AllSyntax.com: » Forums » View ?f=4&t=268&p=0

Forum Index » PHP and mySQL » Viewing Topic and Replies

Viewing Topic: comments tutorial, probably simple

Subject: "comments tutorial, probably simple" Posted: @ 7:12 pm on Feb 29 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

I have done the comments tutorial but I'am getting this error saying 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''comments' WHERE page = '/comments.php' ORDER BY time ASC' at line 1'

Any ideas?

Viewed: 23,190 Times |

bs0d

Subject: "re: comments tutorial, probably sim..." Posted: @ 11:19 pm on Feb 29 2008

Member #: 1
Rank: Admin. - (1,510)
Since: 02/06/05
Posts: 604
From: USA

Post the code of your query at that line

Edited at 11:20:04 pm on 02/29/08

-bs0d | AllSyntax.com

Viewed: 23,181 Times |

mr_badger

Subject: "re: comments tutorial, probably sim..." Posted: @ 2:16 pm on Mar 01 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

bs0d said...

< i> Post the code of your query at that line

Code:

$inf = "SELECT * FROM 'comments' WHERE page = '".strip slashes($_SERVE R['REQUEST_URI '])."' ORDER BY time ASC";
$info = mysql_query($in f);
if(!$info) die(mysql_error ());

Viewed: 23,170 Times |

mr_badger

Subject: "re: comments tutorial, probably sim..." Posted: @ 11:01 pm on Mar 04 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

mr_badger said...

< i>

bs0d said... [= Post the code of your query at that line

Code:

$inf = "SELECT * FROM 'comments' WHERE page = '".strip slashes($_SERVE R['REQUEST_URI '])."' ORDER BY time ASC";
$info = mysql_query($in f);
if(!$info) die(mysql_error ());

=]

Can anyone help, I'm sure this is easy to fix?

Edited at 12:35:45 am on 03/05/08

Viewed: 23,124 Times |

bs0d

Subject: "re: comments tutorial, probably sim..." Posted: @ 12:36 am on Mar 05 2008

Member #: 1
Rank: Admin. - (1,510)
Since: 02/06/05
Posts: 604
From: USA

Have you tried any debugging? What does this do:

$inf = "SELECT * FROM `comments` WHERE `page` = ".stripsl ashes($_SERVER[ 'REQUEST_URI' ])." ORDER BY `time` ASC";

-bs0d | AllSyntax.com

Viewed: 23,119 Times |

mr_badger

Subject: "re: comments tutorial, probably sim..." Posted: @ 3:56 pm on Mar 06 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

bs0d said...

< i> Have you tried any debugging? What does this do:

$inf = "SELECT * FROM `comments` WHERE `page` = ".stripsl ashes($_SERVER[ 'REQUEST_URI' ])." ORDER BY `time` ASC";

Thankyou, that got rid of that error but now it says no database selected.

Viewed: 23,087 Times |

bs0d

Subject: "re: comments tutorial, probably sim..." Posted: @ 10:44 pm on Mar 06 2008

Member #: 1
Rank: Admin. - (1,510)
Since: 02/06/05
Posts: 604
From: USA

Make sure you connect to the database first.

-bs0d | AllSyntax.com

Viewed: 23,081 Times |

mr_badger

Subject: "re: comments tutorial, probably sim..." Posted: @ 8:33 pm on Mar 08 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

bs0d said...

< i> Make sure you connect to the database first. ;)

Yeah I did that, here is my code.

Code:

<?

//connect to your database

require_once(' connection.php ');

//query comments for this page of this article
$inf = "SELECT * FROM `comments` WHERE `page` = ".stripsl ashes($_SERVER[ 'REQUEST_URI' ])." ORDER BY `time` ASC";
$info = mysql_query($in f);
if(!$info) die(mysql_error ());

$info_rows = mysql_num_rows( $info);
if($info_rows > 0) {
echo '<h5>Com ments:</h5&g t;';
echo '<table width="95 %">';

while($info2 = mysql_fetch_obj ect($info)) {
echo '<tr>';
echo '<td>&q uot;'.stripsla shes($info2-> ;subject).'&q uot; by: <a href="'. $info2->cont act.'"&g t;'.stripslash es($info2->u sername).'< /a></td&g t; <td><d iv align="ri ght"> @ '.date('h:i:s a', $info2->time ).' on '.$info2->d ate.'</div& gt;</td> ';
echo '</tr>&l t;tr>';
echo '<td colspan=" 2"> '.stripslashes ($info2->com ment).' </td>';< br /> echo '</tr>' ;
}//end while
echo '</table> ;';
echo '<hr width="95 %" noshade>';< br /> } else echo 'No comments for this page. Feel free to be the first <br>';
if(isset($_POST ['submit'])) {
if(!addslashes( $_POST['userna me'])) die('<u> ERROR:</u> ; you must enter a username to add a comment.');
if(!addslashes( $_POST['contac t'])) die('<u> ERROR:</u> ; enter contact method in contact field.');
if(!addslashes( $_POST['subjec t'])) die('<u> ERROR:</u> ; enter a subject to your comment.');
if(!addslashes( $_POST['commen t'])) die('<u> ERROR:</u> ; cannot add comment if you do not enter one!?');

//this is for a valid contact
if(substr($_POS T['contact'], 0,7) != 'mailto:' && !strstr($_POST[ 'contact'],' //')) {
if(strstr($_POS T['contact'], '@'))
$_POST['contac t'] = "mailto: ".$_POST[ 'contact'].&q uot;";
else
$_POST['contac t'] = "http:// ".$_POST[ 'contact'].&q uot;";
} //end valid contact

//try to prevent multiple posts and flooding...
$c = "SELECT * from `comments` WHERE ip = '".$_SER VER['REMOTE_AD DR']."' ";
$c2 = mysql_query($c) ;
while($c3 = mysql_fetch_obj ect($c2)) {
$difference = time() - $c3->time; if($difference < 300) die('<u> ALERT:</u> ; '.$c3->user name.', You have already commented earlier; if you have a question, try the forums!<BR&g t;');
} //end while

//add comment
$q ="INSERT INTO `comments` (article_id, page, date, time, username, ip, contact, subject, comment) VALUES ('".$_GE T['id'].&quo t;', '".$_POS T['page'].&q uot;', '".$_POS T['date'].&q uot;', '".$_POS T['time'].&q uot;', '".addsl ashes(htmlspeci alchars($_POST[ 'username'])) ."', '".$_SER VER['REMOTE_AD DR']."' , '".addsl ashes(htmlspeci alchars($_POST[ 'contact'])). "', '".addsl ashes(htmlspeci alchars($_POST[ 'subject'])). "', '".addsl ashes(htmlspeci alchars(nl2br($ _POST['comment '])))." ')";

$q2 = mysql_query($q) ;
if(!$q2) die(mysql_error ());

//refresh page so they can see new comment
header('Locati on: http://' . $_SERVER['HTTP _HOST'] . $_POST['page' ] . "#comment s");

} else { //display form
?>
<form name="com ments" action="& lt;? $_SERVER['PHP_ SELF']; ?>" method="p ost">< br />
<input type="hid den" name="pag e" value="&l t;? echo($_SERVER[ 'REQUEST_URI'] ); ?>"> ;
<input type="hid den" name="dat e" value="&l t;? echo(date(&quo t;F j, Y.")); ?>"> ;
<input type="hid den" name="tim e" value="&l t;? echo(time()); ?>"> ;

<table width="90 %" border="0 " cellspacing=&q uot;0" cellpadding=&q uot;0"> ;
<tr>
<td><d iv align="ri ght">U sername: </div>< ;/td>
<td><i nput name="use rname" type="tex t" size="30 " value="& quot;></t d>
</tr>
<tr>
<td><d iv align="ri ght">C ontact: </div>< ;/td>
<td><i nput type="tex t" name="con tact" size="30 " value="& quot;> <i>(email or url)</i>& lt;/td>
</tr>
<td><d iv align="ri ght">S ubject: </div>< ;/td>
<td><i nput type="tex t" name="sub ject" size="30 " value="& quot;></t d>
</tr>
<tr>
<td><d iv align="ri ght">C omment: </div>< ;/td>
<td><t extarea name="com ment" cols="45 " rows="5& quot; wrap="VIR TUAL"> </textarea&g t;</td> </tr>
<tr>
<td></ td>
<td colspan=" 2">< ;input type="res et" value="Re set Fields"&g t;
<input type="sub mit" name="sub mit" value="Ad d Comment"& gt;</td>< br /> </tr>
</table>< br /> </form> <?
} // end else
?>

Viewed: 23,042 Times |

mr_badger

Subject: "re: comments tutorial, probably sim..." Posted: @ 4:06 pm on Mar 13 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

mr_badger said...

< i> bs0d said... [= Make sure you connect to the database first.

Yeah I did that, here is my code.
<BR><f ont size=1><u >Code:</u ><BR>& lt;div name="div _box" class="di vCode"> ; <?

//connect to your database

require_once(' connection.php ');

//query comments for this page of this article
$inf = "SELECT * FROM `comments` WHERE `page` = ".stripsl ashes($_SERVER[ 'REQUEST_URI' ])." ORDER BY `time` ASC";
$info = mysql_query($in f);
if(!$info) die(mysql_error ());

$info_rows = mysql_num_rows( $info);
if($info_rows > 0) {
echo '<h5>Com ments:</h5&g t;';
echo '<table width="95 %">';

while($info2 = mysql_fetch_obj ect($info)) {
echo '<tr>';
echo '<td>&q uot;'.stripsla shes($info2-> ;subject).'&q uot; by: <a href="'. $info2->cont act.'"&g t;'.stripslash es($info2->u sername).'< /a></td&g t; <td><d iv align="ri ght"> @ '.date('h:i:s a', $info2->time ).' on '.$info2->d ate.'</div& gt;</td> ';
echo '</tr>&l t;tr>';
echo '<td colspan=" 2"> '.stripslashes ($info2->com ment).' </td>';
echo '</tr>' ;
}//end while
echo '</table> ;';
echo '<hr width="95 %" noshade>';
} else echo 'No comments for this page. Feel free to be the first <br>';

if(isset($_POST ['submit'])) {
if(!addslashes( $_POST['userna me'])) die('<u> ERROR:</u> ; you must enter a username to add a comment.');
if(!addslashes( $_POST['contac t'])) die('<u> ERROR:</u> ; enter contact method in contact field.');
if(!addslashes( $_POST['subjec t'])) die('<u> ERROR:</u> ; enter a subject to your comment.');
if(!addslashes( $_POST['commen t'])) die('<u> ERROR:</u> ; cannot add comment if you do not enter one!?');

//this is for a valid contact
if(substr($_POS T['contact'], 0,7) != 'mailto:' && !strstr($_POST[ 'contact'],' //')) {
if(strstr($_POS T['contact'], '@'))
$_POST['contac t'] = "mailto: ".$_POST[ 'contact'].&q uot;";
else
$_POST['contac t'] = "http:// ".$_POST[ 'contact'].&q uot;";
} //end valid contact

//try to prevent multiple posts and flooding...
$c = "SELECT * from `comments` WHERE ip = '".$_SER VER['REMOTE_AD DR']."' ";
$c2 = mysql_query($c) ;
while($c3 = mysql_fetch_obj ect($c2)) {
$difference = time() - $c3->time;
if($difference < 300) die('<u> ALERT:</u> ; '.$c3->user name.', You have already commented earlier; if you have a question, try the forums!<BR&g t;');
} //end while

//add comment
$q ="INSERT INTO `comments` (article_id, page, date, time, username, ip, contact, subject, comment) VALUES ('".$_GE T['id'].&quo t;', '".$_POS T['page'].&q uot;', '".$_POS T['date'].&q uot;', '".$_POS T['time'].&q uot;', '".addsl ashes(htmlspeci alchars($_POST[ 'username'])) ."', '".$_SER VER['REMOTE_AD DR']."' , '".addsl ashes(htmlspeci alchars($_POST[ 'contact'])). "', '".addsl ashes(htmlspeci alchars($_POST[ 'subject'])). "', '".addsl ashes(htmlspeci alchars(nl2br($ _POST['comment '])))." ')";

$q2 = mysql_query($q) ;
if(!$q2) die(mysql_error ());

//refresh page so they can see new comment
header('Locati on: http://' . $_SERVER['HTTP _HOST'] . $_POST['page' ] . "#comment s"

;

} else { //display form
?>
<form name="com ments" action="& lt;? $_SERVER['PHP_ SELF']; ?>" method="p ost">

<input type="hid den" name="pag e" value="&l t;? echo($_SERVER[ 'REQUEST_URI'] ); ?>"> ;
<input type="hid den" name="dat e" value="&l t;? echo(date(&quo t;F j, Y."

); ?>"> ;
<input type="hid den" name="tim e" value="&l t;? echo(time()); ?>"> ;

<table width="90 %" border="0 " cellspacing=&q uot;0" cellpadding=&q uot;0"> ;
<tr>
<td><d iv align="ri ght">U sername: </div>< ;/td>
<td><i nput name="use rname" type="tex t" size="30 " value="& quot;></t d>
</tr>
<tr>
<td><d iv align="ri ght">C ontact: </div>< ;/td>
<td><i nput type="tex t" name="con tact" size="30 " value="& quot;> <i>(email or url)</i>& lt;/td>
</tr>
<td><d iv align="ri ght">S ubject: </div>< ;/td>
<td><i nput type="tex t" name="sub ject" size="30 " value="& quot;></t d>
</tr>
<tr>
<td><d iv align="ri ght">C omment: </div>< ;/td>
<td><t extarea name="com ment" cols="45 " rows="5& quot; wrap="VIR TUAL"> </textarea&g t;</td>
</tr>
<tr>
<td></ td>
<td colspan=" 2">< ;input type="res et" value="Re set Fields"&g t;
<input type="sub mit" name="sub mit" value="Ad d Comment"& gt;</td>
</tr>
</table>
</form>
<?
} // end else
?>

=]

Can no-one help me sort this really simple question, some people must have the comments code working fine?

Viewed: 22,902 Times |

bs0d

Subject: "re: comments tutorial, probably sim..." Posted: @ 3:01 am on Mar 14 2008

Member #: 1
Rank: Admin. - (1,510)
Since: 02/06/05
Posts: 604
From: USA

I'd check permissions and the details of your connection.php file

-bs0d | AllSyntax.com

Viewed: 22,884 Times |

TracNav

Subject: "re: comments tutorial, probably sim..." Posted: @ 7:59 pm on Mar 15 2008

Member #: 629
Rank: user - (11)
Since: 03/15/08
Posts: 11
From: Wokingham, UK.

Just to enlighten you on something you probably already know:

Earlier when you said...

mr_bad ger said...

< i>$inf = "SELECT * FROM 'comments' WHERE page = '".strip slashes($_SERVE R['REQUEST_URI '])."' ORDER BY time ASC";

...it may have been that you used an apostrophe instead of this thing ` which I believe is called 'grave'?

It took me a while to figure out why my code wasnt working when I did that

Good luck with finding out the next part to your question! I'd help but Im a php noob

TracNav

When replying please bear in mind the severe simplicity of my brain. Thanks.

Viewed: 22,831 Times |

mr_badger

Subject: "re: comments tutorial, probably sim..." Posted: @ 12:26 am on Mar 30 2008

Member #: 604
Rank: user - (7)
Since: 02/29/08
Posts: 7

ok, I'm not getting any php errors now but there is a problem I'm getting and that is the page displays the form as it should but there is now a portion of the code being displayed on the page.

the code being displayed starts from here

Code:

0) { echo '
Comments:
'; echo ''; while($info2 = mysql_fetch_obj ect($info)) { echo ''; echo ''; echo ''; echo ''; echo ''; }//end while echo '
"'.strip slashes($info2- >subject).' " by: '.stripslashes ($info2->use rname).'
@ '.date('h:i:s a', $info2->time ).' on '.$info2->d ate.'
'.stripslashes ($info2->com ment).'
'; echo ''; } else echo 'No comments for this page. Feel free to be the first
'; if(isset($_POST ['submit'])) { if(!addslashes( $_POST['userna me'])) die('ERROR: you must enter a username to add a comment.'); if(!addslashes( $_POST['contac t'])) die('ERROR: enter contact method in contact field.'); if(!addslashes( $_POST['subjec t'])) die('ERROR: enter a subject to your comment.'); if(!addslashes( $_POST['commen t'])) die('ERROR: cannot add comment if you do not enter one!?'); //this is for a valid contact if(substr($_POS T['contact'], 0,7) != 'mailto:' && !strstr($_POST[ 'contact'],' //')) { if(strstr($_POS T['contact'], '@')) $_POST['contac t'] = "mailto: ".$_POST[ 'contact'].&q uot;"; else $_POST['contac t'] = "http:// ".$_POST[ 'contact'].&q uot;"; } //end valid contact //try to prevent multiple posts and flooding... $c = "SELECT * from `comments` WHERE ip = '".$_SER VER['REMOTE_AD DR']."' "; $c2 = mysql_query($c) ; while($c3 = mysql_fetch_obj ect($c2)) { $difference = time() - $c3->time; if($difference < 300) die('ALERT: '.$c3->user name.', You have already commented earlier; if you have a question, try the forums!
'); } //end while //add comment $q ="INSERT INTO `comments` (article_id, page, date, time, username, ip, contact, subject, comment) VALUES ('".$_GE T['id'].&quo t;', '".$_POS T['page'].&q uot;', '".$_POS T['date'].&q uot;', '".$_POS T['time'].&q uot;', '".addsl ashes(htmlspeci alchars($_POST[ 'username'])) ."', '".$_SER VER['REMOTE_AD DR']."' , '".addsl ashes(htmlspeci alchars($_POST[ 'contact'])). "', '".addsl ashes(htmlspeci alchars($_POST[ 'subject'])). "', '".addsl ashes(htmlspeci alchars(nl2br($ _POST['comment '])))." ')"; $q2 = mysql_query($q) ; if(!$q2) die(mysql_error ()); //refresh page so they can see new comment header('Locati on: http://' . $_SERVER['HTTP _HOST'] . $_POST['page' ] . "#comment s"); } else { //display form ?>
">

Why is this being shown?

and another thing is when I fill in the form to test it works it says Forbidden 'You do not have permission to access public_html/sit ename/ on this server'

I have not uploaded this as I'm testing this locally if that helps with an answer to this.
Hope you can help.

Viewed: 22,538 Times |

Viewing Page: 1 of 1

1 |

You must be logged in to post on the forums. Login or Register