|
PHP - Commenting System
Hi,
I'm trying to code a very basic commenting system, my only worries is how I'm going on about disabling the user from putting any html php etc.. in the comment so it gets displayed on the page.. I have on idea of what to look for, any help is much appreciated I considdered this: strip_tags() but what i want is to display the comment just without actually executing the code if you get me? Similar TutorialsHello, Basically i am following this tutorial -: http://tutorialzine.com/2010/06/simple-ajax-commenting-system/ for a website I am creating. But in that tutorial when you write a comment you add a name, I was wondering is it possible instead for my website to use the users username as I have a login system that I created from folowing a tutorial on the same site. I am new to PHP and web creation so please keep the comments simple. And I'm talking as basic as you can go! I'm trying to implement a commenting system on my website for news articles I post, and I've only gotten as far as creating the script to connect to my database (I use mysql). I've tried every open source script online for this app and I've not been able to get any one to work within my website. They'll work on separate blank html pages, but I can't figure out how to put the code into my existing pages, which is a huge problem. As a result, I've resorted to creating my own script, which shouldn't be too difficult to make. If anyone could possibly describe a step by step process on how this can be done I would be incredibly grateful! Just note that I don't want to use ajax, jscript or any other languages like that, just PHP. Another question I have, is how would I organize my database to include all news articles, and comments with a news article "id"? Would I need to put both in separate tables and just assign each comment with the uniqe id associated with whatever news article? And the last thing, I want pagination for my news. I have it to where if I insert a news article column into my table "mynews", it'll show up on the home page, but how and where would I insert a pagination code to make the articles "paginate"? Hi im pretty new to php but I was following a tutorial for a commenting system and implemented it onto my blog page. Anyway the problem I have is that as you go down the page each blog post displays its own comments + the comments for the posts above it. I have checked the database and the data seems to link the correct comments to the correct posts so I am confused to why this is happening. I have looked over my code and cant seem to find a problem (probably because I suck!). Here is the code for the blog page... Code: [Select] <?php include_once ("scripts/checkuserlog.php"); include_once ("scripts/connectToMysql.php"); include_once ("functions/agoTime.php"); $myObject = new convertToAgo; $username = ''; $errorMsg = ''; $successMsg = ''; $date = date("m.d.y"); if (isset($_GET['id'])) { $id = preg_replace('#[^0-9]#i', '', $_GET['id']); } else if (isset($_SESSION['idx'])) { $id = $logOptions_id; } else { header("location: index.php"); exit(); } $id = preg_replace('#[^0-9]#i', '', $id); $sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1"); $existCount = mysql_num_rows($sql); if ($existCount == 0) { header("location: index.php?msg=user_does_not_exist"); exit(); } while($row = mysql_fetch_array($sql)){ $username = $row["username"]; } if(isset($_POST['workoutName'])){ $workoutName = $_POST['workoutName']; $workoutDescription = $_POST['workoutDescription']; if ((!$workoutName) || (!$workoutDescription)) { $errorMsg = 'Please fill in both fields'; } else { $insertBlog = mysql_query("INSERT INTO blog (userid, workoutName, workoutDescription, datetime) VALUES ('$id', '$workoutName', '$workoutDescription', now())") or die(mysql_error()); if ($insertBlog){ $successMsg = '<span class="errorMsg">Workout blogged successfully</span>'; } else { $errorMsg = '<span class="errorMsg">Problems arose during the information exchange, please try again later.</span>'; } } } $getBlog = mysql_query("SELECT * FROM blog WHERE userid='$id' ORDER BY id DESC"); $blogEntries = mysql_num_rows($getBlog); if($blogEntries < 1){ $blogDisplay = '<span class="blogName">' .$username. ' has not blogged a workout yet</span>'; } else { while($row = mysql_fetch_array($getBlog)){ $blogEntryId = $row["id"]; $sql_comment = mysql_query("SELECT * FROM blog_comments WHERE post_id='$blogEntryId' ORDER BY id ASC"); $countComment = mysql_num_rows($sql_comment); if($countComment > 0){ while($row2 = mysql_fetch_array($sql_comment)){ $comment_user_id = $row2["comment_user_id"]; $sql_comment_username = mysql_query("SELECT username FROM members WHERE id='$comment_user_id' LIMIT 1"); while($row3 = mysql_fetch_array($sql_comment_username)){ $comment_username = $row3["username"];} $post_id = $row2["post_id"]; $commentBody = $row2["comment_body"]; $commentDate = $row2["comment_date"]; $displayCommentList .= '<div>' .$comment_username. ' - ' .$commentBody. ' - ' .$commentDate. '</div>'; } } else { $displayCommentList = ''; } $workoutName = $row["workoutName"]; $workoutDescription = $row["workoutDescription"]; $blogDate = $row["datetime"]; $convertedTime = ($myObject -> convert_datetime($blogDate)); $blogDate = ($myObject -> makeAgo($convertedTime)); $blogDisplay .= '<table width="950px"><tr bgcolor="#DBE4FD"><td><span class="blogName">' .$workoutName. '</span> » <span class="blogDate">' .$blogDate. '</span></td></tr> <tr bgcolor="#F1F4FE"><td><span class="blackText">' .$workoutDescription. '</span></td></tr> <tr bgcolor="#DBE4FD" valign="top"><td>' .$displayCommentList. '</td></tr> <div id="new_comment' .$blogEntryId. '" style="display:none"></div> <tr><td><textarea id="comment' .$blogEntryId. '"></textarea><input type="submit" value="Comment" onclick="javascript:SendComment(\''.$blogEntryId.'\');" /></td></tr>'; if(isset($_SESSION['id'])&&$_SESSION['id']==$id){ $blogDisplay .= '<tr bgcolor="#DBE4FD"><td><a href="editBlogPost.php?id=' .$blogEntryId. '"><span class="blackText">Edit Post</span></a> &#8211; <span class="blackText">Delete Post</span></td></tr></table><br /><br />'; } } } if(isset($_POST['deleteButton'])){ $deleteBlog = mysql_query("DELETE FROM blog WHERE id='$blogEntryId'"); if($deleteBlog){ $successMsg = 'Blog entry deleted successfully'; } else { $errorMsg = 'Could not process your request, please try again later'; } } ?> <?php if (isset($_SESSION['id'])&&$_SESSION['id']==$id) { $blogForm = '<table bgcolor="#DBE4FD" width="950px"> <form action="member_blog.php" method="post" enctype="multipart/form-data"> <tr> <td width="200px"><span class="blackText">Workout Name:</span></td><td width="650px"><input name="workoutName" type="text" id="workoutName" /> <span class="blackText">Date: ' .$date. '</span></td></tr> <tr> <td><span class="blackText">Workout Description:</span></td><td><textarea name="workoutDescription" cols="75" rows="10" id="workoutDescription" /></textarea></td></tr> <tr><td><input name="submitBlog" id="submit" type="submit" value="Blog!" /></td><td><span class="errorMsg">' .$errorMsg. '' .$successMsg. '</span></td> </tr> </form> </table>'; } else { $blogForm = ''; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title><?php echo ("$username"); ?>'s Blog</title> <link href="style/layout.css" rel="stylesheet" type="text/css" /> <link href="style/main.css" rel="stylesheet" type="text/css" /> <script src="js/jquery-1.4.2.js" type="text/javascript"></script> <script language="javascript" type="text/javascript"> function SendComment(blogEntryId){ var comment_txt = $("#comment"+blogEntryId).val(); if(comment_txt == ""){ alert("Please enter a comment"); } else { $.post("scripts/blogComment.php", {comment: comment_txt, blogId: blogEntryId} ,function(data){ $("#new_comment"+blogEntryId).html(data); $("#new_comment"+blogEntryId).slideDown(300); }); } } </script> </head> <body> <div id="container"> <?php include_once ("bannerFiles/bannerTemplate.php"); ?> <?php include_once ("bannerFiles/bannerMenu.php"); ?><br /> <div id="content"> <span class="profileUsername"><?php echo ("$username"); ?>'s Workout Blog</span><br /><br /> <?php echo ("$blogDisplay"); ?><br /><br /> <?php echo ("$blogForm"); ?> </div><br /><br /> <?php include_once ("footerFiles/footerTemplate.php"); ?> </div> </body> </html> ...and here is the code for the blogComment.php page Code: [Select] <?php session_start(); include_once ("connectToMysql.php"); if(isset($_POST['comment'])){ $comment = $_POST['comment']; $blogId = $_POST['blogId']; $comment_user_id = $_SESSION['id']; $username = $_SESSION['username']; $sql = mysql_query("INSERT INTO blog_comments (comment_body, post_id, comment_user_id, comment_date) VALUES ('$comment', '$blogId', '$comment_user_id', now())"); echo '<div>' .$username. ' - ' .$comment. ' - Just Now</div>'; } else { echo "Failure"; } ?> Thanks in advance for any help I need some help with my commenting system. at the moment the code is like this: <div id="pagepannel"> <div id="ptop_small">Comments</div> <div id="pbottom_small"> <p> <?php // if ($allow_comments == "no") { ?> </p> <p>No Posting comments here!!!</p> <p> </p> <p> </p> <p> <?php } else ?> </p> <p> <?php $sql = "SELECT comment_id, blog_id, posted_by, comment, stamp, email, type FROM jscrgaming_newscomments WHERE blog_id='$blog_id' ORDER BY comment_id DESC"; $result = mysql_query($sql) or die('Error : ' . mysql_error()); while(list($comment_id, $blog_id_co, $username, $comment, $stamp, $email, $type) = mysql_fetch_array($result, MYSQL_NUM)) { if ($type == 'user'){ ?> </p> <table width="95%" border="0" cellpadding="0" cellspacing="0" class="full_border"> <tr> <td width="75" id="avatar"></td> <td><span class="capitalize"><a href="userinfo.php?user=<? echo $username ?>"><strong><? echo $username ?></strong></a></span><strong> posted</strong>: <? echo stripslashes($comment) ?></td> </tr> <tr> <td colspan="2" bgcolor="#CAE4FF" class="date"><? echo $stamp ?> </td> </tr> </table> <p> </p> <p> <? } else{ ?> </p> <table width="95%" border="0" cellpadding="0" cellspacing="0" class="full_border"> <tr> <td><strong> <? echo $username ?>posted</strong>: <? echo stripslashes($comment) ?></td> </tr> <tr> <td bgcolor="#CAE4FF" class="smalltext"><? echo $stamp ?>:: User Was Guest</td> </tr> </table> <p> </p> <p> <? } }?> </p> <p> <?php // if ($allow_comments == "restricted") { /** * User has already logged in, so display relavent links, including * a link to the admin center if the user is an administrator. */ if($session->logged_in){?> </p> <form id="form3" name="form3" method="post" action="user/admin/blog/comment_system/user.php"> <p> </p> <table width="95%" border="0" align="center" cellspacing="2" class="full_border"> <tr> <td colspan="2">You are commenting as <?php echo $session->username;?></td> </tr> <tr> <td width="75">Message</td> <td><textarea name="co_comment" cols="30" id="textfield10"></textarea></td> </tr> <tr> <td width="75"><span class="header"> <input name="co_username" type="hidden" id="co_username" value="<?php echo $session->username;?>" /> <input name="co_blog_id" type="hidden" id="co_blog_id" value="<?php echo $blog_id ?>" /> </span></td> <td><label> <input type="submit" class="blog_button" value=" Post " /> </label></td> </tr> <tr> <td> </td> <td class="smalltext">only 200 charaters can be used</td> </tr> </table> </form> <p> </p> <p> <? } else {?> </p> <p> </p> <table width="95%" border="0" align="center" cellspacing="2" class="full_border"> <tr> <td width="75"><span class="capitalize">Name</span></td> <td><label> <input name="textfield5" type="text" disabled="disabled" id="textfield5" size="35" /> </label></td> </tr> <tr> <td width="75">Email</td> <td><input name="textfield5" type="text" disabled="disabled" id="textfield6" size="35" /></td> </tr> <tr> <td width="75">Message</td> <td><textarea name="textfield5" cols="30" disabled="disabled" id="textfield7">You need to be logged in to comment.</textarea></td> </tr> <tr> <td width="75"> </td> <td><label> <input type="button" class="blog_button" value=" Post " /> </label></td> </tr> </table> <p> </p> <p> <?php } } else { if($session->logged_in){?> </p> <form id="form2" name="form2" method="post" action="user/admin/blog/comment_system/user.php"> <p> </p> <table width="95%" border="0" align="center" cellspacing="2" class="full_border"> <tr> <td colspan="2">You are commenting as <?php echo $session->username;?></td> </tr> <tr> <td width="75">Message</td> <td><textarea name="co_comment" cols="30" id="textfield8"></textarea></td> </tr> <tr> <td width="75"><input name="co_username" type="hidden" id="co_username" value="<?php echo $session->username;?>" /> <input name="co_blog_id" type="hidden" id="co_blog_id" value="<?php echo $blog_id ?>" /></td> <td><label> <input type="submit" class="blog_button" value=" Post " /> </label></td> </tr> <tr> <td> </td> <td><span class="smalltext">only 200 charaters can be used</span></td> </tr> </table> </form> <p> </p> <p> <? } else { ?> </p> <form id="form1" name="form1" method="post" action="user/admin/blog/comment_system/guest.php"> <p> </p> <table width="95%" border="0" align="center" cellspacing="2" class="full_border"> <tr> <td width="75"><span class="capitalize">Name</span></td> <td><label> <input name="co_username" type="text" id="co_username" size="35" /> </label></td> </tr> <tr> <td width="75">Email</td> <td><input name="guest_email" type="text" id="guest_email" size="35" /></td> </tr> <tr> <td width="75">Message</td> <td><textarea name="co_comment" cols="30" id="co_comment"></textarea></td> </tr> <tr> <td width="75">Spam</td> <td> </td> </tr> <tr> <td colspan="2" align="center"><? require_once('user/captcha/recaptchalib.php'); $publickey = "6Ld_W7sSAAAAAPNTLWrUJLEClFpSSPu1d1Ry5zNR"; // you got this from the signup page echo recaptcha_get_html($publickey); ?></td> </tr> <tr> <td colspan="2" align="right"><span class="smalltext">only 200 charaters can be used</span> <input name="co_blog_id" type="hidden" id="co_blog_id" value="<?php echo $blog_id ?>" /> <input type="submit" class="blog_button" value=" Post " /></td> </tr> </table> </form> <p> </p> <p> <? } } ?> </p> <p> </p> <div></div> </div> </div> I, know its a bit messy but lets me see it and design it in Dreamweaver Any way, for the comment system for users, I want it to show their avatar as well, which is stored in the users table. How would one do this. I did think of it submitting the avatar along with the post but then it wouldnt update if the user would to change their avatars :\ Any helps??? Short of deleting, how do I comment out code like this : <!-- IF not S_DISPLAY_RECENT --> <!-- INCLUDE portal/block/recent.html --> <!-- ENDIF --> Nesting <!-- --> /*...*/ // do not work. Thanks Hello, I'm trying to create a simple php blog thing, and I can't get the commenting to work.. blog.php?id=2 On that page, there is a form what is used to comment, it goes to send.php That php has this query in it: $yhteys = mysql_connect('10.5.49.32', '09A_user', 'pass'); mysql_select_db('09A_Jere', $yhteys); mysql_query("INSERT INTO `Blog_kommentit` (`kayttajat` , `kommentti` , `kirjid` ) VALUES ('$kayttajat', '$kommentti', '$id')") or die(mysql_error())$sql = "SELECT * FROM Blog_kommentit WHERE kirjid='$id' ORDER BY id";; mysql_close($yhteys); header('Location: ' . $_SERVER['HTTP_REFERER']); How can I make the $id to be previous pages id (2)? This shouldn't be anything hard and I'm kinda amazed why I am stuck in this, any help will be appreciated. If I just put $id I get this error: Code: [Select] Cannot add or update a child row: a foreign key constraint fails (`09A_Jere/Blog_kommentit`, CONSTRAINT `kommentti_kirjoitus` FOREIGN KEY (`kirjid`) REFERENCES `Blog_kirjoitukset` (`id`))Here is how my database works: (Kayttajat = username, kommentti = comment) Hey everyone! Thanks for taking the time to help. I have two files..a membership area and a commenting section. I am fairly new at these subjects but I am a quick learner. First off, I need help figuring out why my "register.php" in the members area file isn't working properly, everything looks to be ok but maybe I have been working on this too long. Quite frankly I can't check and see if all of the other scripts are correct because I can't get past the "register.php". So if you all wouldn't mind helping me out on this part, I would greatly appreciate it Secondly, I have a commenting section and in the "demo.php", there is a warning that appears as follows: "Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in C:\Program Files (x86)\EasyPHP-5.3.8.1\www\comments\demo.php on line 17 " If someone could tell me what is missing or help me figure out what to do in simple terms, I would greatly appreciate that as well. Thanks! Gene [attachment deleted by admin] I have spent almost 2 days looking for solution to the strangest error I have ever meet. Whenever I do commenting and my php script, the sricpt falls running. Code: [Select] <?php error_reporting(E_ALL | E_STRICT); echo 'test1'; //echo 'testi2'; echo 'test3'; flush(); ?> trigger_error("Here we are!", E_USER_ERROR); This will output: test1. I have tried lot of things to find out the problem but I can't get any error message and whenever I remove the comments, the script works absolute fine. The script works also with comments in my local server, but whenever I download it on the other server, the problem appears. The file encoding is a UTF-8 format without BOM, and the file is one part of my Yii application. I haven't relasized similar behaving in other scripts. I wonder if someone has some idea what could cause this kind of behaving? I'm very thankful to man who can give me ideas... hello dear PHP-Fans - greetings to you - and a happy new year!! i set up a WAMP-System on my openSuse 11.4 system. In order to learn as much as i can bout PHP i want to do some tests and write some scripts. Well the WAMP is allready up and running. Now i try to give the writing access to the folder mkdir /srv/www/ where the php-scripts should go in... i want to give write permission to all to all files in /srv/www As root I generally: mkdir /srv/www/ chown <webmaster usrername> /srv/www/ /srv/www/ should be readable and traversable by all, but only writeable by it's owner (the user designated as the webmaster.) can i do this like mentioned above,... Love to hear from you greetings db1
Hi this is my login script i do have the html if you need to see it please ask & i was wondering if anyone would be kind enough to tell me how i can get my ban system to work Thanks
<?php
require 'connect.php';
if(isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//Prevent hackers from using SQL Injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
$user_level = $_GET['user_level'];
$_SESSION['user_level'] = $user_level;
if($count == 1) {
$_SESSION['username'];
$_SESSION['password'];
header("Location: index.php");
} else {
echo "Please check the username and password you entered is correct.";
} if($_SESSION['user_level'] == 0) {
$_SESSION['username'];
$_SESSION['password'];
header("Location: index.php");
} else if($_SESSION['user_level'] == -1) {
die();
header("Location: banned.php");
} else if($_SESSION['user_level'] < -1) {
die();
echo "An error has occurred please contact your administrator.";
} else if($_SESSION['user_level'] == 1) {
$_SESSION['username'];
$_SESSION['password'];
header("Location: admin.php");
}
}
?>
Edited by Tom8001, 23 November 2014 - 12:18 PM. i am trying to add a like system to my forum similar to facebook where it shows how many people like a post. this is my code so far: $like_list = ""; $likes = explode("|", $post_info['post_likes']); $amount_likes = count($likes); $ac_likes = ($amount_likes / 2); $slice = array_slice($likes, 0, 4, true); $remain = array_slice($likes, 4, $ac_likes, true); $remain_num = count($remain); if ($ac_likes >= 4) { for($i=0; $i<$ac_likes; $i+=2) { $like_list .= $likes[$i].", "; } $like_list .= " and $remain_num others like this"; } elseif ($amount_likes == 1 ) { $like_list .= "0 people like this"; } elseif ($ac_likes == 1) { $like_list = implode(", ", $likes); $like_list .= " likes this"; } else { $like_list = implode(", ", $likes); $like_list .= " like this"; } $post_info['post_likes'] contains data like: Code: [Select] user1|123456789|user2|123456789 where the number is the timestamp. unfortunatly $like_list prints the username and the timestamp when i would like it to only display the username. This means printing every 2nd element in the array starting from 0. I have seen this done with for loops but i am not using one therefore i am stuck. Any ideas? and is this the best database setup for likes? the post_likes column is added on to the end of the post table. Hi all I have been looking though loads of tutorials regarding log in method for websites (not APIs), and cant help find that they are outdated. So I am asking what is the correct way to create a log in system using php? Modern websites use JavaScript for asynchronous web requests so this requirement should also be catered for. APIs and mobile apps use access tokens which is very secure if implemented correctly. Can we use the token principle for websites? As the way I see it that most php log in systems use php sessions and they create a session and save some data in this session when the user successfully authenticates, however the session id is held in a cookie so if the cookie is stolen then they have access to your account. API access tokens are expired and refreshed periodically so is there such a implementation method for web sites too? <form action='index.php' method='POST' enctype='multipart/form-dat'> <select name='votes'> <option>SEATOWN</option> <option>vote1</option> <option>vote2</option> <option>vote3</option> </select> <input type='submit' name='vote' value='Vote'> </form> <?php $vote=$_GET['votes']; if(isset($_POST['vote'])) { echo "voted"; echo $vote; } ?> why would this not echo out anything for $vote??? cheers matt Looking for the best way to set-up the db of a messaging system. Here's what I have so far (basically pulled from another forum), don't know if Table1 is even really necessary: Table1: id user_message_id recepient_id recepient_read Table2: user_message_id sender_id sender_read subject message created_at updated_at Basically it needs to function where, someone submits a message to the admin or moderator, the admin/moderators can review and reply, and then the user can submit another reply, and keeps going indefinitely. I want each reply to show up almost like a forum thread. How would I chain the reply messages to the original messages? I'm making a game where you earn points and lose points based on the actions that you take and the actions that your opponents take. What's the best way to create this system. Should I use mysql to store all the data and if so, should I set up the actions in a seperate table or should I just join the actions from all of my other tables. I'm not quite sure what the best method is. Here are some script that i have been working on and i seems to not work so i want to make a select friend list that when they select the friend that they want to send the message to it sends it to them , that sounded stupid but ya. so here is my script , kinda big . pm_inbox.php i did edit the code from its original state because its to big! so here is the sections where is most needed Code: [Select] <?php // Start_session, check if user is logged in or not, and connect to the database all in one included file include_once("scripts/checkuserlog.php"); ?> <?php if (!isset($_SESSION['idx'])) { echo '<br /><br /><font color="#FF0000">Your session has timed out</font> <p><a href="login.php">Please Click Here</a></p>'; exit(); } //THIS IS WHERE I STARTED $selecteduser = $_POST["selecteduser"]; $id = ""; $username = ""; $id = preg_replace('#[^0-9]#i', '', $id); $sql = mysql_query("SELECT * FROM myMembers WHERE id='$id' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $username = $row["username"]; $friend_array = $row["friend_array"]; $check_pic = "members/$id/image01.jpg"; $default_pic = "members/0/image01.jpg"; if (file_exists($check_pic)) { $user_pic = "<img src=\"$check_pic?$cacheBuster\" width=\"218px\" />"; } else { $user_pic = "<img src=\"$default_pic\" width=\"218px\" />"; } $selecteduser .= "<option value='$friend_array'>Friends</option>"; } // Decode the Session IDX variable and extract the user's ID from it $decryptedID = base64_decode($_SESSION['idx']); $id_array = explode("p3h9xfn8sq03hs2234", $decryptedID); $my_id = $id_array[1]; $my_uname = $_SESSION['username']; // Put user's first name into a local variable // ------- ESTABLISH THE INTERACTION TOKEN --------- $thisRandNum = rand(9999999999999,999999999999999999); $_SESSION['wipit'] = base64_encode($thisRandNum); // Will always overwrite itself each time this script runs // ------- END ESTABLISH THE INTERACTION TOKEN --------- ?> <?php // Mailbox Parsing for deleting inbox messages if (isset($_POST['deleteBtn'])) { foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); if ($key != "deleteBtn") { $sql = mysql_query("UPDATE private_messages SET recipientDelete='1', opened='1' WHERE id='$value' AND to_id='$my_id' LIMIT 1"); // Check to see if sender also removed from sent box, then it is safe to remove completely from system } } header("location: pm_inbox.php"); } ?> // Start Private Messaging stuff $('#pmForm').submit(function(){$('input[type=submit]', this).attr('disabled', 'disabled');}); function sendPM ( ) { var pmSubject = $("#pmSubject"); var pmTextArea = $("#pmTextArea"); var sendername = $("#pm_sender_name"); var senderid = $("#pm_sender_id"); var recName = $("#pm_rec_name"); var recID = $("#pm_rec_id"); var pm_wipit = $("#pmWipit"); var url = "scripts_for_profile/private_msg_parse.php"; if (pmSubject.val() == "") { $("#interactionResults").html('<img src="images/round_error.png" alt="Error" width="31" height="30" /> Please type a subject.').show().fadeOut(6000); } else if (pmTextArea.val() == "") { $("#interactionResults").html('<img src="images/round_error.png" alt="Error" width="31" height="30" /> Please type in your message.').show().fadeOut(6000); } else { $("#pmFormProcessGif").show(); $.post(url,{ subject: pmSubject.val(), message: pmTextArea.val(), senderName: sendername.val(), senderID: senderid.val(), rcpntName: recName.val(), rcpntID: recID.val(), thisWipit: pm_wipit.val() } , function(data) { $('#private_message').slideUp("medium"); $("#interactionResults").html(data).show().fadeOut(10000); document.pmForm.pmTextArea.value=''; document.pmForm.pmSubject.value=''; $("#pmFormProcessGif").hide(); }); } }function toggleViewAllFriends(x) { if ($('#'+x).is(":hidden")) { $('#'+x).fadeIn(200); } else { $('#'+x).fadeOut(200); } } // End Private Messaging stuff</script> <style type="text/css"> .hiddenDiv{display:none} #pmFormProcessGif{display:none} .msgDefault {font-weight:bold;} .msgRead {font-weight:100;color:#666;} </style> </head> <body> <div id="bg" class="stage"></div> <div id="container"> <div id="sun" class="stage"></div> <div id="clouds" class="stage"> <div id="stage" class="stage"> <?php include_once "header_template.php"; ?> <a href="#" onclick="return false" onmousedown="javascript:toggleInteractContainers('private_message');">Compose Message</a></div><div class="interactContainers" id="private_message"> <form action="javascript:sendPM();" name="pmForm" id="pmForm" method="post" type="hidden"> <font size="+1">Send A Private Message to <strong><em><?php echo "$selecteduser"; ?></em></strong></font><br /><br /> Subject: <input name="pmSubject" id="pmSubject" type="text" maxlength="64" style="width:98%;" /> Message: <textarea name="pmTextArea" id="pmTextArea" rows="8" style="width:98%;"></textarea> <input name="pm_sender_id" id="pm_sender_id" type="hidden" value="<?php echo $_SESSION['id']; ?>" /> <input name="pm_sender_name" id="pm_sender_name" type="hidden" value="<?php echo $_SESSION['username']; ?>" /> <input name="pm_rec_id" id="pm_rec_id" type="hidden" value="<?php echo $id; ?>" /> <input name="pm_rec_name" id="pm_rec_name" type="hidden" value="<?php echo $username; ?>" /> <input name="pmWipit" id="pmWipit" type="hidden" value="<?php echo $thisRandNum; ?>" /> <span id="PMStatus" style="color:#F00;"></span> <br /><input name="pmSubmit" type="submit" value="Submit" /> or <a href="#" onclick="return false" onmousedown="javascript:toggleInteractContainers('private_message');">Close</a> <span id="pmFormProcessGif" style="display:none;"><img src="images/loading.gif" width="28" height="10" alt="Loading" /></span></form> </div> <span id="jsbox" style="display:none"></span> </td> </tr> </table> I've created a template system. I've got a function to assign a page (the templates are in /template/skin). It all works fine in the main root, but if I had a directory it won't work. $dir = "template/skin"; That is found in template/ I need to be able to assign the template even in directories. I'm trying to build a login system and alot of the code is similar to what i used to make my news cms. basically all i wanna accomplish right now is to get the user input inserted into my database. I've already tested it out, and I get no errors, but like with the cms, the database isn't getting queryed. Here's the code: (process.php) Code: [Select] <?php $first_name=$_POST['first_name']; $last_name=$_POST['last_name']; $age=$_POST['age']; $city=$_POST['city']; $state=$_POST['state']; $country=$_POST['country']; $zip=$_POST['zip']; $birthdate=$_POST['birthdate']; $gender=$_POST['gender']; $sexuality=$_POST['sexuality']; $race=$_POST['race']; $religion=$_POST['religion']; $status=$_POST['status']; $about=$_POST['about']; $website=$_POST['website']; $user_name=$_POST['user_name']; $password=$_POST['password']; $email=$_POST['email']; mysql_connect("your hostname", "your database name", "your password") or die(mysql_error()); mysql_select_db("your database name") or die(mysql_error()); $sql = sprintf("INSERT INTO Users (first_name, last_name, age, city, state, country, zip, birthdate, gender, sexuality, race, religion, status, about, website, user_name, password, email) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($first_name), mysql_real_escape_string($last_name), mysql_real_escape_string($age), mysql_real_escape_string($city), mysql_real_escape_string($state), mysql_real_escape_string($country), mysql_real_escape_string($zip), mysql_real_escape_string($birthdate), mysql_real_escape_string($gender), mysql_real_escape_string($sexuality), mysql_real_escape_string($race), mysql_real_escape_string($religion), mysql_real_escape_string($status), mysql_real_escape_string($about), mysql_real_escape_string($website), mysql_real_escape_string($user_name), mysql_real_escape_string($password), mysql_real_escape_string($email)); $result = mysql_query($sql); Print "Congratulations! You are now a registered member on yourwebsite.com!"; ?> (register/index.php) Code: [Select] <script language = "Javascript"> function Validate() { if (document.register.first_name.value == '') { alert('You have not specified your first name!'); return false; } if (document.register.last_name.value == '') { alert('You have not specified your last name!'); return false; } if (document.register.age.value == '') { alert('You have not specified your age!'); return false; } if (document.register.country.value == '') { alert('You have not entered a country!'); return false; } if (document.register.birthdate.value == '') { alert('You have not entered your date of birth!'); return false; } if (document.register.gender.value == '') { alert('You have not specified your gender!'); return false; } if (document.register.user_name.value == '') { alert('You have not entered a username!'); return false; } if (document.register.email.value == '') { alert('You have not entered an email!'); return false; } if (document.register.password.value == '') { alert('You have not entered a password!'); return false; } return true; } </script> <form name="register" method="post" action="http://www.djsmiley.net/register/process.php" onsubmit="return Validate();"> <table width="100%" border="0"> <tr> <td>First Name:</td> <td><label> <input type="text" name="first_name" id="first_name" /> </label></td> </tr> <tr> <td>Last Name:</td> <td><input type="text" name="last_name" id="last_name" /></td> </tr> <tr> <td>Age:</td> <td><input type="text" name="age" id="age" /></td> </tr> <tr> <td>City:</td> <td><input type="text" name="city" id="city" /></td> </tr> <tr> <td>State:</td> <td><input type="text" name="state" id="state" /></td> </tr> <tr> <td>Country:</td> <td><input type="text" name="country" id="country" /></td> </tr> <tr> <td>Zip:</td> <td><input type="text" name="zip" id="zip" /></td> </tr> <tr> <td>Birthdate:</td> <td><input type="text" name="birthdate" id="birthdate" /></td> </tr> <tr> <td>Gender:</td> <td><input type="text" name="gender" id="gender" /></td> </tr> <tr> <td>Sexuality:</td> <td><input type="text" name="sexuality" id="sexuality" /></td> </tr> <tr> <td>Race:</td> <td><input type="text" name="race" id="race" /></td> </tr> <tr> <td>Religion:</td> <td><input type="text" name="religion" id="religion" /></td> </tr> <tr> <td>Marital Status:</td> <td><input type="text" name="status" id="status" /></td> </tr> <tr> <td>About You:</td> <td><label> <textarea name="about" id="about" cols="45" rows="5"></textarea> </label></td> </tr> <tr> <td>Website:</td> <td><input type="text" name="website" id="website" /></td> </tr> <tr> <td width="13%">Username: </td> <td width="87%"><input type="text" name="user_name" id="user_name" /></td> </tr> <tr> <td>Email: </td> <td><input type="text" name="email" id="email" /></td> </tr> <tr> <td>Password: </td> <td><input type="password" name="password" id="password" /></td> </tr> <tr> <td> </td> <td><input name="Register Button" type="submit" class="Button1" id="Register Button" value="Register" /> <input name="Reset Button" type="reset" class="Button1" id="Reset Button" value="Clear" /></td> </tr> </table> <label></label> </form> I've abandoned my old script and switched to this one: http://www.evolt.org/node/60384 I got it working on my site just fine (djsmiley.net/members/register - you can test it out if u want). i just want to know how i can put all of the code into the pages i created using my template. It doesn't specify how this can be done in the tutorial, which is why im confused. I've tried everything but keep getting errors. Help? Hi all I am building a website for a restaurant where the registered user can do booking in the booking page where user finds the booking form. my problem is I created the log in system but cannot workout with the booking page. I have this scenario - Customer visits site & registers details (name, email etc) on a "registration page" (creating a username & password which goes into your database) - done that Next day, customer visits site and logs in on a "log in page" using the username & password from the previous day which is now stored in your database. Can now make a booking based on this log in. (cannot do this) |
|||||||