Hi i'm having a problem with my forum comment form. Basically i am trying to allow a user to read a users post and comment on it, the form data is suppose to be inserted into mysql.
the values i need inserted are the comment_id which is the session id of the user and the post_id the id of the post their commenting on and the content which they type.
For some reason this is not being inserted into mysql and is coming up with my echoed success message without any errors. can someone please show me where im going wrong.
Thanks
<?php
$page_title = "Read Post";
include('includes/header.php');
include ('includes/mod_login/login_form2.php'); ?>
<?php
confirm_logged_in();
if (isset ($_GET['post'])) {
$forum_id = $_GET['post'];
}
?>
<?php include('includes/copyrightbar.php'); ?>
<?
$read_forum_set = read_forum_set();
while ($forum = mysql_fetch_array($read_forum_set)) {?>
<div class="modtitle">
<div class="modtitle-text"><?php echo "{$forum['display_name']}"; ?>'s Forum Post</div>
<? } ?>
</div>
<div class="modcontent57">
<br /><br /><br/><br/>
<div class="forum">
<div class="forum-pic"><?php echo "<img src=\"data/photos/{$_SESSION['user_id']}/_default.jpg\" width=\"100\" height=\"100\" border=\"0\" align=\"right\" class=\"img-with-border-forum\" />";?>
</div>
<div class="message-links">
<strong><a href="forum.php"><< Back to Forum</a>
</div>
<br /><br /><br/><br/>
<?php
$datesent1 = $forum['date_sent']; ?>
<?php
$read_forum_set = read_forum_set();
while ($forum = mysql_fetch_array($read_forum_set)) {
$prof_photo = "data/photos/{$forum['user_id']}/_default.jpg";
$result = mysql_query("UPDATE ptb_forum SET ptb_forum.read_forum='1' WHERE ptb_forum.id='$forum'")
or die(mysql_error());
?>
<div class="message-date">
<?php echo "".date('D M jS, Y - g:ia', strtotime($forum['date_sent'])).""; ?></div>
<div class="img-with-border-frm-read"><?php echo "<a href=\"profile.php?id={$forum['from_user_id']}\"><img width=\"60px\" height=\"60px\" src=\"{$prof_photo}\"></a><br />"; ?></div>
<?php echo "<div class=\"forum-content2\"><div class=\"forum_subject\"><strong>Subject:</strong></div><div class=\"forum_subject2\"><i>{$forum['title']}</i></div><div class=\"forum_body\"><strong>Post:<br/></strong></br ><i>{$forum['content']}</i></div></div>";?>
<?php
// check if the review form has been sent
if(isset($_POST['forum_comment']))
{
$content = $_POST['forum_comment'];
//We remove slashes depending on the configuration
if(get_magic_quotes_gpc())
{
$content = stripslashes($content);
}
//We check if all the fields are filled
if($_POST['forum_comment']!='')
{
{
$sql = "INSERT INTO ptb_forum_comments (comment_id, post_id, content) VALUES (NULL, '".$_SESSION['user_id']."', '".$profile_id."', '".$content."');";
mysql_query($sql, $connection);
echo "<div class=\"infobox-profile4\"><strong>Thank You</strong> - Your review has been sent for approval.</div>";
} }
}
?>
<?php if(isset ($_SESSION['user_id'])) { ?>
<div class="forum-comment-box">
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<textarea name="forum_comment" id="forum_comment" style="resize:none; height:100px; width:543px;"></textarea><input type="submit" name="send_button" id="send_button" style="float:right; margin-right:30px; text-align:center;" value="Reply to {$message['display_name']}" /></form></div>
<? } } ?>
</div>
</div>
<?php include('includes/footer.php'); ?>
</div>
mysql_*functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.