Hey. I just posted an issue concerning this same script. It was resolved so quickly, I figured I'd post this new issue in hopes of finding some quick fix also. Any help would be greatly appreciated.

Any time someone doesn't finish filling in the form, the script is designed to give them an error code. For some reason, it also stops anything below the printed error code from loading, which includes some important footer information to complete the page design. AKA, it looks like crap. lol

Here's the code I'm working with:

<?

//connect to your database
require_once($_SERVER['DOCUMENT_ROOT'].'/source/scripts/comments/config.php');

//query comments for this page of this article
$inf = "SELECT * FROM `comments` WHERE `page` = '".STRIPSLASHES($_SERVER['REQUEST_URI'])."' ORDER BY `time` ASC";
 $info = mysql_query($inf);
     if(!$info) die(mysql_error());


   $info_rows = mysql_num_rows($info);
if($info_rows > 0) {
   echo '<a name="comments"></a><h3>Comments:</h3>';
   echo '<table width="100%">';

while($info2 = mysql_fetch_object($info)) {    
echo '<tr>';
echo '<td class="bubbledescription"><b>"'.stripslashes($info2->subject).'" by: <a href="'.$info2->contact.'">'.stripslashes($info2->username).'</a></b> <div align="left" class="smallertext">'.date('h:i:s a', $info2->time).' on '.$info2->date.'</div></td> '; echo '</tr><tr>'; echo '<td class="bubbledescription"> '.stripslashes($info2->comment).'<br /><br /></td>'; echo '</tr>'; }//end while echo '</table>'; echo '<hr width="95%" noshade>'; } else echo '<em>No one has commmented yet. Be the first. You know you want to. <br /><br /></em>'; if(isset($_POST['submit'])) { if(!addslashes($_POST['username'])) die('<u>ERROR:</u> Make sure you entered a username for your comment.'); if(!addslashes($_POST['contact'])) die('<u>ERROR:</u> Make sure that you entered a contact address or web-site.'); if(!addslashes($_POST['subject'])) die('<u>ERROR:</u> Make sure you put a subject on your comment.'); if(!addslashes($_POST['comment'])) die('<u>ERROR:</u> You did not enter a comment.'); //this is for a valid contact if(substr($_POST['contact'],0,7) != 'mailto:' && !strstr($_POST['contact'],'//')) { if(strstr($_POST['contact'],'@')) $_POST['contact'] = "mailto:".$_POST['contact'].""; else $_POST['contact'] = "http://".$_POST['contact'].""; } //end valid contact //try to prevent multiple posts and flooding... $c = "SELECT * from `comments` WHERE ip = '".$_SERVER['REMOTE_ADDR']."'"; $c2 = mysql_query($c); while($c3 = mysql_fetch_object($c2)) { $difference = time() - $c3->time; if($difference < 60) die('<u>ALERT:</u> '.$c3->username.', Please wait one minute between comments. Also, refresh the page if you cannot see the bottom portion of the page.<BR>'); } //end while //add comment $q ="INSERT INTO `comments` (article_id, page, date, time, username, ip, contact, subject, comment) VALUES ('".$_GET['id']."', '".$_POST['page']."', '".$_POST['date']."', '".$_POST['time']."', '".addslashes(htmlspecialchars($_POST['username']))."', '".$_SERVER['REMOTE_ADDR']."', '".addslashes(htmlspecialchars($_POST['contact']))."', '".addslashes(htmlspecialchars($_POST['subject']))."', '".addslashes(nl2br(htmlspecialchars($_POST['comment'])))."')"; $q2 = mysql_query($q); if(!$q2) die(mysql_error()); //refresh page so they can see new comment header('Location: http://' . $_SERVER['HTTP_HOST'] . $_POST['page'] . "#comments"); } else { //display form ?> <form name="comments" action="<? $_SERVER['PHP_SELF']; ?>" method="post"> <input type="hidden" name="page" value="<? echo($_SERVER['REQUEST_URI']); ?>"> <input type="hidden" name="date" value="<? echo(date("F j, Y.")); ?>"> <input type="hidden" name="time" value="<? echo(time()); ?>"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="commentformLeftColumn"><div align="right">Name: </div></td> <td class="commentformRightColumn"><input name="username" type="text" size="30" value="" class="commentformTextField"></td> </tr> <tr> <td class="commentformLeftColumn"><div align="right">Contact: </div></td> <td class="commentformRightColumn"><input type="text" name="contact" size="30" value="" class="commentformTextField"> <i>(e-mail or web-site) </i></td> </tr> <td class="commentformLeftColumn"><div align="right">Subject: </div></td> <td class="commentformRightColumn"><input type="text" name="subject" size="30" value="" class="commentformTextField"></td> </tr> <tr> <td class="commentformLeftColumn"><div align="right">Comment: </div></td> <td class="commentformRightColumn"><textarea name="comment" cols="45" rows="5" wrap="VIRTUAL" class="commentformTextArea"></textarea></td> </tr> <tr> <td></td> <td colspan="2" class="commentformRightColumn"><input type="submit" name="submit" value="Add Comment" class="commentformSubmit"></td> </tr> </table> </form> <? } // end else ?>

For an example of the problem, you can visit the page below. Just fill out the form partially and you'll see the problem:

http://www.collegeisamovie.com/movies/passed/

Thanks in advance for any help anyone can provide.

    [man]die[/man] terminates the program; nothing after that point is executed.
    Solution: don't use die().

      try storing all the errors in an array, than you can print each error when you need to. i use an associative array with the keys being the field name. so, when you do error checking, if you encounter an error, add it to the error array.

        I'm so new to PHP it's not even funny. Can I just remove the die()? That probably won't work. I don't know how to store things in arrays. What's the easiest solution of of the two and how to I execute it? Or another one?

          try this on for size:

          <?php
          
          $errors = array();
          
          if(isset($_POST['submit'])){
          
            if(!isset($_POST['username']) && !empty($_POST['username'])){
                $errors['username'] = '<u>ERROR:</u> Make sure you entered a username '
                                                   .'foryour comment.';
            }
            if(!isset($_POST['contact']) && !empty($_POST['contact'])){
                $errors['contact'] = '<u>ERROR:</u> Make sure that you entered a contact '
                                              .'address or web-site.';
            }
            if(!isset($_POST['subject']) && !empty($_POST['subject'])){
                $errors['subject'] = '<u>ERROR:</u> Make sure you put a subject on your '
                                              .'comment.';
            }
            if(!isset($_POST['comment']) && !empty($_POST['comment'])){
                $errors['comment'] = '<u>ERROR:</u> You did not enter a comment.';
            }
          
          
             //this is for a valid contact
            if(substr($_POST['contact'],0,7) != 'mailto:' && !strstr($_POST['contact'],'//')){
                        if(strstr($_POST['contact'],'@'))
                          $_POST['contact'] = "mailto:".$_POST['contact']."";
                        else
                          $_POST['contact'] = "http://".$_POST['contact']."";
             } //end valid contact
          
             //try to prevent multiple posts and flooding...
             $c = "SELECT * from `comments` WHERE ip = '".$_SERVER['REMOTE_ADDR']."'";
             $c2 = mysql_query($c) or die(mysql_error());
             while($c3 = mysql_fetch_object($c2)){
                 $difference = time() - $c3->time;
                 if($difference < 60){
                    $errors['flood'] = '<u>ALERT:</u> '.$c3->username.', Please wait one minute between '
          	    					   .'comments. Also, refresh the page if you cannot see the bottom '
          							   .'portion of the page.<BR>';
          	   }
             } //end while
             if(count($errors) == 0){
                 //add comment
                 $q = "INSERT INTO `comments` "
          	   	   ."(article_id, page, date, time, username, ip, contact, subject, comment) "
          		   ."VALUES ('".$_GET['id']."', '".$_POST['page']."', '".$_POST['date']."', '"
          		   .$_POST['time']."', '".addslashes(htmlspecialchars($_POST['username']))."', '"
          		   .$_SERVER['REMOTE_ADDR']."', '".addslashes(htmlspecialchars($_POST['contact']))."', '"
          		   .addslashes(htmlspecialchars($_POST['subject']))."', '"
          		   .addslashes(nl2br(htmlspecialchars($_POST['comment'])))."')";
          
             $q2 = mysql_query($q) or die(mysql_error());
             if($q2){
             		//refresh page so they can see new comment
             		header('Location: http://' . $_SERVER['HTTP_HOST'] . $_POST['page'] . '#comments');
             }
             }
          }
          //}else{  //display form
          
          if(array_key_exists('flood', $errors)){
              echo $errors['flood'];
          }
          ?>
          <form name="comments" action="<? $_SERVER['PHP_SELF']; ?>" method="post">
          
          <input type="hidden" name="page" value="<? echo($_SERVER['REQUEST_URI']); ?>">
          <input type="hidden" name="date" value="<? echo(date("F j, Y.")); ?>">
          <input type="hidden" name="time" value="<? echo(time()); ?>">
          
          <table width="100%" border="0" cellspacing="0" cellpadding="0">
             <tr>
                <td class="commentformLeftColumn"><div align="right">Name:   </div></td>
                 <td class="commentformRightColumn"><input name="username" type="text" size="30" value="" class="commentformTextField">
          <?php
          if(array_key_exists('username', $errors)){
              echo $errors['username'];
          }
          ?>
          </td>
             </tr>
              <tr>
                <td class="commentformLeftColumn"><div align="right">Contact:   </div></td>
                <td class="commentformRightColumn"><input type="text" name="contact" size="30" value="" class="commentformTextField">
                <i>(e-mail or web-site) </i>
          <?php
          if(array_key_exists('contact', $errors)){
              echo $errors['contact'];
          }
          ?>
          </td>
              </tr>
              <td class="commentformLeftColumn"><div align="right">Subject:   </div></td>
              <td class="commentformRightColumn"><input type="text" name="subject" size="30" value="" class="commentformTextField">
          <?php
          if(array_key_exists('subject', $errors)){
              echo $errors['subject'];
          }
          ?>
          </td>
              </tr>
              <tr>
                <td class="commentformLeftColumn"><div align="right">Comment:   </div></td>
                <td class="commentformRightColumn"><textarea name="comment" cols="45" rows="5" wrap="VIRTUAL" class="commentformTextArea"></textarea>
          <?php
          if(array_key_exists('comment', $errors)){
              echo $errors['comment'];
          }
          ?>
          </td>
              </tr>
              <tr>
                <td></td>
                <td colspan="2" class="commentformRightColumn"><input type="submit" name="submit" value="Add Comment" class="commentformSubmit"></td>
              </tr>
            </table>
          </form>
          

          needs some work on preventing sql injection and some other security measures, but it gets the error thing done with an array.

          hope this helps

            7 days later

            What exactly do I need to keep from my old script? Because this one doesn't connect to my database. I tried keeping the top portion where it does connect, but then the errors wouldn't work. It basically allowed anyone to comment without filling in any of the required sections.

              Write a Reply...