PHP forum post not working

Well you will want to use a Session regardless, you really don’t want to pass UserID via a querystring or have it manually entered, that logically doesn’t make any sense.

In short, after you authenticate the user in your index.php, write their user id to a session variable

$_SESSION['userID'] = $userID; // replace $userID with the field that contains it

Make sure you have session_start(); at the top of your PHP files or at least the ones that will be reading from the session variable.

Then when you need to read the userID later on (such as in new_thread.php or whatever it is called, you simply use $_SESSION[‘userID’]

So in the new_thread.php instead of


'{$_POST['user_ID']}'

its


$myquery = "insert into threads 
            values ('','$_SESSION['userID']','{$_POST['title']}','{$_POST['date']}'}";

Do I put the $_SESSION[‘userID’] = $userID; into the index.php or the threads.php

Yes.

Where your login query is validated (so I believe that is the index.php)

I tired what you said about the session stuff but its coming up with ERROR’s currently my coding looks like this i cant get it to work:
index.php


<!-- Link to CSS-->
<link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">


<?php

		$mysqli = mysqli_connect("localhost","root","","forum");
		
		$query = "select * from users where username = '$_POST[username]' and password = '$_POST[password]'";
		
		$result = mysqli_query($mysqli,$query);
		
		$_SESSION['userID'] = $userID;	
		if (mysqli_num_rows($result) == 0)
		{
			echo "User Not Found";
			include "index.html";
		}
		else
		{
			echo "<h3>User Logged in</h3>";
			include "threads.php";
		}
			
	mysqli_close($mysqli);
?>	

new_threads.php


<!-- Link to CSS-->
<link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

<?php
session_start();
// connect to database
$mysqli = mysqli_connect("localhost", "root","","forum");

// php string query insert into table
$myquery = "insert into threads 
            values ('','{$_SESSION['userID']}','{$_POST['title']}','{$_POST['date']}'}";  
			

// function which runs the myquery string			
$result = mysqli_query($mysqli,$myquery);

// if's statments for inerting data into table
If ($result==true)
{
  echo "New Thread Added";
  include "threads.php";
}
else 
{
  echo "Corrupt Thread";
  include "threads.php";
}  

// close connection with database
mysqli_close ($mysqli);
?>

threads.php


&lt;!-- Link to CSS--&gt;
&lt;link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main"&gt;

&lt;p&gt;
Welcome to the threads Page!!!!!!!!!
&lt;/p&gt;
To start a new thread fill in the details and...
&lt;form name "input" action="new_threads.php?userId=&lt;?php echo $userId; ?&gt;" method="post"&gt;&lt;/p&gt;
&lt;input type="hidden" name="user_Id" size="25" value="&lt;?php echo $userId; ?&gt;"&gt;&lt;br&gt;
&lt;input type="text" name="title" size="25" value="Topic Name"&gt;&lt;br&gt;
&lt;input type="text" name="date" size="25" value="Topic Date"&gt;&lt;br&gt;
&lt;p&gt;&lt;input type="submit" value="Submit"&gt;&lt;/p&gt;
&lt;/form&gt;

&lt;form name "input" action="index.html" method="post"&gt;&lt;/p&gt;
&lt;p&gt;&lt;input type="submit" value="Back"&gt;&lt;/p&gt;
&lt;/form&gt;

&lt;p&gt;Click the "Submit" button to create a thread.&lt;/p&gt;

&lt;?php

$mysqli = mysqli_connect("localhost", "root","","forum");

$myquery = "select * from `threads`";

$result = mysqli_query($mysqli,$myquery);

echo "&lt;table&gt;";
while($record = mysqli_fetch_array($result,MYSQL_ASSOC))
{
	$threadID = $record["threadID"];
	$user_ID = $record["user_ID"];
	$title = $record["title"];
	$date = $record["date"];

	echo "&lt;tr&gt;";
    echo "&lt;td&gt;";
	echo $threadID;
	echo "&lt;/td&gt;";	
	echo "&lt;td&gt;";
	echo $user_ID;
	echo "&lt;/td&gt;";
	echo "&lt;td&gt;";
	echo "&lt;a href=\\"posts.php?threadId=" . $threadID . "\\"&gt;$title&lt;/a&gt;";
	echo "&lt;/td&gt;";
	echo "&lt;td&gt;";
	echo $date ;
	echo "&lt;/td&gt;";
	echo "&lt;/tr&gt;";
}
echo "&lt;/table&gt;";
?&gt;

What errors are you receiving? Don’t forget to use my last tip (putting session_start(); at the top of each page that needs to use $_SESSION[‘userID’]).

YH I used that look a tthe new_threads.php i put the session start start after the first php tag.

yep i did put the session_start at teh top of new_threads.php but the errors im getting is:

Undefined variable: userID in C:\wamp\www\Forum\index.php on line 13

( ! ) Notice: Undefined variable: userId in C:\wamp\www\Forum\ hreads.php on line 8 Call Stack #TimeMemoryFunctionLocation 10.0006677488{main}( )…\index.php:0 20.0042705016include( ‘C:\wamp\www\Forum\ hreads.php’ )…\index.php:22 " method=“post”>

( ! ) Notice: Undefined variable: userId in C:\wamp\www\Forum\ hreads.php on line 9 Call Stack #TimeMemoryFunctionLocation 10.0006677488{main}( )…\index.php:0 20.0042705016include( ‘C:\wamp\www\Forum\ hreads.php’ )…\index.php:22 ">

Sorry, my comment on my code wasn’t clear:

$_SESSION['userID'] = $userID; 

Replace $userID with $_POST[‘username’] as you do not have a variable named $userID.

Then in threads.php remove all references to $userID, you don’t need them because it is in session.

<form name "input" action="new_threads.php?userId=<?php echo $userId; ?>" method="post"></p>
<input type="hidden" name="user_Id" size="25" value="<?php echo $userId; ?>"><br>

So remove ?userId=<?php echo $userId; ?> from your action attribute and remove the user_id hidden field.

oki its working a bit better but in new_threads.php its not putting the new topic through can you check my code there something wrong with the query syntax:


<!-- Link to CSS-->
<link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">

<?php
session_start();
// connect to database
$mysqli = mysqli_connect("localhost", "root","","forum");

// php string query insert into table

$myquery = "insert into threads 
            values ('','{$_SESSION['userID']}','{$_POST['title']}','{$_POST['date']}'}";  
			

// function which runs the myquery string			
$result = mysqli_query($mysqli,$myquery);

// if's statments for inerting data into table
If ($result==true)
{
  echo "New Thread Added";
  include "threads.php";
}
else 
{
  echo "Corrupt Thread";
  include "threads.php";
}  

// close connection with database
mysqli_close ($mysqli);
?>

First thing to do is add var_dump($_POST,$_SESSION); above your $myquery statement. See what it outputs, as one or several of those values are not matching your code.

its coming up with this

array (size=2)
‘title’ => string ‘New Topic’ (length=9)
‘date’ => string ‘2012/5/4’ (length=8)

array (size=1)
‘userID’ => null

Corrupt Thread

its not putting the thread through because of the userID from users table isnt being automatically entered into the query compared to manually inputting it in.

Verify your index.php has session_start(); at the top of it, because it isn’t storing your userID into the session.

Yh i have the session_start(); at the top but still not working:

index.php


<!-- Link to CSS-->
<link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main">


<?php
session_start();
		$mysqli = mysqli_connect("localhost","root","","forum");
		
		$query = "select * from users where username = '$_POST[username]' and password = '$_POST[password]'";
		
		$result = mysqli_query($mysqli,$query);
		
		$_SESSION['userID'] = $_POST['username'];	
		if (mysqli_num_rows($result) == 0)
		{
			echo "User Not Found";
			include "index.html";
		}
		else
		{
			echo "<h3>User Logged in</h3>";
			include "threads.php";
		}
			
	mysqli_close($mysqli);
?>	

All thats happening is that in index.php its getting the username and password from my index.html via the

'$_POST[username]' and password = '$_POST[password]'"

and then if the post super globals matchs whats in the users table in mysql then it will display user logged in otherwise user not found which is what this piece of code does.

$_SESSION['userID'] = $_POST['username'];	
		if (mysqli_num_rows($result) == 0)
		{
			echo "User Not Found";
			include "index.html";
		}
		else
		{
			echo "<h3>User Logged in</h3>";
			include "threads.php";
		}
			

I need the session to store the userID not the username so i was think like you said before have it as

$_SESSION['userID'] =  $userID;

so then have another query which would be something like

$username = '$_POST[username]'
		$password = '$_POST[password]'
		$userID = "select 'users'.userID from users where userID = $username AND $password";

THis wont work because the syntax inst correct.

Ah, you are close though

<!-- Link to CSS--> 
<link rel="stylesheet" type="text/css" href= "CSS/default.css" title="Main"> 


<?php 
session_start();  
        $mysqli = mysqli_connect("localhost","root","","forum"); 
         
        $query = "select userID from users where username = '$_POST[username]' and password = '$_POST[password]'";  // updated this line
         
        $result = mysqli_query($mysqli,$query); 
         
        if (mysqli_num_rows($result) == 0) 
        { 
            echo "User Not Found"; 
            include "index.html"; 
        } 
        else 
        { 
            $row = mysqli_fetch_array($result); // added this line
            $_SESSION['userID'] = $row['userID'];  // added this line
            echo "<h3>User Logged in</h3>"; 
            include "threads.php"; 
        } 
             
    mysqli_close($mysqli); 
?>

oki ive tried that but its not putting the thread in the table ive tired doing this have a look:

threads.php ive added back the userID and hidden it but changed the value to:


<input type="hidden" name="userID" value="<?php $_SESSION['userID']?>" /><br>

And in the new_threads.php ive left the query string like this:


var_dump($_POST,$_SESSION); 
$myquery = "insert into threads 
            values ('','{$_POST['userID']}','{$_POST['title']}','{$_POST['date']}'}";  

It supposed to say New thread add it seems the coding is working but its not saying new thread added because the query inst getting the user ID.

Keeps coming up with

array (size=3)
‘userID’ => string ‘’ (length=0)
‘title’ => string ‘Topic Name’ (length=10)
‘date’ => string ‘2012/4/5’ (length=8)

array (size=1)
‘userID’ => string ‘1’ (length=1)

Corrupt Thread

From what I can tell, you should be able to use $_SESSION[‘userID’] instead of $_POST[‘userID’], as if that var_dump() is the $_POST, $_SESSION data, then the session has the userID.

For whatever reason, your threads.php isn’t able to get the $_SESSION data by itself, but your new_thread.php can. My guess is threads.php doesn’t have session_start();

oki im using the $_SESSION[‘userID’] instead of $_POST[‘userID’] if i remove the

<input type="hidden" name="userID" value="<?php $_SESSION['userID']?>" /><br>

from thread.php and add the session_start(); into it so it looks like this:


&lt;?php
session_start();
$mysqli = mysqli_connect("localhost", "root","","forum");

$myquery = "select * from `threads`";

$result = mysqli_query($mysqli,$myquery);

echo "&lt;table&gt;";
while($record = mysqli_fetch_array($result,MYSQL_ASSOC))
{
	$threadID = $record["threadID"];
	$user_ID = $record["user_ID"];
	$title = $record["title"];
	$date = $record["date"];

	echo "&lt;tr&gt;";
    echo "&lt;td&gt;";
	echo $threadID;
	echo "&lt;/td&gt;";	
	echo "&lt;td&gt;";
	echo $user_ID;
	echo "&lt;/td&gt;";
	echo "&lt;td&gt;";
	echo "&lt;a href=\\"posts.php?threadId=" . $threadID . "\\"&gt;$title&lt;/a&gt;";
	echo "&lt;/td&gt;";
	echo "&lt;td&gt;";
	echo $date ;
	echo "&lt;/td&gt;";
	echo "&lt;/tr&gt;";
}
echo "&lt;/table&gt;";
?&gt;

It still doesnt work its coming up this error

A session had already been started - ignoring session_start() in C:\wamp\www\Forum\ hreads.php on line 21

Does it insert the new thread? The reason you are getting that warning is your new_threads.php has session_start() and then does an include ‘threads.php’ which is including a second session_start().

Since you removed the hidden field for userID on threads.php, you can likely remove the session_start() from threads.php as well, as the only page that would need it is, index.php and new_threads.php

oki ive done that just for testing ive removed include thread.php for testing and the code does work however its not echoing new thread added so its not inputing the data into the threads table