Need pro Help with making a edit page on a Guestbook

Chrysanthus

Hi All

i can say this that i do not know anyone has solved this that im trying to do....

The thing is that im trying to make a edit page on my guestbook.
The only thing that is missing is a edit view with a submit form and the old post in it but i wount it on the same skript.

Here is all the code...

<?php 
$username = $_POST["username"]; 
$password = $_POST["password"]; 
$password2 = $_POST["password2"]; 
$email = $_POST["email"]; 
$set = $_POST["set"]; 
$action=$_POST["action"]; 
$postID=$_GET["postID"]; 
$post=$_POST["post"]; 

function usersyntax_is_valid($username) { 

return !preg_match("/[^a-zA-Z0-9_]/", $username);  
} 


if ($set=="set") { 

   $username_control = 1; 
   $username2_control = 1; 
   $username3_control = 1; 
   $username4_control = 1; 
   $password_control = 1; 
   $password2_control = 1; 
   $password3_control = 1; 
   $password4_control = 1; 
   $password5_control = 1; 

   $main_control = 1; 
   $main_control2 = 0; 

   if($username == ""){ 
     $empty_username = "Ooops! - You forgot to enter your username."; 
   $username_control = 0; 
   $main_control = 0; 
   } 

   elseif(strlen($username) < 4){ 
   $empty_username = "Ooops! - Your username should be at least 4 letters long."; 
   $username2_control = 0; 
   $main_control = 0; 
   } 

   elseif(strlen($username) > 20){ 
   $empty_username = "Ooops! - Your username can't be larger than 20 letters."; 
   $username3_control = 0; 
   $main_control = 0; 
   } 

   elseif(!usersyntax_is_valid($username)) { 
      $empty_username = " Ooops! - Incorrect username format."; 
      $username4_control = 0; 
      $main_control = 0; 
      } 

   elseif($password == ""){ 
   $empty_password = "Ooops! - You forgot to enter your password."; 
   $password_control = 0; 
   $main_control = 0; 
   } 

   elseif(strlen($password) < 4){ 
   $empty_password = "Ooops! - Your password should be at least 4 letters long."; 
   $password4_control = 0; 
   $main_control = 0; 
   } 

   elseif(strlen($password) > 20){ 
   $empty_password = "Ooops! - Your password can't be larger than 20 letters."; 
   $password5_control = 0; 
   $main_control = 0; 
   } 


   elseif($main_control = 1){ 
      $str = $username; 
      $str = strtolower($str); 
         require('./functions.php'); 

      if ($action == "edit_two") {
      $result = mysql_query("SELECT * FROM guestbook WHERE (ID='$postID' AND username='$username' AND password='$password')") or die (mysql_error()); 
      if ($str = mysql_num_rows($result) == 0) { 
      $incorrect_info = "Ooops! - That Username or Password is not correct, or the post does not belong to you"; 
      $main_control2 = 1; 
      mysql_close($starta); 

    }
	$post = mysql_fetch_array($result);
	mysql_free_result($result);
	$post['post'] = ereg_replace("<br>", "", $post['post']);
	showheader("Edit Your post");
  } 
 } 
}

if($main_control2 != 1 && $main_control == 1) { 

}


?> 



<form action="<?=$PHP_SELF?>" method="post" name="hej"> 

<INPUT TYPE="hidden" name="postID" value="<?php echo $postID ?>"> 
<INPUT TYPE="hidden" name="action" value="edit_two"> 

              <input type="text" name="username" size="15" class="inputSidebar" value="<?php 
              if($username_control != 0){ echo $_POST['username'];} 
              elseif(username2_control !=0){ echo $_POST['username'];} 
              elseif(username3_control !=0){ echo $_POST['username'];} 
              elseif(username4_control !=0){ echo $_POST['username'];} 
              else{ echo ''; }  ?>" style="width: 150px; float: right;"> 
              <B>Enter your username/nickname:</B> 
              <br><br><?php echo $empty_username; ?> 


              <input type="password" name="password" size="15" class="inputSidebar" value="<?php 
              if($password_control != 0){ echo $_POST['password'];} 
              elseif($password4_control !=0){ echo $_POST['password'];} 
              elseif($password5_control !=0){ echo $_POST['password'];} 
              else{ echo ''; }  ?>"style="width: 150px; float: right;"> 
              <B>Enter your password:</B> 
              <br><br><?php echo $empty_password; ?> 


              <B>Edit Post info:</B> 
              <p><BR> 
              To be able to edit you post you must enter your username and your<br> 
              registerd password!<br><bR> 
              If you do not remember your password we on flameline.com <bR> 
              can mail you the password on you registers e-mail accout<br> 
              <br> 
              </p> 

              <INPUT TYPE="SUBMIT" class="button" NAME="Submit" VALUE="Edit post" style="width: 88px; height: 20px; float: left;">
              <?php echo $incorrect_info; ?> 
              <?php echo $goto; ?> 
              <input type="hidden" name="set" value="set"> 

           </form>

// Leif

parawizard

so you need to make a edit page for editing entries in your guestbook VIA through login of the user? but you want this code all in the same PHP file?

Chrysanthus

Yeah if its possible? butt the loggin part is already finished the only thing thats is misssing is the edite part of the post.

I have lookt on changeing my form to the exampel below but then the if checks dosent work! and i kind of wanna keep them becuse im wanna use the same structure on the holl guestbook..

form action="insert-editedguestbookpost.php?postID=<?php echo $post['ID'] ?>" method="post" name="hej"> " method="post" name="hej">

but i make it sow the if checks dosent work sow if you have some god ides on how to do this possible...

parawizard

well hmmm so how about u make a seperate EDIT guestbook entry php file.

editentry.php or something like that

In this php file youll wanna do something like this

1) get the postID from the URL ?variable
2) get the post you want to edit from the database and store into variable called $entry and the POSTID
3) you want to output the post like this in html after you have written the above PHP


<?

if($_GET['process']=="yes")
{

$postID = $_GET['postID'];
$newentry = $_POST['entry'];

mysql_connect(localhost,$dbuser,$dbpass) or die( "Unable to connect to MYSQL server" );
@mysql_select_db($dbname) or die( "Unable to select database");

//update query
$query = "UPDATE tablehere SET entry ='$newentry' WHERE ID='$postid";
mysql_query($query);

redirect();

}


function redirect()
{
?>
<script>
var link = "enter your guestbook display page link here";
self.location = link;
</script>
<?
}
?>



<html>

<head>

  <title>Edit Post</title>
</head>

<body>



<form action="editentry.php?postid=<? echo $postid; ?>&process=yes" method="POST">

<table border="0" cellpadding="0" cellspacing="5">
<tr>
	<td align="right">
	<b>Edit Post</b>
	</td>

</tr>

<tr>
	<td align="right"  valign="top">
	Post:
	</td>
	<td>
<TEXTAREA NAME="entry" rows="15" cols="70"> <? echo $entry; ?>
</TEXTAREA><br>
    </td>
</tr>

<tr>
	<td>
    <input type="submit" value="Submit Post" />
	</td>
</tr>

</form>


</body>

</html>

hope that helps youll have to edit some things to make it work good. use this code in a seperate PHP file work much better and cleaner. youll have to edit a few lines to get it working but its basic structure of how to do it

Chrysanthus

Thanks i will look in to it! must sleep now...

Chrysanthus

How can i make it possible to jump to annoter page after all the ifs is correct...

now it jumps with out checking the ifs first....

here is the code... i changed the fist part ....


<?


<form action="insert-editedguestbookpost.php?postID=<?php echo $post['ID'] ?>" method="post" name="hej"> 

<INPUT TYPE="hidden" name="postID" value="<?php echo $postID ?>"> 
<INPUT TYPE="hidden" name="action" value="edit_two"> 

              <input type="text" name="username" size="15" class="inputSidebar" value="<?php  
              if($username_control != 0){ echo $_POST['username'];}  
              elseif(username2_control !=0){ echo $_POST['username'];}  
              elseif(username3_control !=0){ echo $_POST['username'];}  
              elseif(username4_control !=0){ echo $_POST['username'];}  
              else{ echo ''; }  ?>" style="width: 150px; float: right;"> 
              <B>Enter your username/nickname:</B> 
              <br><br><?php echo $empty_username; ?>  


              <input type="password" name="password" size="15" class="inputSidebar" value="<?php  
              if($password_control != 0){ echo $_POST['password'];}  
              elseif($password4_control !=0){ echo $_POST['password'];}  
              elseif($password5_control !=0){ echo $_POST['password'];}  
              else{ echo ''; }  ?>"style="width: 150px; float: right;"> 
              <B>Enter your password:</B> 
              <br><br><?php echo $empty_password; ?>  


              <B>Edit Post info:</B> 
              <p><BR> 
              To be able to edit you post you must enter your username and your<br> 
              registerd password!<br><bR> 
              If you do not remember your password we on flameline.com <bR> 
              can mail you the password on you registers e-mail accout<br> 
              <br> 
              </p> 

              <INPUT TYPE="SUBMIT" class="button" NAME="Submit" VALUE="Edit post" style="width: 88px; height: 20px; float: left;"> 
              <?php echo $incorrect_info; ?>  
              <?php echo $goto; ?>  
              <input type="hidden" name="set" value="set"> 

           </form>

parawizard

is that all your code? and wut do u mean its redirected before the ifs? dont u have to edit the entry? before you insert it?

Chrysanthus

Sorry for being sow non corecct about my task....

I mean before you can edite you page you must confirm that you are the person that ownes the post,
sow no body else can edite you post...

then when you have confirme that you are the rightfull owner to the post by enering right password and username...

then you can enter insert-editedguestbookpost.php........

now i have don the check page the only thing that is left is to jump to the other page after all the if's are right but i see to not konw how....

parawizard

how about instead of checking on that page check on the insert edit page.php file. so add the checks on the top of the page. So pass the username and password variables through to the edit page then at the top of the edit page do the checks like this sorta idea


<? 

// checks

if($postusername=$username)
{

if($postpassword=$password)
      {

put all guestbook editing code here

       }

?>

Chrysanthus

Okey but i have allmost finished this and i would rateher have the check on the fist page becuse everything is finished exept the the checks...

see here i give you all the skripts...

Here is the skript that's edite, poste and delete the pages....

function.php

<?php

include ("../Management/mysqlcondbio.php");

function showheader($title) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<TITLE> <?php echo $title ?> </TITLE>
</HEAD>

<BODY BGCOLOR="#FFFFFF">
<?php
}

function showfooter() {
?>
</BODY>
</HTML>
<?php
}

function viewpost ($newsID) {

// Lägger upp postsen i ordning

$post_query = mysql_query("SELECT * FROM guestbook ORDER BY postorderstamp") or die (mysql_error());
	while ($post = mysql_fetch_array($post_query)) {
} 
if (mysql_num_rows($post_query) < 1) {
?>
<TR height=300>
	<TD WIDTH=100% BGCOLOR="#FFFFFF" HEIGHT=28 VALIGN=TOP colspan=2>
	<CENTER><FONT SIZE="-1" FACE="Trebuchet MS,Arial,Helvetica">
	<BR><B>There Are No Posts Currently For This Topic</B><BR><BR></CENTER>
	</TD>
</TR>
<?php } ?>
</TABLE>
</TD></TR>
</TABLE>
<?php
}

// Lägger till en post

function addpost () {
$password=$_SESSION["password"]; 
$email=$_SESSION["email"]; 
$username=$_SESSION["username"]; 

global $password,$email,$username,$post,$topicID;
	$dst = 0; 
	$timestamp = gmdate("Y-m-d H:i:s", time() + 3600 + $dst * 3600); 
	$new_password = addslashes($password); 	$new_email = addslashes($email);
	$new_name = addslashes($username);
	$new_post = addslashes(htmlspecialchars($post));
	$insert = mysql_query("INSERT INTO guestbook VALUES ('NULL','$topicID','$new_name','$new_email','$new_password','$new_post','$timestamp')");
	if (mysql_error() != "") {
		showheader("MySQL Error ".mysql_error());
		?>
		<br><p><center><b>There was a MySQL Error -- <?php echo mysql_error() ?></b></center></p>
		<?php
		showfooter();
		exit;
	}
}

// Editerar en post

function editpost () {
global $postID,$post;
	$new_post = addslashes(htmlspecialchars($post));
	$insert = mysql_query("UPDATE guestbook SET post='$new_post' WHERE (ID='$postID')");
	if (mysql_error() != "") {
		showheader("MySQL Error ".mysql_error());
		?>
		<br><p><center><b><FONT SIZE="-1" FACE="Trebuchet MS,Arial,Helvetica">There was a MySQL Error -- <?php echo mysql_error() ?></b></center></p>
		<?php
		showfooter();
		exit;
	}
}

// Tar bort en post

function deletepost () {
global $postID;
$post_query = mysql_query("DELETE FROM guestbook WHERE (ID='$postID')");
	if (mysql_error() != "") {
		showheader("MySQL Error ".mysql_error());
		?>
		<br><p><center><b><FONT SIZE="-1" FACE="Trebuchet MS,Arial,Helvetica">There was a MySQL Error -- <?php echo mysql_error() ?></b></center></p>
		<?php
		showfooter();
		exit;
	}
}

?>

Here is the edited page where i wanna he checks to work but i do not know how to fix it....

edit-guestbookpost.php

<?php 
$username = $_POST["username"]; 
$password = $_POST["password"]; 
$password2 = $_POST["password2"]; 
$email = $_POST["email"]; 
$set = $_POST["set"]; 
$action=$_POST["action"]; 
$postID=$_GET["postID"]; 
$post=$_POST["post"]; 

function usersyntax_is_valid($username) { 

return !preg_match("/[^a-zA-Z0-9_]/", $username);  
} 


if ($set=="set") { 

   $username_control = 1; 
   $username2_control = 1; 
   $username3_control = 1; 
   $username4_control = 1; 
   $password_control = 1; 
   $password2_control = 1; 
   $password3_control = 1; 
   $password4_control = 1; 
   $password5_control = 1; 

   $main_control = 1; 
   $main_control2 = 0; 

   if($username == ""){
  	$empty_username = 	"Ooops! - You forgot to enter your username.
						&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
						&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
						&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
	$username_control = 0;
	$main_control = 0;
	}

elseif(strlen($username) < 4){
$empty_username = "Ooops! - Your username should be at least 4 letters long.
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
$username2_control = 0;
$main_control = 0;
}

elseif(strlen($username) > 20){
$empty_username = "Ooops! - Your username can't be larger than 20 letters.
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
$username3_control = 0;
$main_control = 0;
}

elseif(!usersyntax_is_valid($username)) { 
$empty_username = "Ooops! - Incorrect username format.
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
$username4_control = 0; 
$main_control = 0; 
} 

elseif($password == ""){
$empty_password = "Ooops! - You forgot to enter your password.
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
$password_control = 0;
$main_control = 0;
}

elseif(strlen($password) < 4){
$empty_password = "Ooops! - Your password should be at least 4 letters long.

				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
$password4_control = 0;
$main_control = 0;
}

elseif(strlen($password) > 20){
$empty_password = "Ooops! - Your password can't be larger than 20 letters.
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
$password5_control = 0;
$main_control = 0;
}

   elseif($main_control = 1){ 
      $str = $username; 
      $str = strtolower($str); 
         require('./functions.php'); 

      if ($action == "edit_two") {
      $result = mysql_query("SELECT * FROM guestbook WHERE (ID='$postID' AND username='$username' AND password='$password')") or die (mysql_error()); 
      if ($str = mysql_num_rows($result) == 0) { 
      $incorrect_info = "Ooops! - That Username or Password is not correct, or the post does not belong to you "; 
      $main_control2 = 1; 
      mysql_close($starta);
    }
 } 
   } 
}

if($main_control2 != 1 && $main_control == 1) { 

}
?>



<form action="insert-editedguestbookpost.php?postID=<?php echo 
$postID ?>" method="POST"> 

<INPUT TYPE="hidden" name="postID" value="<?php echo $postID ?>"> 
<INPUT TYPE="hidden" name="action" value="edit_two"> 

              <input type="text" name="username" size="15" class="inputSidebar" value="<?php 
              if($username_control != 0){ echo $_POST['username'];} 
              elseif(username2_control !=0){ echo $_POST['username'];} 
              elseif(username3_control !=0){ echo $_POST['username'];} 
              elseif(username4_control !=0){ echo $_POST['username'];} 
              else{ echo ''; }  ?>" style="width: 150px; float: right;"> 
              <B>Enter your username/nickname:</B> 
              <br><br><?php echo $empty_username; ?> 


              <input type="password" name="password" size="15" class="inputSidebar" value="<?php 
              if($password_control != 0){ echo $_POST['password'];} 
              elseif($password4_control !=0){ echo $_POST['password'];} 
              elseif($password5_control !=0){ echo $_POST['password'];} 
              else{ echo ''; }  ?>"style="width: 150px; float: right;"> 
              <B>Enter your password:</B> 
              <br><br><?php echo $empty_password; ?> 


              <B>Edit Post info:</B> 
              <p><BR> 
              To be able to edit you post you must enter your username and your<br> 
              registerd password!<br><bR> 
              If you do not remember your password we on flameline.com <bR> 
              can mail you the password on you registers e-mail accout<br> 
              <br> 

	   		<input type="button" class="button" value="View Posts" style="width: 88px; height: 20px; float: right;" onclick="document.location.href='../guestbook/guestbookview.php'"> 

              <INPUT TYPE="SUBMIT" class="button" NAME="Submit" VALUE="Edite Post" style="width: 88px; height: 20px;"> 
			  <?php echo $incorrect_info; ?>
              <?php echo $goto; ?> 
              <input type="hidden" name="set" value="set"> 



           </form>

Chrysanthus

And here is the insert page where i insert the typed post in to
mysql the only thing is that i have no checks if there are any enterd values in the $_POST sow any one can edite anyes page, thats not god....

insert-editedguestbookpost.php

[Php]
<?php

$username = $POST["username"];
$password = $POST["password"];
$set = $POST["set"];
$action=$POST["action"];
$postID=$GET["postID"];
$post=$POST["post"];

if ($set=="set") {

$username_control = 1;

$main_control = 1;
$main_control2 = 0;

if($username == ""){
$empty_username = "Ooops! - You forgot to enter your username.";
$username_control = 0;
$main_control = 0;
}

elseif($main_control = 1){
$str = $username;
$str = strtolower($str);
require('./functions.php');

      	$result = mysql_query("SELECT * FROM guestbook WHERE (ID='$postID' AND username='$username' AND password='$password')") or die (mysql_error()); 
      	if ($str = mysql_num_rows($result) == 0) { 
      	$incorrect_info = "Ooops! - That Username or Password is not correct, or the post does not belong to you"; 
      	$main_control2 = 1; 
      	mysql_close($starta); 

    	}
		$post = mysql_fetch_array($result);
		mysql_free_result($result);
		$post['Post'] = ereg_replace("<br>", "", $post['Post']);
		showheader("Edit Your post");
	}

}
if($main_control2 != 1 && $main_control == 1) {

}

elseif ($action == "edit_three") {
require('./functions.php');
editpost();

$edited_poste = "Thanks! - Your Post has been Edited";
$goto = "<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

			Hit View Posts Button To See All<br>

			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
			Guestbookpost.</p>";
}

?>
<FORM METHOD=POST ACTION="<?php echo $PHP_SELF ?>">
<INPUT TYPE="hidden" name="action" value="edit_three">
<INPUT TYPE="hidden" name="postID" value="<?php echo $postID ?>">
<B>Post info:</B>
<p><BR>
Posts appear exactly as you have submitted them.<br>
HTML will not be allowed, every thing converted into harmless text.<br>
Therefore, you cannot have HTML formatting in you post.<br>
<br>
</p>

<INPUT TYPE="RESET" class="button" NAME="Reset" VALUE="Clear Fields" style="width: 88px; height: 20px; float: right;">
<INPUT TYPE="SUBMIT" class="button" NAME="submit1" VALUE="Submit Post <? $incorrect_info?>" style="width: 88px; height: 20px;">
 <?php echo $edited_poste; ?>
<input type="hidden" name="set" value="set">
</FORM>
<FORM>
<input type="button" class="button" value="View Posts" style="width: 88px; height: 20px; float: right;" onclick="document.location.href='../guestbook/guestbookview.php'">
<?php echo $goto; ?>
</FORM>
[/code]

parawizard

you have a TON OF CODE that you DO NOT NEED. way to much stuff in there im going to attempt in cleaning it up for you 🙂 give me a hour lol

also are these spaces?

     &nbsp    

y not use <BR> tag?

parawizard

hmmm i cant add the checks in for you man your whole code structure is very messy and confusing. If you would like I will help you restructure your whole GUESTBOOK.

I see that you are trying to make somewhat of a USER PANEL so the user can edit/delete his posts?

with the code how it is now theres no wonder its causing you problems. I am willing to do alot of work with you on this one if you want me to help 🙂

Chrysanthus

Am sorry for all the krapp code i have enterd it was just a temprary fix i made to make it look fin...

But any how i manage to fix up the code a bit!!......

the things that work and are finished now is

add-guestbookpost.php
delete-guestbookpost.php
function.php

I have on edite-guestbook.php now maked it possible to prevents someone from jumping to the insert-guestbookpost.page but not if i anyone type the url direct to the page but that will be fixt in time i think! :p

the only things with editepage is that i must hit the edit post button 2 times before i can enter insert-guestbookpost.page even if i have enterd the right password and username...

Arg that is not what i wount 🙁 , the grate part is that it checks now with the ifs Yeahhh :p

here see i what i change.....


<?php 
$username = $_POST["username"]; 
$password = $_POST["password"]; 
$password2 = $_POST["password2"];
$set = $_POST["set"]; 
$action=$_POST["action"]; 
$postID=$_GET["postID"]; 
$post=$_POST["post"]; 

function usersyntax_is_valid($username) { 

return !preg_match("/[^a-zA-Z0-9_]/", $username);  
} 


if ($set=="set") { 

   $username_control = 1; 
   $username2_control = 1; 
   $username3_control = 1; 
   $username4_control = 1; 
   $password_control = 1; 
   $password2_control = 1; 
   $password3_control = 1; 
   $password4_control = 1; 
   $password5_control = 1; 

   $main_control = 1; 
   $main_control2 = 0; 

   if($username == ""){
  	$empty_username = 	"Ooops! - You forgot to enter your username.<br>";
	$username_control = 0;
	$main_control = 0;
	}

elseif(strlen($username) < 4){
$empty_username = "Ooops! - Your username should be at least 4 letters long.<br>";
$username2_control = 0;
$main_control = 0;
}

elseif(strlen($username) > 20){
$empty_username = "Ooops! - Your username can't be larger than 20 letters.<br>";
$username3_control = 0;
$main_control = 0;
}

elseif(!usersyntax_is_valid($username)) { 
$empty_username = "Ooops! - Incorrect username format.<br>";
$username4_control = 0; 
$main_control = 0; 
} 

elseif($password == ""){
$empty_password = "Ooops! - You forgot to enter your password.<br>";
$password_control = 0;
$main_control = 0;
}

elseif(strlen($password) < 4){
$empty_password = "Ooops! - Your password should be at least 4 letters long.<br>";
$password4_control = 0;
$main_control = 0;
}

elseif(strlen($password) > 20){
$empty_password = "Ooops! - Your password can't be larger than 20 letters.<br>";
$password5_control = 0;
$main_control = 0;
}

   elseif($main_control = 1){ 
      $str = $username; 
      $str = strtolower($str); 
         require('./functions.php'); 

      if ($action == "edit_two") {
      $result = mysql_query("SELECT * FROM guestbook WHERE (ID='$postID' AND username='$username' AND password='$password')") or die (mysql_error()); 
      if ($str = mysql_num_rows($result) == 0) { 
      $incorrect_info = "&nbsp; Ooops! <br><br>
	  					That Username Or Password Is Not Correct,<br> 
						Or The Post Does Not Belong To You.";
      $main_control2 = 1; 
      mysql_close($starta);
    }
 } 
   } 
}

if($main_control2 != 1 && $main_control == 1) { 

?>
<form action="insert-editedguestbookpost.php?postID=<?php echo 
$postID ?>" method="post"> 

<? 
}
?>



<form action="<?php echo $PHP_SELF ?>" method="POST"> 
<INPUT TYPE="hidden" name="action" value="edit_two"> 
<INPUT TYPE="hidden" name="postID" value="<?php echo $postID ?>">


              <input type="text" name="username" size="15" class="inputSidebar" value="<?php 
              if($username_control != 0){ echo $_POST['username'];} 
              elseif(username2_control !=0){ echo $_POST['username'];} 
              elseif(username3_control !=0){ echo $_POST['username'];} 
              elseif(username4_control !=0){ echo $_POST['username'];} 
              else{ echo ''; }  ?>" style="width: 150px; float: right;"> 
              <B>Enter your username/nickname:</B> 
              <br><br><?php echo $empty_username; ?> 


              <input type="password" name="password" size="15" class="inputSidebar" value="<?php 
              if($password_control != 0){ echo $_POST['password'];} 
              elseif($password4_control !=0){ echo $_POST['password'];} 
              elseif($password5_control !=0){ echo $_POST['password'];} 
              else{ echo ''; }  ?>"style="width: 150px; float: right;"> 
              <B>Enter your password:</B> 
              <br><br><?php echo $empty_password; ?> 


              <B>Edit Post info:</B> 
              <p><BR> 
              To be able to edit you post you must enter your username and your<br> 
              registerd password!<br><bR> 
              If you do not remember your password we on flameline.com <bR> 
              can mail you the password on you registers e-mail accout<br> 
              <br> 

	   		<input type="button" class="button" value="View Posts" style="width: 88px; height: 20px; float: right;" onclick="document.location.href='../guestbook/guestbookview.php'"> 

              <INPUT TYPE="SUBMIT" class="button" NAME="Submit" VALUE="Edite Post" style="width: 88px; height: 20px;"> 
			  <?php echo $incorrect_info; ?>
              <?php echo $goto; ?> 
              <input type="hidden" name="set" value="set"> 



           </form>

parawizard

if you want to make your code alot neater i can show you how to structure it differently and have better security.

your username/post thing is a different way of doing things hehe. In the future you would probally want to make a Users table in ur database to hold all users?

you code isnt krap its good 🙂 but not structured. structering it is the key! i suggest to make a login() to check if its not the right user or pass. u already have code for this function somewhat already. I can help u but i got school so after school. You can email me for my msn or something

Chrysanthus

Okay but now login it's a free guestbook and the ide is that any one can post and edite there owne post,

The login part have i fixt with sessions i my site where there is a non public newsbord/guestbook that is working with login and session sow that is not what im seeking for.....

But you maybee taking aboute something else i do not know??

any how is still bad dov to dump all the code i have workt on and i hade only the edite user check part left :eek:

🙁 🙁 🙁 🙁

parawizard

your not gonna really dump much code at all you just going to refine the steps and order of what your doing. youll just be arranging the steps in a different order and combing things into a function rather then having a whole bunch of IF steps. like for example instead of having the main control BOOLS you just have everything protected by a username/ password check so if there is no login there IS NO DISPLAY. Really i was looking at the code yesterday. im talking free open news group still 🙂 you will only have to clean up a edit guestbook and insert-guestbook files thats all.

another example is instead of outputting errors on login in the forms u can just output them using a function. I have coded my own PHP forum already and i have done it a few ways and i found that the best way to do it was use a access control page.

basically what a accesscontrol.php file does is

1) check if a username and password is in a session
2) check these usernames and passwords with ones from database
3) if username and password dont work output login screen

to protect a page you would just include('accesscontrol.php'); and the login part is done 🙂 i played with your code for about a hour or so yesterday and i couldnt get a working usercheck. I'd say maybe 1 hour or maybe 2 and you could have this thing working.

check your PMs

Chrysanthus

But still i dont wount a login page... i just want it to be open for other users to make posts and edite post or delete post without a login.....

parawizard

i thought u click edit post and u have to login to edit your posT?

am i write or am i wrong!??!?!?!?

at some point i thought you had to login to edit your post?

parawizard

what im saying is MAKE a extra PHP file called accesscontrol.php get it to check if the user already has a session or start one then if they dont display a login. after they login and the username and pass is ok they can post. rather then having your login IFs and checks in the same PHP file its alot easier to do the checks in a included PHP file

so instead of having your login checks in the same PHP file. You make a seperate file and u just need to go

include 'accesscontrol.php';

instead of having IFs and Sessions in the edit guestbook file