Building a Comments Script
This tutorial will guide you through the process of building a comments script with PHP. The comments script will use a mySQL database to store and retrieve information. Its not too advanced, but additional features can easily be added, such as a delete feature and implementing usernames. If a user is logged in, display their username- if not, display "Guest" or something along those lines. Well discuss that more in detail later. So lets get started.
What you need
In order to build and use this script, you will need hosting that supports PHP, because thats the language we are using to build it with. And access to a mySQL database, because this is the type of database we are using to store and retrieve the comments data. I would recommend using the newest versions of PHP, because I do know some things have changed, like I will use $_POST instead of $_HTTP_POST_VARS, which $_POST the newer (and easier) method.
What to Expect
With this particular script, you can simply include the comments file on every page that you would like comments to be made. Like this site, comments can be made on every page of every article, as well as for every code sample. A person can enter their username, subject of comment, form of contact (email or website) and finally, their comment. When they submit the comment, the page will be refreshed and display their comment. First, will appear the lists of comments for that page. And below that, will be a form to add a comment.
The first thing you should do, is build a comments table in your database. You can name the table anything you want. We'll use simply, "comments" for this tutorial. The comments table will have 9 columns: article_id, page, date, time, username, ip, contact, subject, and comment.
Below is the SQL to create the comments table.
Starting the Code
Now that we have our table all setup, we can now begin writing the code. Since we are first displaying comments, then the form to submit comments- our code will start exactly the same. First, we will query the comments table for any rows existing that are for the url of the page we are currently viewing. We get the page, by the server variable $_SERVER['REQUEST_URI']. This will get the url that appears in their browser. Also, keep in mind that we cannot execute the query until we've connected to the database. So lets look at the code:
The first line of code calls a file that already contains the database connection information. When I do this, a connection is made. Next you see the query, which orders the results in ascending order by the time they were posted. Below all of that is an if statement that will check if the query executed, if not- the error message will be displayed.
Up to this point, we have connected to the database, and executed a query to check if any comments existed for the page we are viewing. Now, we will get the number of comments by using mysql_num_rows(); And check if that number is greater than 1. If that condition is true- we display the comments, if not- we display a message indicating that no comments exist. See the code below:
In the code above, I included minimal formatting and no colors. You can do this on your own and may decide to use CSS (recommended) or hard code colors and other formatting directly in the code. Now I would also like to point out a few other things. The while loop will continue to loop until each row is displayed from the query (using mysql_fetch_object();).
Also, since we are displaying users input from the form, we can assume the worst by not trusting the input is valid. Hince, we use the function htmlspecialchars(); to disable any html. And remember to use stripslashes(); as well when displaying the data, because we addslashes(); when inserting the data.
In between showing the comments (if available) and displaying the form to add a comment- we will now determine if the submit button is pressed to add the comment. And if so, we will go through the process of validating input data, and inserting it into the table. Let us look at some of the code:
This code starts the condition that tests if the submit button is pressed, if so below we are checking if there is content in the input fields of the form. If there is not, the script ends with die(); indicating where the error is located.
Check Valid Contact Data
Immediately following the code above, we analyze the contact information. Contact information should be in the form of email or url of their website. This code will check if mailto: or http:// exists. And if it does not, we will add it onto whatever they typed. P.S: this method is borrowed from misterhaan. Look below:
Next we will execute code aimed at preventing multiple comments duing one setting. We run a query that selects comments matching their IP. Then check if the last comment was made within 5 minutes, if so- tell them to stop posting so fast, if not- allow the comment to fall through. Here is the code:
Inserting The Comment and Refreshing the Page
This is the final portion of the code. After this is complete, we display the form to submit a comment. Anyways, we will run an insert query to add the data. The submit button has been pressed, the input data has been validated, and we're all ready. After the insert query executes, we use header(); to refresh the page and show the poster their comment. Observe:
Notice we're using addslashes(); to insert the data into the database. And the values from the form submission are available through $_POST. The input fields are assigned a name, and we put that name inside $_POST to access it specifically.
*Note: Notice the article id is accessed by $_GET. That is because in this situation, the article id number is available in the URL, like this: site.com/article.php?id=XXX .
And at the end, is where we're refreshing the page. If this does not work for you, you might try using, ob_start(); at the top of your script. This might fix a reload problem - should it arise. At the end you see, "#comments". This is an anchor name I setup in the code of the article where I put the code to insert comments for that page. So by adding this to the end of the header(); it will refresh down to comments by the anchor. That is basic HTML.
Displaying the Form
We are nearing the end, and this is our last portion of code. Under the condition that checks if the submit button is pressed, this is our "else" part. Its not pressed, so we display the form. Here is the first part:
In the code above, you see the else part of the condition to begin displaying the form, and the html which starts the form and where we declare our hidden fields. We have three hidden fields: page, date and time. These fields are not shown to the user, we use them internally to get that data. The data is inserted in the value property with PHP.
Displaying the Form Continued...
This is the rest of the form, which goes immediatley under the code displayed above. It is simply a table with form elements for the user to input data. Again, you can add colors and formatting later, this is basically what you will need.
You can cut and paste each of all the code sniplets within this tutorial, or you can get the entire script from the code samples area. To view it, follow the link below:
Comments Script Code
There we have it. I've walked you through step by step of creating a comments system for your website. With this comments script, it is run easily through a database, and can have comments on countless pages. If you have a users system, then it will be very easy for you to see if they're logged in and display their member name in the username field. I hope this tutorial has served you well! Enjoy-
bs0d | www.allsyntax.com
No Comments for this page.