hoponhiggo Posted April 20, 2011 Share Posted April 20, 2011 Hi Guys I have some code, written by somebody else, which i think updates a 'comments' table when a comment is written on my home page... <?php include("db.php"); if(isSet($_POST['comentario_valor'])){ $id=time();// Demo Use $comment=$_POST['comentario_valor']; $id=$_POST['id']; $sql=mysql_query("insert into comments(comment,msg_id_fk)values('$comment','$id')"); $result=mysql_query("select * from comments order by com_id desc"); $row=mysql_fetch_array($result); $com_id=$row['com_id']; $comment=$row['comment']; } ?> What i need to do now tho is try to ammend this script to also update the table with the 'userid' of the person who posted the comment. The userid should be the same as in my 'users' table. Can anybody point me in the right direction? I am new to PHP and trying to decipher this peice is code is beyond me at the minute Many thanks Quote Link to comment Share on other sites More sharing options...
Nodral Posted April 20, 2011 Share Posted April 20, 2011 Hi I'm assuming that the variable $id is the userid? If so, it looks as though this is written with the comment $sql=mysql_query("insert into comments(comment,msg_id_fk)values('$comment','$id')"); this basically says write into comments table the comment ($comment) and the id ($id). If this is incorrect, we'd need the structure of your user table to create the SELECt statement to pull the user id and write with the comment. Stu Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 Hi In the code it shows $id=time();// Demo Use I have no idea where this variable is used! my users table contains: 'id'(auto increment) 'username' 'password' 'fname' 'sname' 'email' Quote Link to comment Share on other sites More sharing options...
Nodral Posted April 20, 2011 Share Posted April 20, 2011 I agree that this is shown in the code, however $id is then redefined as $_POST['id']. This implies that it is being taken from an HTML form that the user completes. $id=$_POST['id']; Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 Stu - Can i start again please - i feel i have made a rookie mistake!! The code i posted originally is incorrect. Basically, i am operating a wall post system which allows users to leave a 'message' and then other users to leave a 'comment'. The code i posted was for the 'comment' Here is the code for the message which i need to ammend first - AND then i can look at ammending the comment code if needed. Sorry if this is all very confusing <?php include("db.php"); // if content has been sent if(isset($_POST["textarea_noticia"])){ $msg = $_POST["textarea_noticia"]; // Insert information $sql = mysql_query("INSERT INTO messages(message)values('$msg')"); $result = mysql_query("SELECT * FROM messages order by msg_id desc"); $row = mysql_fetch_assoc($result); $id = $row["msg_id"]; $msg = $row["message"]; } ?> Quote Link to comment Share on other sites More sharing options...
Nodral Posted April 20, 2011 Share Posted April 20, 2011 Hokey Pokey Where does the userid come from? How do you identify when a user is logged in etc? You'd need to use this to get the userid from the user table, then writing it into the comments table is fairly straight forward. Stu Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted April 20, 2011 Share Posted April 20, 2011 Yeah, could you post the code from your login page please? Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 Thanks Stu The userid comes from the 'users' table. It is an auto increment when a new user registers Users log in using their usernames and a session is started. Im using dreamweaver so the code created is standard i think <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['Username'])) { $loginUsername=$_POST['Username']; $password=$_POST['Password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "index.php"; $MM_redirectLoginFailed = "Register.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_pwnedbook, $pwnedbook); $LoginRS__query=sprintf("SELECT username, password FROM users WHERE username=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $pwnedbook) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();} //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> Quote Link to comment Share on other sites More sharing options...
Nodral Posted April 20, 2011 Share Posted April 20, 2011 Ok Once the user is logged in, you need to pull the userid from the user table. I'd add this into the login script and declare it to a session variable so it can be used wherever you need. <?php $LoginRS__query=sprintf("SELECT username, password, userid FROM users WHERE username=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $pwnedbook) or die(mysql_error()); $userid=mysql_fetch_array($LoginRS); $_SESSION['userid']=$userid['userid']; I think this should work, you now have a session variable $_SESSION['userid'] which carries their userid and you can use this all over your scripting. Stu Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 OK - so i have added the above code to my login page (although i changed some 'userid' to 'id' as that is what its called in my table and i can log in fine. $LoginRS__query=sprintf("SELECT username, password, id FROM users WHERE username=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $pwnedbook) or die(mysql_error()); $userid=mysql_fetch_array($LoginRS); $_SESSION['id']=$userid['id']; So now im guessing we have created the variable $_SESSION['userid'] which can be used anywhere in my script? And i understand that i can now use this variable to write the userid to the messages table along with the message? Thank you for your help - you have been very understanding! Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 Stu - Im still struggling with this! I have changed the insert info code to include the $_SESSION['id'] <?php include("db.php"); // if sent content if(isset($_POST["textarea_noticia"])){ $msg = $_POST["textarea_noticia"]; // Insert information $sql = mysql_query("INSERT INTO messages(message)values('$msg')"); $sql = mysql_query("INSERT INTO messages(userid)values('$_SESSION['id']')"); $result = mysql_query("SELECT * FROM messages order by msg_id desc"); $row = mysql_fetch_assoc($result); $id = $row["msg_id"]; $msg = $row["message"]; } ?> but this isnt working! Im guessing i am doing this incredibly wrong? Quote Link to comment Share on other sites More sharing options...
Nodral Posted April 20, 2011 Share Posted April 20, 2011 Have you created a column in your DB table (messages) for userid? To test whether the $_SESSION variable is working, try a vardump. This way it will identify where the error lies. Either in the code to put it into the table or the code to get it out of the user table. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted April 20, 2011 Share Posted April 20, 2011 One issue with the code is that you're using single quotes inside single quotes. <?php ... $sql = mysql_query("INSERT INTO messages(userid)values('$_SESSION['id']')"); ... ?> You could do something like: <?php ... $sql = mysql_query("INSERT INTO messages(userid)values('" . $_SESSION['id'] . "')"); ... ?> Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 Hi Stu I have created the column - it is identical to the original id column in the users table Also - as you can probably guess - i have no idea what a vardump is! Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted April 20, 2011 Share Posted April 20, 2011 Hi Stu I have created the column - it is identical to the original id column in the users table Also - as you can probably guess - i have no idea what a vardump is! What do you mean "identical"? did you make it an AUTO_INC field? cause that won't work. change your code to this: //insert information $id = $_SESSION['id']; $sql = mysql_query("INSERT INTO messages(message, userid)values('$msg', $id)") or die ('ERROR! During Insert :<br> '.mysql_error()); $result = mysql_query("SELECT msg_id, message FROM messages order by msg_id desc")or die ('ERROR! During Read :<br> '.mysql_error()); WHILE ($row = mysql_fetch_assoc($result)) { $id = $row["msg_id"]; $msg = $row["message"]; } } Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 20, 2011 Author Share Posted April 20, 2011 Hi - no its not set to auto - increment. I have used the code you have kindly supplied, and while this is allowing users to create a new message, and updating the messages table with the message, the userid column is being updated as '0' and not equal to the userid in the users table any suggestions? Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted April 20, 2011 Share Posted April 20, 2011 echo out the value of $_SESSION['id'] and make sure it is what it should be. Also, make sure that every page sarts with the following lines of code at the very start <?php SESSION_START(); Quote Link to comment Share on other sites More sharing options...
Nodral Posted April 20, 2011 Share Posted April 20, 2011 Hi As a few of you may guess, I'm fairly new to php myself, can someone chaeck my earlier reply to this post and ensure I gave the correct instructions as to set the $_SESSION['userid'] variable. This may be where the error lies. Quote Link to comment Share on other sites More sharing options...
hoponhiggo Posted April 22, 2011 Author Share Posted April 22, 2011 Hi Guys Ive been working on this for a few nights now and have finaly managed to make it so that when a users creates a message, the username of the person is stored in the same table as the message. Instead of creating a variable to store the userid, i just used the already created session username variable. What i now need to do tho is ammend some more code which will alow me to display the profile picture of the user who created the message. I have the below code which displays the picture of the person who is logged in. <?php //to display image from source $dir = "profpics"; $sql = "SELECT prof_pic FROM users WHERE username = '{$_SESSION['MM_Username']}'"; $res = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) == 0) die("Username not found in database."); $row = mysql_fetch_array($res); echo "<img src='$dir/{$row['prof_pic']}' width='88' height='88'><br>"; ?> Can anybody tell me how i can ammed this to say something like - select prof_pic from users where username in users table is the same as the username in the messages table? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.