I have a problem inserting comments to my Blog (PHP, MySQL, HTML, CSS). I have a database in MySQL with:
I am not sure how to insert the post_id into the comments table. I tried many options and I get this message but I am not sure where I make a mistake. I don't have a line 137 but I know that the problem is somewhere in the insert query. Can someone help me figure it out?
Message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 137
<?php include 'includes/header.php'; ?>
<?php
$id = $_GET['id'];
//Create DB Object
$db = new Database();
//Create Query
$query = "SELECT * FROM posts WHERE id = ".$id;
//Run Query
$post = $db->select($query)->fetch_assoc();
//Create Query
$query = "SELECT * FROM categories";
//Run Query
$categories = $db->select($query);
//add code
//Create Query
$query = "SELECT * FROM comments WHERE post_id = ".$id;
//Run Query
$comments = $db->select($query);
//test if the form is submitted
if(isset($_POST['submit']))
{
//Assign Vars
//$post_id = mysqli_real_escape_string($db->link, $_POST['post_id']);
//$post_id = $id;
//if(!is_numeric($post_id))
// die('invalid post id');
$author = mysqli_real_escape_string($db->link, $_POST['author']);
$email = mysqli_real_escape_string($db->link, $_POST['email']);
$content = mysqli_real_escape_string($db->link, $_POST['content']);
//Simple Validation
if($post_id == '' || $author == '' || $email == '' || $content == '')
{
//Set Error
$error = 'Please fill out all required fields';
}
else
{
$query = "INSERT INTO comments (post_id, author, email, content)
VALUES('$post_id', '$author', '$email', '$content')";
$insert_row = $db->insert($query);
}
}
?>
<!-- dodajemy kod-->
<div class="blog-post">
<h2 class="blog-post-title"><?php echo $post['title']; ?></h2>
<p class="blog-post-meta"><?php echo formatDate($post['date']); ?> by <a href="#"><?php echo $post['author']; ?></a></p>
<?php echo $post['body']; ?>
</div><!-- /.blog-post -->
<!-- dodajemy kod-->
<?php if($comments) : ?>
<?php echo '<ol id="comments">'; ?>
<?php while($row = $comments->fetch_assoc()) : ?>
<?php echo '<li id="comment-'.$row['id'].'">'; ?>
<p><a href="#"><?php echo $row['author']; ?></a> - <?php echo formatDate($row['date']); ?> </p>
<?php echo $row['content']; ?>
<?php echo '</li>'; ?>
<?php endwhile; ?>
<?php echo '</ol>'; ?>
<?php else : ?>
<p>There are no comments yet</p>
<?php endif; ?>
<br>
<form role="form" method="post" action="post.php">
<div class="form-group">
<label>Author</label>
<input name="author" type="text" class="form-control" placeholder="Enter Author Name">
</div>
<div class="form-group">
<label>Email</label>
<input name="email" type="text" class="form-control" placeholder="Enter Email Adress">
</div>
<div class="form-group">
<label>Content</label>
<textarea name="content" class="form-control" placeholder="Enter Comment Content"></textarea>
</div>
<div class="form-group">
<input type='hidden' name='post_id' id='post_id' value='<?php echo $id; ?>' />
</div>
<div>
<input name="submit" type="submit" class="btn btn-default" value="Submit" />
<a href="index.php" class="btn btn-default">Cancel</a>
</div>
<br>
</form>
<?php include 'includes/footer.php'; ?>
I found out that i needed to get and pass the id of the post in the action of the form:
action="post.php?id=<?php echo $_GET['id']; ?>"
<?php include 'includes/header.php'; ?>
<?php
$id = $_GET['id'];
//Create DB Object
$db = new Database();
//Create Query
$query = "SELECT * FROM posts WHERE id = ".$id;
//Run Query
$post = $db->select($query)->fetch_assoc();
//Create Query
$query = "SELECT * FROM categories";
//Run Query
$categories = $db->select($query);
//add code
//Create Query
$query = "SELECT * FROM comments WHERE post_id = ".$id;
//Run Query
$comments = $db->select($query);
//test if the form is submitted
if(isset($_POST['submit']))
{
//Assign Vars
$post_id = mysqli_real_escape_string($db->link, $_POST['post_id']);
//$post_id = $_GET['id'];
//if(!is_numeric($post_id))
// die('invalid post id');
$author = mysqli_real_escape_string($db->link, $_POST['author']);
$email = mysqli_real_escape_string($db->link, $_POST['email']);
$content = mysqli_real_escape_string($db->link, $_POST['content']);
//Simple Validation $post_id == '' ||
if((!is_numeric($post_id))|| $author == '' || $email == '' || $content == '')
{
//Set Error
$error = 'Please fill out all required fields';
}
else
{
$query = "INSERT INTO comments (post_id, author, email, content)
VALUES('$post_id', '$author', '$email', '$content')";
$insert_row = $db->insert($query);
}
}
?>
<!-- dodajemy kod-->
<div class="blog-post">
<h2 class="blog-post-title"><?php echo $post['title']; ?></h2>
<p class="blog-post-meta"><?php echo formatDate($post['date']); ?> by <a href="#"><?php echo $post['author']; ?></a></p>
<?php echo $post['body']; ?>
</div><!-- /.blog-post -->
<!-- dodajemy kod-->
<?php if($comments) : ?>
<?php echo '<ol id="comments">'; ?>
<?php while($row = $comments->fetch_assoc()) : ?>
<?php echo '<li id="comment-'.$row['id'].'">'; ?>
<p><a href="#"><?php echo $row['author']; ?></a> - <?php echo formatDate($row['date']); ?> </p>
<?php echo $row['content']; ?>
<?php echo '</li>'; ?>
<?php endwhile; ?>
<?php echo '</ol>'; ?>
<?php else : ?>
<p>There are no comments yet</p>
<?php endif; ?>
<br>
<form role="form" method="post" action="post.php?id=<?php echo $id; ?>">
<div class="form-group">
<label>Author</label>
<input name="author" type="text" class="form-control" placeholder="Enter Author Name">
</div>
<div class="form-group">
<label>Email</label>
<input name="email" type="text" class="form-control" placeholder="Enter Email Adress">
</div>
<div class="form-group">
<label>Content</label>
<textarea name="content" class="form-control" placeholder="Enter Comment Content"></textarea>
</div>
<div class="form-group">
<input type='hidden' name='post_id' id='post_id' value='<?php echo $id; ?>' />
</div>
<div>
<input name="submit" type="submit" class="btn btn-default" value="Submit" />
<a href="index.php" class="btn btn-default">Cancel</a>
</div>
<br>
</form>
<?php include 'includes/footer.php'; ?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.