Comment Forms?

[unsider]

Hey,

 

I am curious how you would could a form/php involved that allows the user to enter their comment (1 text box), but it retrieves the session/user login values to determine what user posted that specific comment, so that it is necessary to be a member, and those who aren't members are prompted to log in.

 

A simple test if the user is a member or not, and if so retrieve the username when submitted.

 

 

[teng84]

you have to check if session id or username in your session variables has been set..

 

eg..

if(!isset($_SESSION['username'])){
header('location: login.php');
}
else{
//allow to post
}

 

[unsider]

No one minds if I work on it in here? I may request for help, but I want to learn, therefore doing it myself.

 

 

Well, I would like for the user to click the submit button, and then have the if statement be executed, and if not logined n, be prompted to, and if so, store the comment into the DB with the session username, other variables, etc...

 

Can someone help fix my code to work properly? Thanks I did my best.

 

<h2>Comments Form</h2>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method='post' id='commentform'>

<p><input type='text' name='name' id='name' value='' size='22' tabindex='1' />
<label for='author'><small>Name (required)</small></label></p>

<p><textarea name='commenttext' id='commenttext' cols='60' rows='10' tabindex='4'></textarea></p>

<p><input name='submit' type='submit' id='submit' tabindex='5' value='Submit Comment' />

<?php

// how do I incorporate into the form?

if(!isset($_SESSION['username'])){
header('location: login.php'); // prompted to login
}
else{

// SUBMIT 

if(isset($_POST['commenttext'], $_SESSION['username'])) {


$sql = "INSERT INTO 'database' SET
		commenttext ='$commenttext',
		commentdate =NOW(),
		username = $_SESSION['username'];	

	if (!@mysql_query($sql)) {
		echo 'Error adding query: ' . mysql_error();
}

}

?>

<input type='hidden' name='comment_post_ID' value='13' /></p>

</form>

[trq]

Can someone help fix my code to work properly?

 

If you could specify exactly what it is you want to do. Your code doesn't help at all, just confuses.

[unsider]

1. Everything loads, including the form it is displayed to to both users/non-users.

2. One form (commenttext, which is basically the text you input your opinions, etc...)

3. The user clicks the submit button, and if he != logged in, he is prompted to log in.

4. If he is logged in, the form is submitted with the $_SESSION['username'] as the username, therefore confirming he is a member and allowing us to see what user has posted this comment.

5. The variables are then input into the DB: $_SESSION['username'], $commenttext, $date, etc (anything for the form).

 

I'm just not certain how to execute the if statement when the user clicks the submit button, and insert the $_SESSION['username'] value into the DB as 'username'.

 

I'm really trying to explain it well, sorry if it's unclear.

[trq]

Firstly, move all your php out from out of between the form, it simply does not need to be there. Put it at the bottom.

 

Your code is almost fine, theres just a few syntax errors.

 

<?php

if (!isset($_SESSION['username'])) {
  header('location: login.php');
  exit();
} else {
  if (isset($_POST['commenttext'])) {
    $comment = mysql_real_escape_string($_POST['commenttext']);
    $sql = "
      INSERT INTO database (
        commenttext, commentdate, username
      ) VALUES (
        '$comment',NOW(),'{$_SESSION['username']}'
    ";	

    if (!@mysql_query($sql)) {
      echo 'Error adding query: ' . mysql_error();
    }
  }
}

?>

[unsider]

Thank you very much for correcting my syntax.

 

One more question if you can bare with me. 

 

How do I perform an action when the submit button is clicked by the user? So that the php code you helped correct can be put to good use.

[trq]

That code will be executed when the user hits the submit button on the form. Your forms action simply needs to point to the script you wish to run when the form is submitted.

[unsider]

Oh, alright

 

Thank you very much for you help.