I built an annonymous question/comment and answer system to be used by students and their professors. It has been working and I have about 12 questions asked by students along with 12 replies from their professors.
I have one reply to a question that is "hung", and I don't know why.
I have a question in the comment_queue table that is awaiting a reply.
When the professor tries to reply I get the following error:
Error performing query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 't Drive Like My Brother', 'I'm not sure if this question was deleted on accident' at line 1
This is working for all other questions and replies.
The fields in the comment_queue table are as follows: The field name and its value
cid = 7
title = Don't Drive Like My Brother
time =2008-02-04 19:44:58
course_id = 12
ipaddress = 71.74.216.73
comment_text = I''m not sure if this question was deleted on accident or if it was deleted because it may not be entirely relevant to our medical education.
What is the meaning of the phrase, "Don''t Drive Like my Brother" that appeared several times in the notes for the cardiovascular course?
When this question get replied to all this is supposed to get written to the comment table and a reply gets written to the reply table.
The replies are getting written, but the insert into the comment table is not. This is only happening for this one record.
Here are the two functions that handle this.
function postReply($cid) {
global $AllowableHTML, $db;
OpenTable();
$result = $db->sql_query("SELECT * FROM comment_queue cq JOIN course c
ON (cq.course_id = c.course_id)
WHERE cid = '$cid'");
while ($row = $db->sql_fetchrow($result)) {
$name = 'Annonymous';
$title = stripslashes(check_words(check_html($row['title'], 'nohtml')));
$comment_text = stripslashes(check_words(check_html($row['comment_text'], 'html')));
$timestamp = $row['timestamp'];
$formatdate = date("M j, Y g: i A",strtotime("$timestamp"));
$course_name = $row['course_fullname'];
OpenTable();
echo "<form method=\"POST\" action=\"" .$_SERVER['PHP_SELF'] ."\">\n";
echo "<table width=\"99%\" bgcolor=\"#EFEFEF\" border=\"1\" CELLPADDING=\"10\" CELLSPACING=\"10\"><tr><td width=\"500\" >";
echo "<p><b>Course: $course_name </b><br />";
echo "<p>Title: $title<br />";
echo "<p>By $name On $formatdate</p><br />";
echo "<div class=\"content\">$comment_text</div></td></tr></table><br /><br />";
CloseTable();
echo"<hr>";
}
OpenTable();
echo "<div class=\"content\">";
echo "<form method=\"post\" action=\"" .$_SERVER['PHP_SELF'] ."\">\n";
echo "<div>"
.'<b>'._REPLYTEXT.':</b> ('._HTMLISFINE.')<br />'
."<textarea cols=\"50\" rows=\"12\" name=\"reply_text\"></textarea><br />";
echo '</div><p>('._AREYOUSURE.')</p><p>'._ALLOWEDHTML.'<br />';
while (list($key) = each($AllowableHTML)) echo ' <'.$key.'>';
echo"</p><p><input type=\"submit\" name=\"submit\" value=\"Submit\" /> "
."<input name=\"op\" type=\"hidden\" value=\"submitReply\" />"
."<input name=\"cid\" type=\"hidden\" value=\"$cid\" />";
echo "<br/></p></form></div>";
CloseTable();
}
function submitReply($cid) {
global $AllowableHTML, $db;
$cid = $_POST['cid'];
$reply_text = $_POST['reply_text'];
$reply_text = FixQuotes(filter_text($reply_text, 'nohtml'));
$reply_text = FixQuotes(check_words(check_html($reply_text)));
OpenTable();
echo"<tr><td>Thank you Muddy for your reply. </td></tr></br >";
echo"<tr><td>The question and your reply are now displayed on the main page.</td></tr></br >";
$result = $db->sql_query("INSERT INTO reply (rid, cid, r_time, reply_text)". "VALUES(NULL, '$cid', now(), '$reply_text')");
if (!$result) {
echo("<p>Error performing query: " . mysql_error() . "</p>");
exit();
}
$result = $db->sql_query("SELECT * FROM comment_queue WHERE cid = '$cid'");
while ($row = $db->sql_fetchrow($result)) {
$title = $row['title'];
$comment_text = $row['comment_text'];
$timestamp = $row['timestamp'];
$course_id = $row['course_id'];
$ipaddress = $row['ipaddress'];
}
$sql = $db->sql_query("INSERT INTO comments (cid, title, comment_text, course_id, time, ipaddress)". "VALUES('$cid', '$title', '$comment_text', '$course_id', '$timestamp', '$ipaddress')");
//die('<br />$sql = '.$sql.'<br />');
if (!$sql) {
echo("<p>Error performing query: " . mysql_error() . "</p>");
exit();
}
$sql2 = $db->sql_query("DELETE FROM comment_queue WHERE cid = '$cid'");
if (!$sql2) {
echo("<p>Error performing query: " . mysql_error() . "</p>");
exit();
}
$result = $db->sql_query("SELECT * FROM comment_queue WHERE course_id = $course_id");
$num_rows = mysql_num_rows($result);
if (($num_rows) > 0) {
echo"<META HTTP-EQUIV=\"refresh\" CONTENT=\"2; URL= index.php?op=listQuestions&course_id=$course_id\">";
}else{
echo"<META HTTP-EQUIV=\"refresh\" CONTENT=\"2; URL= ../index.php?op=question&course_id=$course_id\">";
}
CloseTable();
}
When I uncomment this
die('<br />$sql = '.$sql.'<br />');
it displayes all the correct information I am trying to insert.
I don't know why this is choking on this one record. So far it's been working fine.
I think it is throwing the error right after the
die('<br />$sql = '.$sql.'<br />');
code.
My comment table looks like this:
cid int(11) No 0
title varchar(80) Yes NULL
time datetime Yes NULL
comment_text text Yes NULL
course_id int(10) No 1
ipaddress varchar(15) No 0
