check > 0)
		{
		die("<br><br>Sorry, that display name is in use.<br>");
		}

	if($do_email_check > 0)
		{
		die("<br><br>That e-mail is already in use!<br>");
		}

	if($password1 != $pass_again1)
		{
		die("<br><br>Sorry, you're passwords don't match.<br>");
		}

	$insert = mysql_query("INSERT INTO $tablemembers (username, displayname, password, email) VALUES ('$username', '$displayname', 	'$password', '$email')");

	if(!$insert)
		{
		die("<br><br>There's little problem: ".mysql_error());
		}

	echo "<br><Br>".$username1.", you are now registered. Thank you!<br><a href=index.php?action=login>Login</a> | <a href=index.php>Index</a>";
	}
exit;
}







// --------------
// forum index!
// --------------	

echo "</center>
<br /><br />
<table width='90%' border='0' align='center' cellpadding='3' cellspacing='1' bgcolor='#000000'>
<tr>
<td width='40%' align='center' bgcolor='#CCDDCC'><strong>Topic</strong></td>
<td width='20%' align='center' bgcolor='#CCDDCC'><strong>Author</strong></td>
<td width='15%' align='center' bgcolor='#CCDDCC'><strong>Views</strong></td>
<td width='13%' align='center' bgcolor='#CCDDCC'><strong>Replies</strong></td>
<td width='13%' align='center' bgcolor='#CCDDCC'><strong>Date/Time</strong></td>
</tr>";

while($rowsindex=mysql_fetch_array($mainresult))
{ // Start looping table row 
echo "<tr>
<td bgcolor='#FFFFFF'><a href='index.php?viewtopic=".$rowsindex['id']."'>".$rowsindex['title']."</a><BR></td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['authordisplay']."</td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['views']."</td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['posts']."</td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['datetime']."</td>
</tr>";
}

echo "<tr>
<td colspan='5' align='right' bgcolor='#CCDDCC'>";

if(isset($_SESSION['myusername']))
{
echo "<a href='index.php?action=post'><strong>Create New Topic</strong></a><br>";
}
else
{
echo "<a href='index.php?action=login'>Login</a> to start topics!";
}

?>
</center>

Link to comment
https://forums.phpfreaks.com/topic/50422-small-script-problem/#findComment-247671
Share on other sites

Ahh ok sorry

 

i added some reports for errors try the below, it should show the problem

<?php
session_start();
//error_reporting(E_ALL ^ E_NOTICE);

// ===========================
// whats my database info?
// ===========================
$host="localhost"; // Host name 
$username="*********"; // Mysql username 
$password="*********"; // Mysql password 
$db_name="*********"; // Database name 

// ==========================
// lets connect!
// ==========================
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// ===========================
// what table?
// ===========================
$tablemembers="members";
$tableposts="posts";
$tablereplies="replies";

// etc. variables
$id=$_REQUEST['viewtopic'];
$myusername=$_SESSION['myusername'];

// actions
$viewtopic=$_REQUEST['viewtopic'];
$action=$_REQUEST['action'];
// end actions

// =============================
// what goes in the header?
// =============================
$mainsql="SELECT * FROM $tableposts ORDER BY id DESC";
$mainresult=mysql_query($mainsql) or die(mysql_error());

$sql1="SELECT * FROM $tableposts WHERE id='$id'";
$result1=mysql_query($sql1) or die(mysql_error());
$rows1=mysql_fetch_array($result1) or die(mysql_error());

$mydn="SELECT displayname FROM $tablemembers WHERE username = '$myusername'";
$mydisplayname=mysql_query($mydn) or die(mysql_error());
?>
<center>
<?php

if (mysql_num_rows($mydisplayname)>0) {
while ($row = mysql_fetch_assoc($mydisplayname) or die(mysql_error())) {
	extract($row);
        if(isset($_SESSION['myusername'])){
        	echo "Welcome , $displayname | <a href='index.php?action=logout'>Logout</a>";
        }
    }
}
elseif (!isset($_SESSION['myusername'])) {
   echo "<a href='index.php?action=login'>Login</a> | <a href='index.php?action=register'>Register</a>";
}

echo "<br>Your Location: <a href='index.php'>ShaunsBoards</a>";

if(isset($_REQUEST['viewtopic']))
{
echo " > <a href='index.php?viewtopic=".$rows1['id']."'>".$rows1['title']."<br><br>";
}
elseif(isset($action))
{
if($action == "post")
	{
	echo " > <a href='index.php?action=post'>Post New Topic</a>";
	}

elseif($action == "posttopic")
	{
	echo " > <a href='index.php?action=post'>Post New Topic</a>";
	}

elseif($action == "login")
	{
	echo " > <a href='index.php?action=login'>Login</a>";
	}

elseif($action == "register")
	{
	echo " > <a href='index.php?action=register'>Register</a>";
	}

elseif($action == "reply")
	{
	echo " > <a href='index.php?action=reply'>Reply To Topic</a>";
	}
}
else
{
echo "<a href='index.php'></a>";
}

$_SESSION['mydisplayname']=$displayname;
// ===============================
// actions
// ===============================

// --------------------------
// are they viewing a topic?
// --------------------------
$_SESSION['mydisplayname']=$mydisplayname;
if (isset($_REQUEST['viewtopic']))
{
$id=$_REQUEST['viewtopic'];

echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'>
<tr>
<td><table width='100%' border='0' cellpadding='3' cellspacing='1' bordercolor='1' bgcolor='#000000'>
<tr>
<td align='center' bgcolor='#ccddcc' colspan='2'><strong>".$rows1['title']."</strong>
</tr>
<tr>
<td bgcolor='#F8F7F1' align='center'><strong>".$rows1['authordisplay']."</strong><br>
<td bgcolor='#F8F7F1'>Date/Time : ".$rows1['datetime']."</td>
</tr>
<tr>
<td bgcolor='#Ffffff' width='15%'>User information will eventually go in here. Area under construction.</td>
<td bgcolor='#Ffffff'>".$rows1['content']."</td>
</tr>
</table></td>
</tr>
</table>
<BR>";

$sql2="SELECT * FROM $tablereplies WHERE questionid='".$_REQUEST['viewtopic']."'";
$result2=mysql_query($sql2) or die(mysql_error());
while($rows5=mysql_fetch_array($result2) or die(mysql_error()))
	{
	echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'>
	<tr>
	<td><table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#000000'>
	<tr>
	<td bgcolor='#F8F7F1' align='center'><strong>".$rows5['authordisplay']."</strong></td>
	<td bgcolor='#F8F7F1'>".$rows5['datetime']."</td>
	</tr>
	<tr>
	<td bgcolor='#ffffff' width='15%'>User information will eventually go in here. Area under construction.</td>
	<td bgcolor='#ffffff'>".$rows5['content']."</td>
	</tr>
	</table></td>
	</tr>
	</table><br>";
	}

if(session_is_registered(myusername))
	{
	echo "<table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='reply' method='post' action='index.php?action=reply'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'>
	<tr>
	<td valign='top'><strong>Post</strong></td>
	<td valign='top'>:</td>
	<td><textarea name='content' cols='45' rows='3' id='content'></textarea></td>
	</tr>
	<tr>
	<td> </td>
	<td><input name='id' type='hidden' value='".$viewtopic."'></td>
	<td><input type='submit' name='Submit' value='Submit'> <input type='reset' name='Submit2' value='Reset'></td>
	</tr>
	</table>
	</td>
	</form>";
	}
else
	{
	echo "<a href='index.php?action=login'>Login</a> to reply to topics!";
	}

$sql3="SELECT views FROM $tableposts WHERE id='$id'";
$result3=mysql_query($sql3) or die(mysql_error());
$rows3=mysql_fetch_array($result3) or die(mysql_error());
$views3=$rows3['views'];

if(empty($views3))
	{
	$views3=1;
	$sql4="INSERT INTO $tableposts(views) VALUES('$views3') WHERE id='$id'";
	$result4=mysql_query($sql4) or die(mysql_error());
	}

$addview=$views3+1;
$sql5="update $tableposts set views='$addview' WHERE id='$id'";
$result5=mysql_query($sql5) or die(mysql_error());

exit;
}
// ==================
// repeat vars
// ==================
$tablemembers="members";
$tableposts="posts";
$tablereplies="replies";

// etc. variables
$id=$_REQUEST['viewtopic'];
$myusername=$_SESSION['myusername'];

// actions
$viewtopic=$_REQUEST['viewtopic'];
$action=$_REQUEST['action'];

$mainsql="SELECT * FROM $tableposts ORDER BY id DESC";
$mainresult=mysql_query($mainsql) or die(mysql_error());

$sql1="SELECT * FROM $tableposts WHERE id='$id'";
$result1=mysql_query($mainsql);
$rows1=mysql_fetch_array($result1) or die(mysql_error());

$mydn="SELECT displayname FROM $tablemembers WHERE username = '$myusername'";
$mydisplayname=mysql_query($mydn) or die(mysql_error());

//===============
// end vars
//===============

// ---------------
// action=post!
// ---------------
$action=$_REQUEST['action'];
if(isset($action))
{
if($action == "post")
	{
	echo "<br><br><table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form id='post' name='post' method='post' action='index.php?action=posttopic'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'>
	<tr>
	<td colspan='3' bgcolor='#E6E6E6'><strong>Create New Topic</strong> </td>
	</tr>
	<tr>
	<td width='14%'><strong>Title</strong></td>
	<td width='2%'>:</td>
	<td width='84%'><input name='title' type='text' id='title' size='50' /></td>
	</tr>
	<tr>
	<td valign='top'><strong>Post</strong></td>
	<td valign='top'>:</td>
	<td><textarea name='content' cols='50' rows='3' id='content'></textarea></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type='submit' name='Submit' value='Submit' /> <input type='reset' name='Submit2' value='Reset' /></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table>";
	}
if($action == "posttopic")
	{
	$title=$_REQUEST['title'];
	$content=$_REQUEST['content'];
	$author=$_SESSION['myusername'];
	$authordisplay=$displayname;
	$datetime=date("d/m/y h:i:s"); //create date time

	$sql6="INSERT INTO $tableposts(title, content, author, authordisplay, datetime)VALUES('$title', '$content', '$author', 						        '$authordisplay', '$datetime')";
	$result6=mysql_query($sql6) or die(mysql_error());

	if($result6)
		{
		echo "<br><br>Successful<BR>";
		echo "<a href=index.php>Go to forum index!</a>";
		}
	else 
		{
		echo "ERROR";
		}
	}

if($action == "login")
	{
	echo "<br><br><table width='300' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='form1' method='post' action='index.php?action=logincheck'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#CCDDCC'>
	<tr>
	<td colspan='3' align='center'><strong><font color='#336633'>ShaunsBoards Login </font></strong></td>
	</tr>
	<tr>
	<td width='78'>Username</td>
	<td width='6'>:</td>
	<td width='294'><input name='myusername' type='text' id='myusername'></td>
	</tr>
	<tr>
	<td>Password</td>
	<td>:</td>
	<td><input name='mypassword' type='password' id='mypassword'></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type='submit' name='Submit' value='Login'>
	</td>
	</tr>
	<tr>
	<td align='center' colspan='4'><a href='index.php?action=register'>Register</a></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table><br /><br /><br />";
	}
if($action == "logincheck")
	{
	$myusernamereq=$_REQUEST['myusername']; 
	$mypasswordreq=$_REQUEST['mypassword'];

	$sql7="SELECT * FROM $tablemembers WHERE username='$myusernamereq' and password='$mypasswordreq'";
	$result7=mysql_query($sql7) or die(mysql_error());

	$count1=mysql_num_rows($result7);
	if($count1==1)
		{
		// Register $myusername, $mypassword and redirect to file "login_success.php"
		$_SESSION['myusername'] = $_POST['myusername'];
		$_SESSION['mypassword'] = $_POST['mypassword'];
		echo "<br><br>Login Successful, <a href='index.php'>Go to forum index!</a>";

		}
	else 
		{
	echo "Wrong Username or Password";
		}
	}
if($action == "logout")
	{
	session_start();
	session_destroy();
	echo "<br><br>Logout Successful, <a href='index.php'>Go to forum index!</a>";
	}

if($action == "reply")
	{
	$id=$_REQUEST['id'];
	$sql8="SELECT MAX(answerid) AS Maxanswerid FROM $tablereplies WHERE questionid='$id'";
	$result8=mysql_query($sql8) or die(mysql_error());
	$rows8=mysql_fetch_array($result8);

	if ($rows8) 
		{
		$Max_id = $rows8['Maxanswerid']+1;
		}
	else 
		{
		$Max_id = 1;
		}
	$myusername=$_SESSION['myusername'];
	$mydisplayname=$displayname;
	$content=$_REQUEST['content'];
	$author=$myusername;
	$authordisplay=$displayname;
	$datetime=date("d/m/y H:i:s"); // create date and time 

	$sql9="INSERT INTO $tablereplies(questionid, answerid, author, authordisplay, content, datetime)VALUES('$id', '$Max_id',  '$author', '$authordisplay', '$content', '$datetime')";
        $result9=mysql_query($sql9) or die(mysql_error());

	if($result9)
		{
		echo "<br><br>Successful<BR>";
		echo "<a href='index.php?viewtopic=".$id."'>View your answer</a>";

		$sql10="UPDATE $tableposts SET replies='$Max_id' WHERE id='$id'";
		$result10=mysql_query($sql10) or die(mysql_error());
		}
	else 
		{
		echo "ERROR";
		}

	}

if($action == "register")
	{
	echo "<br><br><table width='300' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'>
	<tr>
	<form name='register' action='index.php?action=registeruser' method='post'>
	<td>
	<table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#CCDDCC'>
	<tr>
	<td colspan='3'><strong><font color='#336633'>ShaunsBoards Register</font></strong></td>
	</tr>
	<tr>
	<td width='81' align='senter'>Username</td>
	<td width='3'>:</td>
	<td width='294'><input name='username' type='text' /></td>
	</tr>
	<tr>
	<td>Display Name</td>
	<td>:</td>
	<td><input name='displayname' type='text' /></td>
	</tr>
	<tr>
	<td>Password</td>
	<td>:</td>
	<td><input name='password' type='password' /></td>
	</tr>
	<tr>
	<td>Password Again</td>
	<td>:</td>
	<td><input name='password_again' type='password' /></td>
	</tr>
	<tr>
	<td>E-Mail</td>
	<td>:</td>
	<td><input name='email' type='text' /></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type='submit' value='Register'></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
	</table>";
	}
if($action == "registeruser")
	{
	$username1 = $_REQUEST['username'];
	$displayname1 = $_REQUEST['displayname'];
	$password1 = $_REQUEST['password'];
	$pass_again1 = $_REQUEST['password_again'];
	$email1 = $_REQUEST['email'];

	if(empty($username1))
		{
		die("You didn't enter a username!<br>");
		}

	if(empty($displayname1))
		{
		die("You didn't enter a username!<br>");
		}

	if(empty($password1))
		{
		die("You didn't enter a password!<br>");
		}

	if(empty($pass_again1))
		{
		die("You didn't confirm your password!<br>");
		}

	if(empty($email1))
		{
		die("You didn't enter your email!");
		}

	$user_check = mysql_query("SELECT username FROM $tablemembers WHERE username='$username1'");
	$do_user_check = mysql_num_rows($user_check);
	$display_check = mysql_query("SELECT username FROM $tablemembers WHERE displayname='$displayname1'");
	$do_display_check = mysql_num_rows($display_check);
	$email_check = mysql_query("SELECT email FROM $tablemembers WHERE email='$email1'");
	$do_email_check = mysql_num_rows($email_check);

	if($do_user_check > 0)
		{
		die("<br><br>Sorry, that username is in use.<br>");
		}

	if($do_display_check > 0)
		{
		die("<br><br>Sorry, that display name is in use.<br>");
		}

	if($do_email_check > 0)
		{
		die("<br><br>That e-mail is already in use!<br>");
		}

	if($password1 != $pass_again1)
		{
		die("<br><br>Sorry, you're passwords don't match.<br>");
		}

	$insert = mysql_query("INSERT INTO $tablemembers (username, displayname, password, email) VALUES ('$username', '$displayname', 	'$password', '$email')");

	if(!$insert)
		{
		die("<br><br>There's little problem: ".mysql_error());
		}

	echo "<br><Br>".$username1.", you are now registered. Thank you!<br><a href=index.php?action=login>Login</a> | <a href=index.php>Index</a>";
	}
exit;
}







// --------------
// forum index!
// --------------	

echo "</center>
<br /><br />
<table width='90%' border='0' align='center' cellpadding='3' cellspacing='1' bgcolor='#000000'>
<tr>
<td width='40%' align='center' bgcolor='#CCDDCC'><strong>Topic</strong></td>
<td width='20%' align='center' bgcolor='#CCDDCC'><strong>Author</strong></td>
<td width='15%' align='center' bgcolor='#CCDDCC'><strong>Views</strong></td>
<td width='13%' align='center' bgcolor='#CCDDCC'><strong>Replies</strong></td>
<td width='13%' align='center' bgcolor='#CCDDCC'><strong>Date/Time</strong></td>
</tr>";

while($rowsindex=mysql_fetch_array($mainresult))
{ // Start looping table row 
echo "<tr>
<td bgcolor='#FFFFFF'><a href='index.php?viewtopic=".$rowsindex['id']."'>".$rowsindex['title']."</a><BR></td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['authordisplay']."</td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['views']."</td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['posts']."</td>
<td align='center' bgcolor='#FFFFFF'>".$rowsindex['datetime']."</td>
</tr>";
}

echo "<tr>
<td colspan='5' align='right' bgcolor='#CCDDCC'>";

if(isset($_SESSION['myusername']))
{
echo "<a href='index.php?action=post'><strong>Create New Topic</strong></a><br>";
}
else
{
echo "<a href='index.php?action=login'>Login</a> to start topics!";
}

?>
</center>

Link to comment
https://forums.phpfreaks.com/topic/50422-small-script-problem/#findComment-247676
Share on other sites

Hi Shaun,

 

You have 550 lines of code. A lot to look at. Is the code you posted in a self processing form? Or is this script for two pages? In other words, is the form one page and the processed page another? Since you're not getting any errors, what is actually happening? Does the form show up? Are you able to use the submit button? If so what happens when you click it?

Link to comment
https://forums.phpfreaks.com/topic/50422-small-script-problem/#findComment-248603
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.