From post.php does not add the author to the database, in index.php , respectively, does not receive the message


  <?php include '../core/init.php'; $id = (int)$_GET['user_id']; if($id == 0) exit('Ид пользователя не передан'); $row = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `user_id`='".$id."'")); if(!isset($row['user_id'])) exit('Пользователя в базе нет'); echo '<img width = 120 height=150 src="../' . $row['profile'] . '"/>'; if (isset($_GET['user_id'])) {$id =$_GET['user_id']; } else { exit("Вы зашил на страницу без параметра!");} if (!preg_match("|^[\d]+$|", $id)) { exit("<p>Неверный формат запроса! Проверьте URL</p>"); } $result = mysql_query("SELECT * FROM `users` WHERE `user_id`='$id'"); $myrow = mysql_fetch_array($result); if (empty($myrow['username'])) { exit("Пользователя не существует! Возможно он был удален.");} ?> <html> <head> <title><?php echo $myrow['username']; ?></title> </head> <body> <h2>Пользователь "<?php echo $myrow['username']; ?>"</h2> <?php print <<<HERE <br>|<a href='../index.php'>Моя страница</a></br> HERE; if ($myrow['username'] == $login) { print <<<HERE <h2>Личные сообщения:</h2> HERE; $tmp = mysql_query("SELECT * FROM `messages` WHERE `poluchatel`='$login' ORDER BY `user_id` DESC"); $messages = mysql_fetch_array($tmp); if (!empty($messages['user_id'])) { do { $author = $messages['author']; printf(" <table> <tr> <td>Автор: <a href='user/index.php?user_id=%s'>%s</a><br> Дата: %s<br> Сообщение:<br> %s<br> </td> </tr> </table><br> ",$author,$messages['date'],$messages['text'],$messages['user_id']); } while($messages = mysql_fetch_array($tmp)); } else { echo "Сообщений нет"; } } else { print <<<HERE <form action='post.php' method='post'> <br> <h2>Отправить Ваше сообщение:</h2> <textarea cols='43' rows='4' name='text'></textarea><br> <input type='hidden' name='poluchatel' value='$myrow[username]'> <input type='hidden' name='user_id' value='$myrow[user_id]'> <input type='submit' name='submit' value='Отправить'> </form> HERE; } ?> </body> </html> 


  <?php include '../core/init.php'; protect_page(); $login = $_POST['username']; $result2 = mysql_query("SELECT `user_id` FROM `users` WHERE `username`='$login'"); $myrow2 = mysql_fetch_array($result2); if (isset($_POST['user_id'])) { $id = $_POST['user_id'];} if (isset($_POST['text'])) { $text = $_POST['text'];} if (isset($_POST['poluchatel'])) { $poluchatel = $_POST['poluchatel'];} $author = $_POST['author']; $date = date("Ymd"); $text = stripslashes($text); $text = htmlspecialchars($text); $result2 = mysql_query("INSERT INTO `messages` (`author`, `poluchatel`, `date`, `text`) VALUES ('$author','$poluchatel','$date','$text')"); echo "<html><head><meta http-equiv='Refresh' content='1; URL=index.php?user_id=".$id."'></head></html>"; ?> 
  • one
    My advice to you is to quickly get an answer, give the code a normal view . I think that not only me, but also others, a bummer to rake this mess. - Deonis
  • He is a normal type, maybe it's just too big for someone? - LLIAKAJI
  • 2
    Throw out the courses of pop - johniek_comp

2 answers 2

Add one more input after

 <textarea cols='43' rows='4' name='text'></textarea> 


 <input type='text' name='author' value='Я аффтор'> 

And yes, throw these courses away.

    You can be angry at criticism or you can treat it as good advice, but as long as you follow the courses of Popov, spitting in the direction of your code will never stop.

    I cannot check your code in action, I can’t also bring it to a perfect view, but try changing it like this:


     <?php include '../core/init.php'; $id = (int)$_GET['user_id']; if($id == 0){ exit('Ид пользователя не передан'); } else { $query = "SELECT * FROM `users` WHERE `user_id`='".$id."'"; $res = mysql_query($query); if(mysql_num_rows($res) > 0){ $row = mysql_fetch_assoc($res); echo '<img width = 120 height=150 src="../' . $row['profile'] . '"/>'; } else { exit('Пользователя не существует! Возможно он был удален.'); } } ?> <html> <head> <title><?php echo $row['username']; ?></title> </head> <body> <h2>Пользователь "<?php echo $row['username']; ?>"</h2> <?php echo "<br>|<a href='../index.php'>Моя страница</a></br>"; if ($row['username'] == $login) { echo "<h2>Личные сообщения:</h2>"; $query = "SELECT * FROM `messages` WHERE `poluchatel`='$login' ORDER BY `user_id` DESC"; $tmp = mysql_query($query); if (mysql_num_rows($tmp) > 0) { while($messages = mysql_fetch_assoc($tmp)) { $author = $messages['author']; printf("<table> <tr> <td> Автор: <a href='user/index.php?user_id=%s'>%s</a><br> Дата: %s<br> Сообщение:<br> %s<br> </td> </tr> </table><br>",$author,$messages['date'],$messages['text'],$messages['user_id']); } } else { echo "Сообщений нет"; } } else { echo "<form action='post.php' method='post'><br> <h2>Отправить Ваше сообщение:</h2> <textarea cols='43' rows='4' name='text'></textarea><br> <input type='hidden' name='poluchatel' value='$row[username]'> <input type='hidden' name='user_id' value='$row[user_id]'> <input type='hidden' name='author' value='ПУШКИН'> <input type='submit' name='submit' value='Отправить'> </form>"; } ?> </body> </html> 


     <?php include '../core/init.php'; protect_page(); $login = mysql_real_escape_string($_POST['username']); // не знаю, зачем этот запрос, но вам виднее $query = "SELECT `user_id` FROM `users` WHERE `username`='$login'"; $result2 = mysql_query($query); $myrow2 = mysql_fetch_array($result2); if (!empty($_POST['user_id'])) $id = (int)$_POST['user_id']; if (!empty($_POST['author'])) $author = $_POST['author']; if (!empty($_POST['poluchatel'])) $poluchatel = $_POST['poluchatel']; if (!empty($_POST['text'])) $text = $_POST['text']; $date = date("Ymd"); if (isset($id, $author, $poluchatel,$text)) { $query = "INSERT INTO `messages` (`author`, `poluchatel`, `date`, `text`) VALUES ('".mysql_real_escape_string($author)."', '".mysql_real_escape_string($poluchatel)."', '".mysql_real_escape_string($text)."', '$date')"; $result2 = mysql_query($query); if($result2) { echo "<html><head><meta http-equiv='Refresh' content='1; URL=index.php?user_id=".$id."'></head></html>"; } else { echo '<p>Ошибка! '.mysql_error().'</p>Запрос: '.$query; exit(); } } ?> 

    If you get an error, tell us about it.

    • what miracles are then added to the author in the database ???????, the date is in the text, the date remains as determined, and there are no messages as before - LLIAKAJI
    • I fixed the date and text with the jamb, but the rest is still the same - LLIAKAJI
    • @LLIAKAJI, MDE ... Determining where you might have a mistake, not seeing the whole picture, is very difficult. Oh ... Pack your site with a database dump and put it somewhere. Otherwise, it's just poking your finger into the sky ... I will help only if you promise that Popov’s courses are a floppy, and a good book on programming is in hand. - Deonis
    • what is determined? I clearly and clearly wrote that I fixed one problem, and Popov, Pupkin, Vasechkin gave me the main thing that worked, everything worked on another site, I just peredral - LLIAKAJI