Jump to content

Recommended Posts

At Pastebin.

 

And here:

<?php

/*******************************************/
/* Edit this section, add your own         */
/* database connection details.            */

define('DBHOST', 'blah');
define('DBUSER', 'blah');
define('DBPASS', 'blah');
define('DBNAME', 'blah');

/*******************************************/
/* Include any website header sections,    */
/* eg: top.html, header.html, footer.html. */

// EG: include("../html/header.html");

echo '<html><head></head><body>';

/*******************************************/

/*******************************************/
/* Optional colours editing. Change any    */
/* fields you like to any colours you      */
/* prefer.  Default is white background    */
/* and black text. A full list of accepted */
/* named colours for HTML can be found at: */
/* http://www.w3schools.com/html/html_colornames.asp */

define('BGCOLOUR1', 'azure');     /* Background colour 1 for alternating table rows. */
define('BGCOLOUR2', 'aliceblue'); /* Background colour 2 for alternating table rows. */
define('TEXTCOLOUR', 'black');    /* Normal text colour. */
define('TEXTSIZE', '4');          /* Normal text size. */
define('MINITEXT', '4');          /* Mini text size. */
define('HEADINGBG', 'cyan');      /* Background colour for table headings. */
define('HEADINGSIZE', '4');       /* Size of heading text. */
define('HEADINGTEXT', 'black');   /* Text colour for table headings. */
define('SPACING', '0');           /* Spacing between table cells. */
define('PADDING', '2');           /* Padding around table cells. */

/*******************************************/
/*      DO NOT EDIT BELOW THIS LINE!       */
/*******************************************/

session_start();
if(empty($_POST['actiontype'])){
$actiontype = 'showtopics';
}
if(empty($_POST['id'])){
$id = 0;
}

/*******************************************/

/* Make verification image. */

function verificationImage(){
$range  = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$rand = substr(str_shuffle($range), 0, 5);
$bg = rand(1, 4);
$image = imagecreatefromjpeg("background$bg.jpg");
$textColour = imagecolorallocate($image, 0, 0, 0); 
imagestring ($image, 5, 5, 8,  $rand, $textColour); 
$_SESSION['image_random_value'] = md5($rand);
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
header("Cache-Control: no-store, no-cache, must-revalidate"); 
header("Cache-Control: post-check=0, pre-check=0", false); 
header("Pragma: no-cache"); 	
header('Content-type: image/jpeg');
imagejpeg($image);
imagedestroy($image);
}

/*******************************************/

/* Verification code was wrong, give error message. */

function wrongCode(){
echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Image verification code incorrect. <a href="index.php">Return to forum.</a></font><br>';
}

/*******************************************/

/* Display the form for starting new threads. */

function showFormTopic(){
echo '<form action="'.$_SERVER['php_self'].'" method="post">';
echo '<center><table width="75%" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'" border="0">';
echo '<tr align="left" valign="top">';
echo '<td width="30%"><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Your name:</b></font></td>';
echo '<td width="70%"><input name="name" type="text" id="name" size="50" maxlength="65"/></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Subject:</b></font></td>';
echo '<td><input name="subject" type="text" id="subject" size="50" maxlength="255"/></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Input verification code:</b></font></td>';
echo '<td><input name="random" type="text" id="random"/> ';
echo '<img src="verify.png" alt="Type this into the box" title="Type this into the box" /></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Message:</b></font></td>';
echo '<td><textarea name="message" cols="50" rows="5" id="message"></textarea></td>';
echo '</tr>';
echo '<td align="right"><input type="reset" value="Clear Form" /></td>';
echo '<td align="left"><input type="hidden" name="actiontype" value="makethread" /><input name="id" type="hidden" value="'.$id.'" /><input name="Submit" type="submit" value="Add new topic" /></td>';
echo '</table></center>';
echo '</form>';
}

/*******************************************/

/* Display the form for replying to threads. */

function showFormReply(){
echo '<form action="'.$_SERVER['php_self'].'" method="post">';
echo '<center><table width="75%" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'" border="0">';
echo '<tr align="left" valign="top">';
echo '<td width="30%"><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Your name:</b></font></td>';
echo '<td width="70%"><input name="name" id="name" type="text" size="50" maxlength="65"/></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Input verification code:</b></font></td>';
echo '<td><input name="verify" type="text" id="verify"/> ';
echo '<img src="verify.png" alt="Type this into the box" title="Type this into the box" /></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Message:</b></font></td>';
echo '<td><textarea name="message" cols="50" rows="5" id="message"></textarea></td>';
echo '</tr>';
echo '<tr valign="top">';
echo '<td align="right"><input type="reset" value="Clear Form" /></td>';
echo '<td align="left"><input type="hidden" name="actiontype" value="makereply" /><input name="id" type="hidden" value="'.$id.'" /><input name="Submit" type="submit" value="Add reply" /></td>';
echo '</tr>';
echo '</table></center>';
echo '</form>';
}

/*******************************************/

/* Selects and shows some details of posts which have zero as parentid. */

function showTopics(){
$rowcount = 0;
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){
  die('Not connected: ' . mysql_error());
}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){
  die('Can not use database: '. mysql_error());
}
$sql = "select * from forum where parentid='0' order by datetime desc";
$result = mysql_query($sql);
echo '<center><table border="0" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'">';
echo '<tr bgcolor="'.HEADINGBG.'"><td width="50%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Subject</b></font></td><td width="30%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Name</b></font></td><td width="5%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Views</b></font></td><td width="5%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Replies</b></font></td><td width="10%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Date/Time</b></font></td></tr>';
while($rows=mysql_fetch_array($result)){
  $rowbg = ($rowcount % 2) ? BGCOLOUR1 : BGCOLOUR2;
  echo '<tr bgcolor="'.$rowbg.'">';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><a href="view_topic.php?id='.$rows['id'].'">'.$rows['subject'].'</td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['name']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['numviews']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['numreplies']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['datetime']).'</font></td>';
  echo '</tr>';
  $rowcount++;
}
mysql_close();
echo '</table></center>';
}

/*******************************************/

/* Shows all posts where parentid is equal to selected postid. */

function showReplies(){
$rowcount = 0;
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){
  die('Not connected: ' . mysql_error());
}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){
  die('Can not use database: '. mysql_error());
}
$id = $_POST['id'];
$sql = "select * from forum where id='$id'";
$result = mysql_query($sql);
$rows = mysql_fetch_array($result);
echo '<h2><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'">Subject: '.stripslashes($rows['subject']).'</font></h2>';
echo '<center><table width="100%" border="0" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'">';
echo '<tr bgcolor="'.HEADINGBG.'"><td width="15%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>User</b></font></td><td width="85%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Message</b></font></td></tr>';
echo '<tr><td><font size="'.TEXTSIZE.'" color="'.TEXTCOLOUR.'">'.stripslashes($rows['name']).'</font><br><font size="'.MINITEXT.'" color="'.TEXTCOLOUR.'">'.stripslashes($rows['datetime']).'</font></td><td><font size="'.TEXTSIZE.'" color="'.TEXTCOLOUR.'">'.stripslashes($rows['message']).'</font></td></tr>';
$sql2 = "select * from forum where parentid='$id' order by datetime asc";
$result2 = mysql_query($sql2);
while($rows=mysql_fetch_array($result2)){
  $rowbg = ($rowcount % 2) ? $bgcolour1 : $bgcolour2;
  echo '<tr bgcolor="'.$rowbg.'">';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>'.stripslashes($rows['name']).'</b></font><br><font color="'.TEXTCOLOUR.'" size="'.$minitext.'">'.stripslashes($rows['datetime']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['message']).'</font></td>';
  echo '</tr>';
  $rowcount++;
}
$sql3 = "select numviews from forum where id='$id'";
$result3 = mysql_query($sql3);
$rows = mysql_fetch_array($result3);
$view = $rows['numviews']+1;
$sql4 = "update forumthread set view='$view' where id='$id'";
$result5 = mysql_query($sql4);
mysql_close();
}

/*******************************************/

/* Insert new thread into database. */

function addThread(){
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){
  die('Not connected: ' . mysql_error());
}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){
  die('Can not use database: '. mysql_error());
}
$name = mysql_real_escape_string(addslashes($_POST['name']));
$message = mysql_real_escape_string(addslashes($_POST['message']));
$subject = mysql_real_escape_string(addslashes($_POST['subject']));
$datetime = date("d/m/y H:i:s");
$sql = "insert into forum(name, message, datetime, subject) values('$name', '$message', '$datetime', '$subject')";
if($result = mysql_query($sql)){
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">New thread successfully created.</font><br>';
}
else{
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Could not create thread. <a href="index.php">Return to forum.</a></font><br>';
}
mysql_close();
}

/*******************************************/

/* Insert new post into database. */

function addReply(){
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){
  die('Not connected: ' . mysql_error());
}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){
  die('Can not use database: '. mysql_error());
}
$parentid = mysql_real_escape_string(addslashes($_POST['parentid']));
$name = mysql_real_escape_string(addslashes($_POST['name']));
$message = mysql_real_escape_string(addslashes($_POST['message']));
$datetime = date("d/m/y H:i:s");
$sql = "insert into forum(parentid, name, message, datetime) values('$parentid', '$name', '$message', '$datetime')";
if($result = mysql_query($sql)){
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Post successfully added to thread.</font><br>';
  $sql2 = "update forum set numreplies = '$maxpostid' where id='$parentid'";
  $result2 = mysql_query($sql2);
}
else{
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Could not add post. <a href="index.php">Return to forum.</a></font><br>';
}
mysql_close();
}

/*******************************************/

/* This switch decides which action to perform. */

if(isset($_POST['actiontype'])){
switch($actiontype){
  case 'maketopic':
   if(md5($number) == $_SESSION['image_random_value']){
    addThread();
    $_SESSION['image_random_value'] = '';
    showFormTopic();
    showTopics();
   }
   else{
    wrongCode();
   }
   break;
  case 'makereply':
   if(md5($number) == $_SESSION['image_random_value']){
    addReply();
    $_SESSION['image_random_value'] = '';
    showFormReply();
    showReplies();
   }
   else{
    wrongCode();
   }
   break;
  case 'showreplies':
   showFormReply();
   showReplies();
   break;
  case 'showtopics':
  default:
   showFormTopic();
   showTopics();
   break;
}
}
else{
/* Show list of threads and output form. */
  showFormTopic();
  showTopics();
}

/*******************************************/

/* Include page footer. */

// EG: include("forumfooter.html");

echo '</body></html>';

?>

The image verification thing is the only real hurdle now. No idea how to get that working. The rest is just sorting out the logic of what to select from the DB and such.  The relevant functions are verificationImage(), showFormTopic(), and showFormReply().  Oh, and also the switch down at the bottom.  The verificationImage() function is to produce a verification image used as an input verification tool in those two forms, which is tested in the switch to determine if the functions for altering the database will be called.  Yes, I have ripped off and mutilated many tutorials.  However, I'm unsure how to work that verification image function into the form functions and the switch properly.

Link to comment
https://forums.phpfreaks.com/topic/73994-revised-attempt-at-a-simple-forum/
Share on other sites

Sorry didn't even read your code, thought you just wanted to know how to do the image verification.

 

Looks like you've already done what you need.

 

You just need to replace

echo '<img src="verify.png" alt="Type this into the box" title="Type this into the box" />

 

With a call to your verificationImage() function.

 

Also, don't forget to set the session inside that function, otherwise its always going to fail.

Latest attempt.

 

<?php

/*******************************************/
/* Edit this section, add your own         */
/* database connection details.            */

define('DBHOST', 'blah');
define('DBUSER', 'blah');
define('DBPASS', 'blah');
define('DBNAME', 'blah');

/*******************************************/
/* Include any website header sections,    */
/* eg: top.html, header.html, footer.html. */

// include("../html/header.html");

// include ("../html/sideMenu.html");

// include_once('../include/dbobj.inc.php');

echo '<html><head></head><body>';

/*******************************************/

/*******************************************/
/* Optional colours editing. Change any    */
/* fields you like to any colours you      */
/* prefer.  Default is white background    */
/* and black text. A full list of accepted */
/* named colours for HTML can be found at: */
/* http://www.w3schools.com/html/html_colornames.asp */

define('BGCOLOUR1', 'azure');     /* Background colour 1 for alternating table rows. */
define('BGCOLOUR2', 'aliceblue'); /* Background colour 2 for alternating table rows. */
define('TEXTCOLOUR', 'black');    /* Normal text colour. */
define('TEXTSIZE', '4');          /* Normal text size. */
define('MINITEXT', '4');          /* Mini text size. */
define('HEADINGBG', 'cyan');      /* Background colour for table headings. */
define('HEADINGSIZE', '4');       /* Size of heading text. */
define('HEADINGTEXT', 'black');   /* Text colour for table headings. */
define('SPACING', '0');           /* Spacing between table cells. */
define('PADDING', '2');           /* Padding around table cells. */

/*******************************************/
/*      DO NOT EDIT BELOW THIS LINE!       */
/*******************************************/

session_start();
if(empty($_POST['actiontype'])){
$actiontype = 'showtopics';
}
if(empty($_POST['id'])){
$id = 0;
}

/*******************************************/

/* Verification code was wrong, give error message. */

function wrongCode(){
echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Image verification code incorrect. <a href="index.php">Return to forum.</a></font><br>';
}

/*******************************************/

/* Display the form for starting new threads. */

function showFormTopic(){
echo '<form action="'.$_SERVER['php_self'].'" method="post">';
echo '<center><table width="75%" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'" border="0">';
echo '<tr align="left" valign="top">';
echo '<td width="30%"><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Your name:</b></font></td>';
echo '<td width="70%"><input name="name" type="text" id="name" size="50" maxlength="65"/></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Subject:</b></font></td>';
echo '<td><input name="subject" type="text" id="subject" size="50" maxlength="255"/></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Input verification code:</b></font></td>';
echo '<td><input name="security_code" type="text" id="security_code"/> ';
echo '<img src="CaptchaSecurityImages.php" alt="Type this into the box" title="Type this into the box" /></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Message:</b></font></td>';
echo '<td><textarea name="message" cols="50" rows="5" id="message"></textarea></td>';
echo '</tr>';
echo '<td align="right"><input type="reset" value="Clear Form" /></td>';
echo '<td align="left"><input type="hidden" name="actiontype" value="makethread" /><input name="id" type="hidden" value="'.$id.'" /><input name="Submit" type="submit" value="Add new topic" /></td>';
echo '</table></center>';
echo '</form>';
}

/*******************************************/

/* Display the form for replying to threads. */

function showFormReply(){
echo '<form action="'.$_SERVER['php_self'].'" method="post">';
echo '<center><table width="75%" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'" border="0">';
echo '<tr align="left" valign="top">';
echo '<td width="30%"><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Your name:</b></font></td>';
echo '<td width="70%"><input name="name" id="name" type="text" size="50" maxlength="65"/></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Input verification code:</b></font></td>';
echo '<td><input name="security_code" type="text" id="security_code"/> ';
echo '<img src="CaptchaSecurityImages.php" alt="Type this into the box" title="Type this into the box" /></td>';
echo '</tr>';
echo '<tr align="left" valign="top">';
echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>Message:</b></font></td>';
echo '<td><textarea name="message" cols="50" rows="5" id="message"></textarea></td>';
echo '</tr>';
echo '<tr valign="top">';
echo '<td align="right"><input type="reset" value="Clear Form" /></td>';
echo '<td align="left"><input type="hidden" name="actiontype" value="makereply" /><input name="id" type="hidden" value="'.$id.'" /><input name="Submit" type="submit" value="Add reply" /></td>';
echo '</tr>';
echo '</table></center>';
echo '</form>';
}

/*******************************************/

/* Selects and shows some details of posts which have zero as parentid. */

function showTopics(){
$rowcount = 0;
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){die('Not connected: ' . mysql_error());}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){die('Can not use database: '. mysql_error());}
$sql = "select * from forum where parentid=0";
$result = mysql_query($sql);
echo '<center><table border="0" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'">';
echo '<tr bgcolor="'.HEADINGBG.'"><td width="50%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Subject</b></font></td><td width="30%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Name</b></font></td><td width="5%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Views</b></font></td><td width="5%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Replies</b></font></td><td width="10%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Date/Time</b></font></td></tr>';
while($rows=mysql_fetch_array($result)){
  $rowbg = ($rowcount % 2) ? BGCOLOUR1 : BGCOLOUR2;
  echo '<tr bgcolor="'.$rowbg.'">';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><a href="index.php?id='.$rows['id'].'">'.$rows['subject'].'</td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['name']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['numviews']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['numreplies']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['datetime']).'</font></td>';
  echo '</tr>';
  $rowcount++;
}
mysql_close();
echo '</table></center>';
}

/*******************************************/

/* Shows all posts where parentid is equal to selected postid. */

function showReplies(){
$rowcount = 0;
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){die('Not connected: ' . mysql_error());}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){die('Can not use database: '. mysql_error());}
$id = $_POST['id'];
$sql = "select * from forum where id='$id'";
$result = mysql_query($sql);
$rows = mysql_fetch_array($result);
echo '<h2><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'">Subject: '.stripslashes($rows['subject']).'</font></h2>';
echo '<center><table width="100%" border="0" cellspacing="'.SPACING.'" cellpadding="'.PADDING.'">';
echo '<tr bgcolor="'.HEADINGBG.'"><td width="15%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>User</b></font></td><td width="85%"><font color="'.HEADINGTEXT.'" size="'.HEADINGSIZE.'"><b>Message</b></font></td></tr>';
echo '<tr><td><font size="'.TEXTSIZE.'" color="'.TEXTCOLOUR.'">'.stripslashes($rows['name']).'</font><br><font size="'.MINITEXT.'" color="'.TEXTCOLOUR.'">'.stripslashes($rows['datetime']).'</font></td><td><font size="'.TEXTSIZE.'" color="'.TEXTCOLOUR.'">'.stripslashes($rows['message']).'</font></td></tr>';
$sql2 = "select * from forum where parentid='$id' order by datetime asc";
$result2 = mysql_query($sql2);
while($rows=mysql_fetch_array($result2)){
  $rowbg = ($rowcount % 2) ? $bgcolour1 : $bgcolour2;
  echo '<tr bgcolor="'.$rowbg.'">';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'"><b>'.stripslashes($rows['name']).'</b></font><br><font color="'.TEXTCOLOUR.'" size="'.$minitext.'">'.stripslashes($rows['datetime']).'</font></td>';
  echo '<td><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">'.stripslashes($rows['message']).'</font></td>';
  echo '</tr>';
  $rowcount++;
}
$sql3 = "select numviews from forum where id='$id'";
$result3 = mysql_query($sql3);
$rows = mysql_fetch_array($result3);
$view = $rows['numviews']+1;
$sql4 = "update forum set view='$view' where id='$id'";
$result5 = mysql_query($sql4);
mysql_close();
}

/*******************************************/

/* Insert new thread into database. */

function addThread(){
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){
  die('Not connected: ' . mysql_error());
}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){
  die('Can not use database: '. mysql_error());
}
$name = mysql_real_escape_string(addslashes($_POST['name']));
$message = mysql_real_escape_string(addslashes($_POST['message']));
$subject = mysql_real_escape_string(addslashes($_POST['subject']));
$datetime = date("d/m/y H:i:s");
$parentid = 0;
$sql = "insert into forum(name, message, datetime, subject, parentid) values('$name', '$message', '$datetime', '$subject', '$parentid')";
if($result = mysql_query($sql)){
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">New thread successfully created.</font><br>';
}
else{
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Could not create thread. <a href="index.php">Return to forum.</a></font><br>';
}
mysql_close();
}

/*******************************************/

/* Insert new post into database. */

function addReply(){
$link = mysql_connect(DBHOST, DBUSER, DBPASS);
if(!$link){
  die('Not connected: ' . mysql_error());
}
$db_selected = mysql_select_db(DBNAME, $link);
if(!$db_selected){
  die('Can not use database: '. mysql_error());
}
$parentid = mysql_real_escape_string(addslashes($_POST['id']));
$name = mysql_real_escape_string(addslashes($_POST['name']));
$message = mysql_real_escape_string(addslashes($_POST['message']));
$datetime = date("d/m/y H:i:s");
$sql = "insert into forum(parentid, name, message, datetime) values('$parentid', '$name', '$message', '$datetime')";
if($result = mysql_query($sql)){
//  $sql2 = "select max(numreplies) from forum";
//  $result2 = mysqlquery($sql2)+1;
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Post successfully added to thread.</font><br>';
  $sql3 = "update forum set numreplies = '$maxpostid' where id='$parentid'";
  $result3 = mysql_query($sql3);
}
else{
  echo '<br><font color="'.TEXTCOLOUR.'" size="'.TEXTSIZE.'">Could not add post. <a href="index.php">Return to forum.</a></font><br>';
}
mysql_close();
}

/*******************************************/

/* This switch decides which action to perform. */

if(isset($_POST['actiontype'])){
switch($actiontype){
  case 'maketopic':
   if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ){
    addThread();
    unset($_SESSION['security_code']);
    showFormTopic();
    showTopics();
   }
   else{
    wrongCode();
   }
   break;
  case 'makereply':
   if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ){
    addReply();
    unset($_SESSION['security_code']);
    showFormReply();
    showReplies();
   }
   else{
    wrongCode();
   }
   break;
  case 'showreplies':
   showFormReply();
   showReplies();
   break;
  case 'showtopics':
  default:
   showFormTopic();
   showTopics();
   break;
}
}
else{
/* Show list of threads and output form. */
  showFormTopic();
  showTopics();
}

/*******************************************/

/* Include page footer. */

// include("forumfooter.html");

echo '</body></html>';

?>

Obviousy it has a lot of problems.  Could someone please try running that themselves?  I know already my SQL is all messed up.  Oh, here's the database table:

<?php

$sql = "
CREATE TABLE `forum` (
  `id` int(5) unsigned NOT NULL auto_increment,
  `parentid` int(5) unsigned NOT NULL default '0',
  `subject` varchar(255) default NULL,
  `message` text NOT NULL,
  `name` varchar(65) NOT NULL,
  `datetime` varchar(25) NOT NULL,
  `numviews` int(5) unsigned NOT NULL default '0',
  `numreplies` int(5) unsigned NOT NULL default '0',
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
";

mysql_connect("$host", "$username", "$password")or die("Can not connect to database.");
mysql_select_db("$db_name")or die("can not select database.");
mysql_query($sql) or die(mysql_error());

?>

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.