Help with PHP Code!

res_123

Hello everybody,

Could somebody please help me out with my php code.

I am currently building a forum system. I have a reply box under each threads where the user types in the reply and click on the button. But now I want to have a link below say 'reply' where the user can click on it which then redirects it to another page with the reply box.

Here is the code which basically sends the info to my reply.php from topic.php......

echo "<form method=\"post\" action=\"./index.php?act=reply&id=".$row['id']."\">\n";
				    echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:100%\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td></tr>\n";
					echo "</table>\n";

and my reply.php

<?php

if(!$_SESSION['uid']){
header("Location: index.php");
}

if(!$_POST['submit']){
	echo "Invalid usage of file";
}else {
	$tid = mss($_GET['id']);
	$msg = mss($_POST['reply']);


if(!$tid){
	echo "You did not supply a topic to add a reply to";
}else {
	$sql = "SELECT * FROM `forum_topics` WHERE `id`='".$tid."'";
	$res = mysql_query($sql) or die(mysql_error());
	if(mysql_num_rows($res) == 0){
		echo "This topic does not exist";
	}else {
		$row = mysql_fetch_assoc($res);
		echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td</tr>\n";
	    $sql2 = "SELECT admin FROM `forum_sub_cats` WHERE `id`='".$row['cid']."'";
		$res2 = mysql_query($sql2) or die(mysql_error());
		$row2 = mysql_fetch_assoc($res2);
		echo "</table>\n";
		if($row2['admin'] == 1 && $admin_user_level == 0){
			echo "You do not have sufficient priveleges to add a reply to this topic";
		}else {
		      if(!$msg){
		               echo "You did not supply a reply";
			       }else {
				     if(strlen($msg) < 10 || strlen($msg) > 10000){
					echo "Your reply must be between 10 and 10,000 characters!";
					}else {
						$date = date("d-m-y") ." at ". date("h-i-s");
						$time = time(); 
						$sql3 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."')";
						$res3 = mysql_query($sql3) or die(mysql_error());
						$sql4 = "UPDATE `forum_topics` SET `time`='".time()."' WHERE `id`='".$tid."'";
						$res4 = mysql_query($sql4) or die(mysql_error);

						header("Location: ./index.php?act=topic&id=".$tid); 
						}
				 }
		      }
      }	
}
}
?>

Please advice

Thanks in advance

bpat1434

So what's the question? Rename reply.php to reply-process.php and make reply.php the destination when someone clicks the reply button.

Or, the easier thing is to just modify reply.php to show an input form when $_POST is empty instead of echoing an error message.

res_123

bpat1434;10908120 wrote:
So what's the question? Rename reply.php to reply-process.php and make reply.php the destination when someone clicks the reply button.

Or, the easier thing is to just modify reply.php to show an input form when $_POST is empty instead of echoing an error message.

Mate thanks for your advice.....everything is working fine.

Now I have another issue, where I am trying to reply to a comment instead to the topic posted. In other terms nested replies.

I have a reply_id in my forum_replies which is NULL if it is a reply to the topic and in other case store the ID of the comment to which a reply is been made.

something like this:

forum_replies
id - tid - uid - message - date - time - edit_time - reply_id
33 10 4 hey 20/03/2009 1237593182 0 NULL
34 10 6 hey yourself 21/03/2009 1237563999 0 33

So therefore I have to know the ID of the post so that it is inserted into the reply_id.........and assign a new ID to the reply as shown above.

I have adjusted my code as posted below but I am still confused with the SQL side.......could you please shed some light:

<?php

if(!$_SESSION['uid']){
header("Location: index.php");
}

//if(!$_POST['submit']){
//	echo "Invalid usage of file";
//}else {

$msg = mss($_POST['reply']);
$tid = mss($_GET['id']);


if($tid){
	$tid = mss($_GET['id']);
	$sql = "SELECT * FROM `forum_replies` WHERE `id`='".$tid."'";
	$res = mysql_query($sql) or die(mysql_error());
	if(mysql_num_rows($res) == 0){
		echo "This topic does not exist!";
	}else {
		$row = mysql_fetch_assoc($res);

		if(!$_POST['submit']){
		echo "<form method=\"post\" action=\"./index.php?act=test&id=".$row['id']."\">\n";
		echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";			    
		echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td></tr>\n";
		echo "</table>\n";
	}else{
		if($row2['admin'] == 1 && $admin_user_level == 0){
			echo "You do not have sufficient priveleges to add a reply to this topic";
		}else {
		      if(!$msg){
		               echo "You did not supply a reply";
			       }else {
				     if(strlen($msg) < 10 || strlen($msg) > 10000){
					echo "Your reply must be between 10 and 10,000 characters!";
					}else {
						$date = date("d-m-y") ." at ". date("h-i-s");
						$time = time();

						$sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time``reply_id`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."','".$reply_id."')";
						$res4 = mysql_query($sql3) or die(mysql_error());

						header("Location: ./index.php?act=topic&id=".$tid); 
						}

					}		
				 }
			  }
		   }	
	    }

?>

benreisner

Change your form to include the reply_id in their submission, for example:

echo "<form method=\"post\" action=\"./index.php?act=reply&id=".$row['id']."&reply_id=".$row2['reply_id']."\">\n";

And just extract it in your action segment:

	$reply_id = mss($_GET['id']);

Note that your segment where you display the reply form (or the link to the reply form) must include the ID of the message to which is being replied. You will generate a form/link for the topic and for each current reply.

res_123

benreisner;10908284 wrote:
Change your form to include the reply_id in their submission, for example:
echo "<form method=\"post\" action=\"./index.php?act=reply&id=".$row['id']."&reply_id=".$row2['reply_id']."\">\n";
And just extract it in your action segment:
	$reply_id = mss($_GET['id']);
Note that your segment where you display the reply form (or the link to the reply form) must include the ID of the message to which is being replied. You will generate a form/link for the topic and for each current reply.

Thanks mate for your help.....🙂

I made the changes you advised and its giving an error saying query is empty???

Note that your segment where you display the reply form (or the link to the reply form) must include the ID of the message to which is being replied. You will generate a form/link for the topic and for each current reply.

Do I need to include the 'reply_id' in the link to the reply form???/ as at the moment it is :

<a href=\"index.php?act=test&id=".$rowr['id']."\"><img src=\"quoteIcon.gif\">;

Also one more thing when the error is displayed on the form in the address bar the reply_id has no ID in it.....like this:

http://localhost/login/index.php?act=test&id=36&reply_id=

Thanks

benreisner

res_123;10908292 wrote:
Do I need to include the 'reply_id' in the link to the reply form???

Yes

res_123

benreisner;10908298 wrote:
Yes

I changed it mate for the reply link.....and its displays this on the address bar:

index.php?act=test&id=35&reply_id=

There is nothing after

reply_id=

😕 its just blank.........

But it is getting the id of the comment left as you can see above in the link id=35

Thanks

res_123

I have a feeling there is something wrong here but dunno what:o

if(strlen($msg) < 10 || strlen($msg) > 10000){
						echo "Your reply must be between 10 and 10,000 characters!";
						}else {
							$date = date("d-m-y") ." at ". date("h-i-s");
							$time = time();

						$sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`,`reply_id`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time."','".$reply_id."')";
						$res4 = mysql_query($sql3) or die(mysql_error());

						header("Location: ./index.php?act=topic&id=".$tid); 
						}