Search
Left Quote    By failing to prepare, you are preparing to fail.
- Benjamin Franklin    		 Right Quote
 
[login] | [Register]
 

Comments Script

by: bs0d
  

Description:


This is a complete comments script. To learn more about the code, how it works, and exactly what to do to get this working on your own site - please read the corresponding tutorial to learn how its made.This script requires a mySQL database.




Code:
<?

//connect to your database

//query comments for this page of this article
$inf = "SELECT * FROM `comments` WHERE page = '".stripslashes($_SERVER['REQUEST_URI'])."' ORDER BY time ASC";
$info = mysql_query($inf);
     if(!$info) die(mysql_error());

   $info_rows = mysql_num_rows($info);
if($info_rows > 0) {
   echo '<h5>Comments:</h5>';
   echo '<table width="95%">';
   
while($info2 = mysql_fetch_object($info)) {    
echo '<tr>';   
echo '<td>"'.stripslashes($info2->subject).'" by: <a href="'.$info2->contact.'">'.stripslashes($info2->username).'</a></td> <td><div align="right"> @ '.date('h:i:s a', $info2->time).' on '.$info2->date.'</div></td>';
echo '</tr><tr>';
echo '<td colspan="2"> '.stripslashes($info2->comment).' </td>';
echo '</tr>';
}//end while
echo '</table>';
echo '<hr width="95%" noshade>';
} else echo 'No comments for this page. Feel free to be the first <br>';

if(isset($_POST['submit'])) {
  if(!addslashes($_POST['username'])) die('<u>ERROR:</u> you must enter a username to add a comment.');
  if(!addslashes($_POST['contact']))  die('<u>ERROR:</u> enter contact method in contact field.');
  if(!addslashes($_POST['subject']))  die('<u>ERROR:</u> enter a subject to your comment.');
  if(!addslashes($_POST['comment']))  die('<u>ERROR:</u> cannot add comment if you do not enter one!?');


//this is for a valid contact
  if(substr($_POST['contact'],0,7) != 'mailto:' && !strstr($_POST['contact'],'//')) {
              if(strstr($_POST['contact'],'@'))
                $_POST['contact'] = "mailto:".$_POST['contact']."";
              else
                $_POST['contact'] = "http://".$_POST['contact']."";
   } //end valid contact

//try to prevent multiple posts and flooding...
$c = "SELECT * from `comments` WHERE ip = '".$_SERVER['REMOTE_ADDR']."'";
  $c2 = mysql_query($c);
     while($c3 = mysql_fetch_object($c2)) {
      $difference = time() - $c3->time;
     if($difference < 300) die('<u>ALERT:</u> '.$c3->username.', You have already commented earlier; if you have a question, try the forums!<BR>');
      } //end while

//add comment
$q ="INSERT INTO `comments` (article_id, page, date, time, username, ip, contact, subject, comment) VALUES ('".$_GET['id']."', '".$_POST['page']."', '".$_POST['date']."', '".$_POST['time']."', '".addslashes(htmlspecialchars($_POST['username']))."', '".$_SERVER['REMOTE_ADDR']."', '".addslashes(htmlspecialchars($_POST['contact']))."', '".addslashes(htmlspecialchars($_POST['subject']))."', '".addslashes(htmlspecialchars(nl2br($_POST['comment'])))."')";

$q2 = mysql_query($q);
  if(!$q2) die(mysql_error());

//refresh page so they can see new comment
header('Location: http://' . $_SERVER['HTTP_HOST'] . $_POST['page'] . "#comments");

} else {  //display form
?>
<form name="comments" action="<? $_SERVER['PHP_SELF']; ?>" method="post">

<input type="hidden" name="page" value="<? echo($_SERVER['REQUEST_URI']); ?>">
<input type="hidden" name="date" value="<? echo(date("F j, Y.")); ?>">
<input type="hidden" name="time" value="<? echo(time()); ?>">

<table width="90%" border="0" cellspacing="0" cellpadding="0">
   <tr>
      <td><div align="right">Username:   </div></td>
       <td><input name="username" type="text" size="30" value=""></td>
   </tr>
    <tr>
      <td><div align="right">Contact:   </div></td>
      <td><input type="text" name="contact" size="30" value=""> <i>(email or url)</i></td>
    </tr>
    <td><div align="right">Subject:   </div></td>
    <td><input type="text" name="subject" size="30" value=""></td>
    </tr>
    <tr>
      <td><div align="right">Comment:   </div></td>
      <td><textarea name="comment" cols="45" rows="5" wrap="VIRTUAL"></textarea></td>
    </tr>
    <tr>
      <td></td>
      <td colspan="2"><input type="reset" value="Reset Fields">     
        <input type="submit" name="submit" value="Add Comment"></td>
    </tr>
  </table>
</form>
<?
} // end else
?>


 


Comments:

  yusafe
  Subject: "database name?" Date: Sep 25 2007 at 6:38 am    
wht is database name, which created in mysql?
  djdubuque
  Subject: "Code seems to not work on localhost" Date: Dec 10 2007 at 10:31 am    
What am I missing? The form will not same data once submitted. Error in PHP is in line 7. (access denied (ODBC@localhost)
  djdubuque
  Subject: "error removed" Date: Dec 10 2007 at 10:34 am    
Found that I needed to ad a User of ODBC to the dB, but form still does not save to dB. Why?
You Must be signed in or a member to comment.
Code Stats

Code Stats
21,425 Views
4 Total Comments
4 Rating of 5 ( Votes)

Options

Code Options
· Login to Rate This Code
· Login to Post a Comment
· Read more by this author
Digg This Code! Del.icio.us: Bookmark This Code Reddit: Bookmark This Code! BlinkList: Blink This Code! YahooMyWeb BlogMarks: Add This Mark! Furl: Save This Code Spurl: Mark This Code!

Code Samples

Related    
· Database Connection
· Users Online
· Pagination
· CAPTCHA Image
· IdealMySQL Class for PHP 5.0




Renegade Motorhomes - Cheap Car Insurance - Cheap Flights - Phoenix Pools

"AllSyntax.com" Copyright © 2002-2007; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank