Some error in making a comment box using PHP, MYSQL. Tried many times but couldnot correct

Question

0.00/5 (No votes)

See more:

I'm making a comment box in PHP, MYSQL. Have written the code. The problem is that comments are not getting displayed but its getting stored in the database. The name of the database is status, the name of the table is also status.The table has only one field, whose name is also status.

index.php

<html>
<body>

XML

<form method = "post" action = "process.php">
<textarea name = "data" rows = "3" cols = "80" > </textarea> &nbsp; &nbsp;

<input type = "submit" name = "post" value = "POST">
</form>

PHP

<?php

$dbc = mysqli_connect('localhost', 'dhruv', 'password', 'status') or die('Error connecting to databse') ;

$query = "SELECT * FROM status" ;

 $result = mysqli_query($dbc, $query) or die('error querying') ;

 while ($row = mysqli_fetch_array($result))
 {
  echo $_row['status'];
 }

mysqli_close($dbc) ;

?>

</body>
</html>

process.php

PHP

<?php

$dbc = mysqli_connect('localhost', 'dhruv', 'password', 'status') or die('Error connecting to databse') ;

$status = $_POST['data'] ;

$query = "INSERT INTO status (status)" . "VALUES('status')" ;

mysqli_query($dbc,$query) or die('error querying') ;

mysqli_close($dbc) ;

header( 'Location: index.php' ) ;

?>

I tried many times but couldnot find what is wrong here. Any help will be great.

Posted 4-Oct-13 22:06pm

IAM_Dhruv

Updated 4-Oct-13 22:16pm

v3

Add a Solution

2 solutions

Solution 2

Definitly $row[... not $_row[... How about $row[0] or is that the same as $row['status']?

Posted 5-Oct-13 2:04am

Jonathan Davies

Comments

IAM_Dhruv 5-Oct-13 11:01am

$row[...] works. That was the only reason why it was not showing the desired output. Thank you very much.

And as Akinmade Bond pointed above, I must keep in mind that the code is not vulnerable to SQL injection.

Jonathan Davies 5-Oct-13 11:19am

I've written a PHP MySQL comment and reply system myself a month ago, see http://www.jgdprojects.co.uk/codingcomments.htm if you're interested.

Akinmade Bond 5-Oct-13 14:16pm

Yes, $row[0] is the same as $row['status']

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Akinmade Bond · Accepted Answer · 2013-10-05T01:03:00

See here.

PHP

while ($row = mysqli_fetch_array($result))
 {
  //echo $_row['status']; //This would not work. Change this to
  echo $row['status'];
 }

That should work.

Other things to note.

Since you only need the column "status" in your query, it is best to only select that column, so your query should be

$query = "SELECT status FROM status";

Also, where you insert data into the database, you should filter or escape the content to prevent SQL Injection[^][^][^]

So, you should do something like

$status = htmlentities( $_POST['data', ENT_QUOTES );

and use prepared statements or ..

$query = sprintf( "INSERT INTO status ( status ) VALUES ( %s )", mysql_real_escape_string( $status ) );