Page 1 of 1

Most Simple Forum Script

Posted: Sat Oct 01, 2011 7:41 am
by 08jpurcell
Hope this is useful!
Just mod the obvious bits!
for help email 08jpurcell@gmail.com

Code: Select all

<?php 

/** 
 * Create the table in your MySQL database: 
 *  
 * CREATE TABLE Forum ( 
 *   id int(10) NOT NULL auto_increment, 
 *   Username varchar(50) NOT NULL, 
 *   Post varchar(255) NOT NULL, 
 *   PostTitle varchar(255) NOT NULL, 
 *   date timestamp(14) NOT NULL, 
 *   PRIMARY KEY (id) 
 * ) 
 *  
 * Change the database login settings to your own 
 *  
 * The script is now ready to run 
 */ 
$e = $_GET['Error'];
$p = $_GET['Post'];
// Change these to your own database settings 
$host = "TYPE HOST HERE"; 
$user = "TYPE DB USER HERE"; 
$pass = "TYPE DB PASSWORD HERE"; 
$db = "TYPE DB NAME HERE"; 

$thisfile = "?page=Forum";
mysql_connect($host, $user, $pass) OR die ("Could not connect to the server."); 
mysql_select_db($db) OR die("Could not connect to the database."); 
       
$title = stripslashes($_POST['txtName']); 
$message = stripslashes($_POST['txtMessage']); 

if (!isset($_POST['txtName'])) { 
    $query = "SELECT id, Username, Post, PostTitle, DATE_FORMAT(date, '%D %M, %Y @ %H:%i') as newdate FROM Forum ORDER BY id DESC"; 
    $result = mysql_query($query); 
     
    while ($row = mysql_fetch_object($result)) { 
    if ($p == "$row->id") {
       echo "$row->Post";
       echo "<br><br><a href='$thisfile'>Back</a>";
       die();
    }
?> 

<p><a href='<?php echo "$thisfile&Post=$row->id"; ?>'><strong><?php echo $row->PostTitle; ?></strong> 
<br />Posted by <?php echo $row->Username; ?> on <?php echo $row->newdate; ?></a></p> 

<?php 
         
    } 
     
?> 

<p>Post a message</p> 

<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> 
    <?
    if ($e == "1") {
       echo "<font color='red'><h2>No Title Set!</h2></font>";
    }
    if ($e == "2") {
       echo "<font color='red'><h2>No Content Set!</h2></font>";
    }
    if ($e == "1,2") {
       echo "<font color='red'><h2>No Title & Content Set!</h2></font>";
    }
    ?>
    <p><label for="txtName">Title:</label><br /> 
    <input type="text" title="Enter your name" name="txtName" /></p> 

    <p><label for="txtMessage">Your message:</label><br /> 
    <textarea title="Enter your message" name="txtMessage"></textarea></p> 
     
    <p><label title="Send your message"> 
    <input type="submit" value="Send" /></label></p> 
     
</form> 

<?php 

} 

else { 

    // Adds the new entry to the database 
    $query = "INSERT INTO Forum SET Post='$message', PostTitle='$title', Username='$session->username', date=NOW()"; 
    $result = mysql_query($query); 

    // Takes us back to the entries 
    $ref = $_SERVER['HTTP_REFERER']; 
    echo "<meta http-equiv='REFRESH' content='0;url=$thisfile'>";
} 

?>

Re: Most Simple Forum Script

Posted: Sat Oct 01, 2011 11:51 am
by twinedev
Issues I see (Some based upon what I feel the skill level would be for a person needing this script written for them)

1. Ok, this is more of a guestbook type script, not a forum. [edit] In looking at the code more, I see it isn't just displaying all posts by default, see #6 I just added
2. You give a comment that says to create a table, yet table and field names do not match what the code is set to use.
3. This script assumes certain things (like you on a server that sets magic quotes
4. Speaking of that, even with the above assumption, you strip out the slashes, that if were on by default, would have protected you from an SQL injection. As is, your script is wide open for it.
5. While a nice start definitely needs some work to be practical on a live site.
6. Method of finding posts is very inefficient, you grab all posts, and then loop through them to find a matching Post ID when this should have just been part of the actual query. (the more rows you get the worse this is)
7. You are using a $session->username, which isn't defined anywhere.

-Greg

Re: Most Simple Forum Script

Posted: Sat Oct 01, 2011 12:19 pm
by 08jpurcell
Yeah just reliased that my brain was not working, also I have found a couple of bug in the script. Im going to try to replace everything I wrote earlyer.

On top of that, in its current state it is a guestbook I guess, but not for long.

Re: Most Simple Forum Script

Posted: Sat Oct 01, 2011 10:29 pm
by egg82
Actually, i'm going to be doing a forum myself for my own website. This caught my attention. The problem with forums is that one php file simply isn't logical. If you're aiming for something that looks even somewhat good and works fairly well, you're going to need more than just one file. Unless of course you want to dig through thousands of lines of code (I have done this, it is not pleasant)

Ah, well... I'm going to dread the day I actually have to start on the code... Isn't procrastinating fun?

Re: Most Simple Forum Script

Posted: Sat Oct 01, 2011 10:43 pm
by twinedev
So what leads to the decision to code your own instead of using something that is already out there (ie. phpBB)? Just curious. I know myself, it is just the fun of doing it.

-Greg

Re: Most Simple Forum Script

Posted: Sat Oct 01, 2011 11:00 pm
by egg82
It is the fun of doing it, but it's also a learning experience.
That, and it has to be custom. Just the way my server's set up. Unfortunately nothing out there will match what i've built. :lol:

Re: Most Simple Forum Script

Posted: Sun Oct 02, 2011 3:36 am
by 08jpurcell
@twinedev , as egg82 quite rightly said its the fun & experiance that you gain from it!

also I realised that using 1 file is a bit crap, im currently writing "viewpost.php"

@egg82 , do you already have a login script on your server?

Re: Most Simple Forum Script

Posted: Sun Oct 02, 2011 11:31 am
by egg82
yeah, that was the easy part. The hard part was getting cookies and sessions to work together. Must have cookie before session. lol

Re: Most Simple Forum Script

Posted: Sun Oct 02, 2011 12:47 pm
by 08jpurcell
@egg82 , Im currently making a site for my school. Have a look here
url: http://ba-tools.x10.mx
user: ExternalTest
pass: 123456
It runs on a package that i made called phpworx (php works) it will soon be open source. If you want a copy of it let me know

Re: Most Simple Forum Script

Posted: Sun Oct 02, 2011 7:01 pm
by egg82
Nice! Quick tip: don't end your POST in index.php
End it in ./

It looks nicer, and it's (slightly) harder for hackers to guess

And why do you have a maximum mail count? (just curious)

Re: Most Simple Forum Script

Posted: Mon Oct 03, 2011 10:21 am
by 08jpurcell
Because I have a limit on the DB size, I am changing things around but atm it has a limit