Click here to Skip to main content
15,445,641 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I'm making a comment box in PHP, MYSQL. Have written the code. The problem is that comments are not getting displayed but its getting stored in the database. The name of the database is status, the name of the table is also status.The table has only one field, whose name is also status.


<form method = "post" action = "process.php">
<textarea name = "data" rows = "3" cols = "80" > </textarea> &nbsp; &nbsp;

<input type = "submit" name = "post" value = "POST">


$dbc = mysqli_connect('localhost', 'dhruv', 'password', 'status') or die('Error connecting to databse') ;

$query = "SELECT * FROM status" ;

 $result = mysqli_query($dbc, $query) or die('error querying') ;

 while ($row = mysqli_fetch_array($result))
  echo $_row['status'];

mysqli_close($dbc) ;





$dbc = mysqli_connect('localhost', 'dhruv', 'password', 'status') or die('Error connecting to databse') ;

$status = $_POST['data'] ;

$query = "INSERT INTO status (status)" . "VALUES('status')" ;

mysqli_query($dbc,$query) or die('error querying') ;

mysqli_close($dbc) ;

header( 'Location: index.php' ) ;


I tried many times but couldnot find what is wrong here. Any help will be great.
Updated 4-Oct-13 22:16pm

See here.
while ($row = mysqli_fetch_array($result))
  //echo $_row['status']; //This would not work. Change this to
  echo $row['status'];

That should work.

Other things to note.

Since you only need the column "status" in your query, it is best to only select that column, so your query should be

$query = "SELECT status FROM status";

Also, where you insert data into the database, you should filter or escape the content to prevent SQL Injection[^][^][^]

So, you should do something like

$status = htmlentities( $_POST['data', ENT_QUOTES );

and use prepared statements or ..

$query = sprintf( "INSERT INTO status ( status ) VALUES ( %s )", mysql_real_escape_string( $status ) );
Share this answer
IAM_Dhruv 5-Oct-13 10:58am    
Thank you very much for sparing time and helping. I got it. It works now. And got your other points too. I must keep it in mind.
Akinmade Bond 5-Oct-13 11:50am    
Happy to help.
Definitly $row[... not $_row[... How about $row[0] or is that the same as $row['status']?
Share this answer
IAM_Dhruv 5-Oct-13 11:01am     CRLF
$row[...] works. That was the only reason why it was not showing the desired output. Thank you very much. And as Akinmade Bond pointed above, I must keep in mind that the code is not vulnerable to SQL injection.
Jonathan Davies 5-Oct-13 11:19am    
I've written a PHP MySQL comment and reply system myself a month ago, see if you're interested.
Akinmade Bond 5-Oct-13 14:16pm    
Yes, $row[0] is the same as $row['status']

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900