EvilZone
Programming and Scripting => Web Oriented Coding => : jeremy78 November 18, 2012, 03:49:26 AM
-
I'm making a forum for a game I play. I have almost everything done but the forum part. I cant figure out how to post the text the user inputted to the screen.
Heres the code I have so far:
<?php
include "config-post.php";
$titlex = $_POST['title'];
$areax = $_POST['area'];
$bodyx = $_POST['body'];
$title = strip_tags($titlex);
$area = strip_tags($areax);
$body = strip_tags($bodyx);
$time = date('d/m/y h:i:s');
if($area == discussion){
$query = "INSERT INTO discussion(title, body, time) VALUES ($title, $body, $time)";
$result = mysql_query($query);
if($result){
header("Location: discussion.php");
}
}
if($area == suggestions){
$query2 = "INSERT INTO suggestions(title, body, time) VALUES ($title, $body, $time)";
$result2 = mysql_query($query2);
if($result2){
header("Location: suggestions.php");
}
}
if($area == tips){
$query3 = "INSERT INTO tips(title, body, time) VALUES ($title, $body, $time)";
$result3 = mysql_query($query3);
if($result3){
header("Location: tips.php");
}
}
if($area == bugs){
$query4 = "INSERT INTO bugs(title, body, time) VALUES ($title, $body, $time)";
$result4 = mysql_query($query4);
if($result4){
header("Location: bugs.php");
}
}
if($area == war_discussion){
$query5 = "INSERT INTO war discussion(title, body, time) VALUES ($title, $body, $time)";
$result5 = mysql_query($query5);
if($result){
header("Location: war.php");
}
}
?>
-
dont realy understand what your asking for tbh
but to make the code easier i beleve you can do this insted
function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
if (phpversion() >= '4.3.0')
{
$string = mysql_real_escape_string($string);
}
else
{
$string = mysql_escape_string($string);
}
return $string;
}
$area = cleanQuery($area);
if($area == war_discussion || $area == suggestions || $area == tips){ //fill all the categoris
$query5 = "INSERT INTO ".$area."(title, body, time) VALUES ($title, $body, $time)";
$result5 = mysql_query($query5);
if($result){
header("Location: ".$area.".php");
}
}
to read the input use mysql select, on the redirection you can use an id...
please provide more info about whats wrong
edit:
is the error that you have empty $_POST[] ??? check that
and yeah you will ofc need the connection
$con = mysql_connect("localhost", "root", "pass") or die(mysql_error());
mysql_select_db("forum") or die(mysql_error());
mysql_query(insert whatever) or die(mysql_error());
mysql_close($con);(http://evilzone.org/data:image/gif,GIF89a%12%00%12%00%B3%00%00%FF%FF%FF%F7%F7%EF%CC%CC%CC%BD%BE%BD%99%99%99ZYZRUR%00%00%00%FE%01%02%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00!%F9%04%04%14%00%FF%00%2C%00%00%00%00%12%00%12%00%00%04X0%C8I%2B%1D8%EB%3D%E4%00%60(%8A%85%17%0AG*%8C%40%19%7C%00J%08%C4%B1%92%26z%C76%FE%02%07%C2%89v%F0%7Dz%C3b%C8u%14%82V5%23o%A7%13%19L%BCY-%25%7D%A6l%DF%D0%F5%C7%02%85%5B%D82%90%CBT%87%D8i7%88Y%A8%DB%EFx%8B%DE%12%01%00%3B)
-
dont realy understand what your asking for tbh
but to make the code easier i beleve you can do this insted
function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
if (phpversion() >= '4.3.0')
{
$string = mysql_real_escape_string($string);
}
else
{
$string = mysql_escape_string($string);
}
return $string;
}
$area = cleanQuery($area);
if($area == war_discussion || $area == suggestions || $area == tips){ //fill all the categoris
$query5 = "INSERT INTO ".$area."(title, body, time) VALUES ($title, $body, $time)";
$result5 = mysql_query($query5);
if($result){
header("Location: ".$area.".php");
}
}
to read the input use mysql select, on the redirection you can use an id...
please provide more info about whats wrong
edit:
is the error that you have empty $_POST[] ??? check that
and yeah you will ofc need the connection
$con = mysql_connect("localhost", "root", "pass") or die(mysql_error());
mysql_select_db("forum") or die(mysql_error());
mysql_query(insert whatever) or die(mysql_error());
mysql_close($con);(http://evilzone.org/data:image/gif,GIF89a%12%00%12%00%B3%00%00%FF%FF%FF%F7%F7%EF%CC%CC%CC%BD%BE%BD%99%99%99ZYZRUR%00%00%00%FE%01%02%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00!%F9%04%04%14%00%FF%00%2C%00%00%00%00%12%00%12%00%00%04X0%C8I%2B%1D8%EB%3D%E4%00%60(%8A%85%17%0AG*%8C%40%19%7C%00J%08%C4%B1%92%26z%C76%FE%02%07%C2%89v%F0%7Dz%C3b%C8u%14%82V5%23o%A7%13%19L%BCY-%25%7D%A6l%DF%D0%F5%C7%02%85%5B%D82%90%CBT%87%D8i7%88Y%A8%DB%EFx%8B%DE%12%01%00%3B)
Thanks but I was talking about when you input the text into the form it gets sent to the database and then it gets put on the website so everyone can see it but I cant figure out how to display the text to the screen so everyone can see it.
-
$result = mysql_query("SELECT * FROM posts");
while($row = mysql_fetch_array($result))
{
echo $row['name'];
}
-
$result = mysql_query("SELECT * FROM posts");
while($row = mysql_fetch_array($result))
{
echo $row['name'];
}
Thanks
-
+1 for building your own forum and not a script such as SMF, phpBB, vBulletin, or IPB ;)
-
Yeah gotta make sure to echo ;)
-
There are a lot of bugs/wrong things here. Here are a few:
- You should use one table for all forum topics and posts
- You cannot have spaces in your table names
- You should look into OOP
- You should make the arena/category/board stuff dynamically loaded from database
- You should split things into more files
- Always do input validation. SQL escape stuff, RFI, LFI, XSS and CSRF are the big problems.
-
There are a lot of bugs/wrong things here. Here are a few:
- You should use one table for all forum topics and posts
- You cannot have spaces in your table names
- You should look into OOP
- You should make the arena/category/board stuff dynamically loaded from database
- You should split things into more files
- Always do input validation. SQL escape stuff, RFI, LFI, XSS and CSRF are the big problems.
Yeah I know I need to make it more secure I am working on that now.
-
May I ask what game your making the forum for?
-
May I ask what game your making the forum for?
Yeah I'm making it for a game called kings empire. Its an app. Right now its only for apple devices but I'm pretty sure they making an android version.
-
Yeah I'm making it for a game called kings empire. Its an app. Right now its only for apple devices but I'm pretty sure they making an android version.
OMG your a apple user >.<
(http://fapit.net/imgs/355/excuse_me.jpg)
-
Why re-invent the wheel when there are more than capable enough and highly customizable forum suites available for free?
-
Why re-invent the wheel when there are more than capable enough and highly customizable forum suites available for free?
Because it's a great learning experience and there's a greater feeling of achievement.
-
OMG your a apple user >.<
(http://fapit.net/imgs/355/excuse_me.jpg)
Yeah but I will say that androids are way better for most things.
-
I completely agree with the learning and doing it by hand, but I have to agree with using a framework. On things such as forums and boards, they are as old as the internet. I can go a step further and say forums are the soul reason the internet was conceived in the first place.
Back on topic, it has been done billions of times and the reason we have the framework are because people have mastered it and wrapped things up for us to use. Efficient, effective, and with years of knowledge behind them. Use a framework if you wanna be serious. There is a very good reasons they exist and are used by many.
Now to digress a bit, don't stop learning. +1 for doing it and for even showing what you have. Keep working on what you have or start over when you learn more about it. Reading and trying to understand the sourcecode from frameworks and other forums will show you a lot too.
-
Use a framework if you wanna be serious. There is a very good reasons they exist and are used by many.
i dont agree with this, you use framework when you dont know howto or are lazy.
if your new you will not think of all stuff you need to think of eg error handeling, vurnelability, compabilitation ect
but that how you get good, and thats how frameworks, application ect gets created
thats how youll start to understand whats going on. and contribute to the thing called internet
so in my oppinion make your own if you have the time, check common errors, buggs on other simmilar stuff and be a creater insted of a leecher
just my 2cents
-
I'll kind of merge both of their opinions and say that if you feel like your not quite sure what your doing yet, keep practicing but use a framework in the meantime. If you feel you've got this down, use your own code immediately.
But yeah, plus 1 either way for coding your own.
-
On things such as forums and boards, they are as old as the internet. I can go a step further and say forums are the soul reason the internet was conceived in the first place.
http://en.wikipedia.org/wiki/ARPANET
That was the internet being conceived ;) ARPANET was around before WWW and was made by the US Department of Defense
(http://upload.wikimedia.org/wikipedia/commons/b/bf/Arpanet_logical_map%2C_march_1977.png)