Page 1 of 1

I can't, for the life of me figure out what went wrong...

Posted: Wed Jun 03, 2009 9:32 pm
by Loki
I don't even remember changing anything... but for some reason, this page wont show anything past the first if statement. It doesn't seem to be a problem with the header, since if I add an echo statement after the include, and before the if, it shows up.

here's the page, please ignore the messy, unsecure code and lack of descriptive comments, I'm pretty inexperienced.

Code: Select all

 
<?php
include('includes/header.php');
if($isLogin != 1) {
    NULL;
} else {
 
    if(isset($_POST['submit'])) {
        //validate the forum
        $doesExist = doesExist($_POST['thread'], "threads", "id");
    
        if($doesExist == 0) {
            //invalid forum error
            echo "You either don't have permission to post in this thread, or it doesn't exist!";
        } else {
    
            $doesExist = doesExist($_POST['reply'], "replies", "id");
        
            if($_POST['reply'] == "thread") {
                $doesExist = 1;
            }
        
            if($doesExist == 0) {
                //invalid forum error
                echo "You either don't have permission to reply to this post, or it doesn't exist!";
            } else {
        
                //sanitize subject and message
                $subject = sanitize($_POST['subject']);
                $message = sanitize($_POST['message']);
                $subject = strip_tags($subject);
                $message = strip_tags_attributes($message,'<blockquote><hr><br><strong><em><a><font><span><img>','href,style,color,src,alt,size');
        
                //get the date
                $date = date("j-n-Y g:i a");
        
                //send the message
                $query = "INSERT INTO replies VALUES(NULL, '" . $_POST['thread'] . "', '" . $_POST['reply'] . "', '" . $_COOKIE['greenuser'] . "', '" . $date . "', '" . $subject . "', '" . $message . "')";
                mysql_query($query) or die(mysql_error());
            
                $query2 = "UPDATE threads SET lastposter = '" . $_COOKIE['greenuser'] . "', lastpostdate = '" . $date . "', replies = replies +1 WHERE id = '" . $_POST['thread'] . "'";
                mysql_query($query2) or die(mysql_error());
            
                $query3 = "UPDATE profile SET posts = posts +1 WHERE id = '" . $_COOKIE['greenuser'] . "'";
                mysql_query($query3) or die(mysql_error());
                
                echo "<META http-equiv=\"refresh\" content=\"0;URL=thread.php?id=" . $_POST['thread'] . "#" . $_POST['reply'] . "\">";
            }
        }
    }
//get the message details
    $query4 = "SELECT * FROM threads WHERE id = '" . $_REQUEST['threadId'] . "'";
    $thread = mysql_fetch_array(mysql_query($query4)) or die(mysql_error());
    
//get the reply to details
    $query5 = "SELECT * FROM replies WHERE id = '" . $_REQUEST['replyToId'] . "'";
    $reply = mysql_fetch_array(mysql_query($query5)) or die(mysql_error());
    
    $getUser = getUser($reply['author']);
 
?>
<script type="text/javascript">
function quoteMessage(){
    var quote = document.getElementById('quote').value;
    document.getElementById('message').innerHTML = quote;
}
</script>
<br />
<input type="hidden" name="quote" id="quote" value="<?php echo "<blockquote><hr>" . $getUser['username'] . " wrote:<br />" . $reply['message'] . "<hr></blockquote>"; ?>" />
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" >
<input type="hidden" name="thread" value="<?php echo $_REQUEST['threadId']; ?>" />
<input type="hidden" name="reply" value="<?php echo $_REQUEST['replyToId']; ?>" />
<strong>Subj: </strong><input type="text" name="subject"  value="<?php echo $thread['subject']; ?>" /><br />
<strong>Message: </strong> <input type="button" onclick="quoteMessage()" value="Quote Message" /><br />
<textarea name="message" id="message" rows="20" cols="50"></textarea><br />
<input type="submit" name="submit" value="Post Thread" />
</form>
<?php
 
//end
}
?>
 

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 12:41 am
by requinix
Where does $isLogin come from?

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 1:14 am
by Loki
$isLogin comes from the checkLogin() function in the header.

I neglected to mention that changing the NULL; statement to an echo doesn't display anything either. Neither condition sets of the if statement are executed.

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 2:04 am
by requinix
Loki wrote:...wont show anything past the first if statement.
Loki wrote:...doesn't display anything either.
So are you getting some output or none at all?

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 5:34 am
by Loki
I can't get any output within the if statement, whatsoever, no matter which condition is met.

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 8:35 am
by Chalks
Can we see what's in includes/header.php?

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 7:06 pm
by Loki
Ok, I've figured out the problem lies here somewhere:

Code: Select all

 
//get the reply to details
    $query5 = "SELECT * FROM replies WHERE id = '" . $_REQUEST['replyToId'] . "'";
    $reply = mysql_fetch_array(mysql_query($query5)) or die(mysql_error());
 
Everything before this point will echo out, but everything after will not.

I just don't see a problem though.

Edit: I narrowed it down even more.

In fact, an echo statement placed before the $reply line displays.

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 7:35 pm
by requinix
How about you change that to what was probably intended:

Code: Select all

$reply = mysql_fetch_array(mysql_query($query5) or die(mysql_error()));

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 7:39 pm
by Loki
Changing that throws me this:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\green\reply.php on line 56

Re: I can't, for the life of me figure out what went wrong...

Posted: Thu Jun 04, 2009 10:18 pm
by requinix
Loki wrote:Changing that throws me this:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\green\reply.php on line 56
Huh, for some reason I thought that would work. Exactly how escapes me at the moment.

The point was to have code equivalent to this:

Code: Select all

$result5 = mysql_query($query5) or die(mysql_error());
$reply = mysql_fetch_array($result5);

Re: I can't, for the life of me figure out what went wrong...

Posted: Fri Jun 05, 2009 3:46 pm
by Loki
Well that resolves the invalid argument error, but the blank page is still there.

Re: I can't, for the life of me figure out what went wrong...

Posted: Fri Jun 05, 2009 3:50 pm
by Loki
Ah, I found the problem.

I have the system set up so that if a reply is to the first post in a thread, the "replyToId" variable is "thread" instead of the post id.

I solved it by writing this statement:

Code: Select all

 
    if($_REQUEST['replyToId'] == "thread") {
        $replyToId = $thread['id'];
    } else {
        $replyToId = $_REQUEST['replyToId'];
    }