member comments

im having problems getting my comments submit box to show when users are logged in. and when a user is not logged in comments submitted are viewable but guests cannot comment unless they register. this is what i got. i think i got my IF and ELSE wrong can soemone help me correct this problem please.

[code] <?php

require_once (‘connect database’);

//query comments for this page of this article
$inf = “SELECT * FROM comments WHERE page = '”.stripslashes($_SERVER[‘REQUEST_URI’])."’ ORDER BY time ASC";
$info = mysql_query($inf);
if(!$info) die(mysql_error());

$info_rows = mysql_num_rows($info);
if($info_rows > 0) {
echo ‘

echo ‘’;

while($info2 = mysql_fetch_object($info)) {
echo ‘

echo ‘’;
echo ‘’;
echo ’';
echo ‘’;
}//end while
echo ‘
"’.stripslashes($info2->subject).’" by: ‘.stripslashes($info2->username).’
@ ‘.date(‘h:i:s a’, $info2->time).’ on ‘.$info2->date.’
echo ‘
} else echo ‘

if(isset($_POST[‘submit’])) {
if(!addslashes($_POST[‘username’])) die(‘ERROR: you must enter a username to add a comment.’);
if(!addslashes($_POST[‘contact’])) die(‘ERROR: enter contact method in contact field.’);
if(!addslashes($_POST[‘subject’])) die(‘ERROR: enter a subject to your comment.’);
if(!addslashes($_POST[‘comment’])) die(‘ERROR: cannot add comment if you do not enter one!?’);

//this is for a valid contact
if(substr($_POST[‘contact’],0,7) != ‘mailto:’ && !strstr($_POST[‘contact’],’//’)) {
$_POST[‘contact’] = “mailto:”.$_POST[‘contact’]."";
$_POST[‘contact’] = “http://”.$_POST[‘contact’]."";
} //end valid contact

//try to prevent multiple posts and flooding…
$c = “SELECT * from comments WHERE ip = '”.$_SERVER[‘REMOTE_ADDR’]."’";
$c2 = mysql_query($c);
while($c3 = mysql_fetch_object($c2)) {
$difference = time() - $c3->time;
if($difference < 300) die(‘ALERT: ‘.$c3->username.’, You have already commented earlier!
} //end while

//add comment
$q =“INSERT INTO comments (article_id, page, date, time, username, ip, contact, subject, comment) VALUES (’”.$_GET[‘id’]."’, ‘".$_POST[‘page’]."’, ‘".$_POST[‘date’]."’, ‘".$_POST[‘time’]."’, ‘".addslashes(htmlspecialchars($_POST[‘username’]))."’, ‘".$_SERVER[‘REMOTE_ADDR’]."’, ‘".addslashes(htmlspecialchars($_POST[‘contact’]))."’, ‘".addslashes(htmlspecialchars($_POST[‘subject’]))."’, ‘".addslashes(htmlspecialchars(nl2br($_POST[‘comment’])))."’)";

$q2 = mysql_query($q);
if(!$q2) die(mysql_error());

//refresh page so they can see new comment
header('Location: http://. $_SERVER[‘HTTP_HOST’] . $_POST[‘page’] . “#comments”);

//user must be logged in
if($_SESSION[‘logged_in’] == 1)



Leave a Reply

(email or url)
<?php } else { if($_SESSION['logged_in'] == 0) echo ('You must be a registered member to comment'); } } ?>


I don’t see a problem so far. What’s going wrong?

the comments box wont show when not logged in and even when logged in it stays hidden. and i wanted the echo to say “Please Register or Login To Leave Comment” when member is not logged in, but no echo will show.

this is what i have at the top of my page.

session_start( );
require_once($_SERVER['DOCUMENT_ROOT'].'db connect');

//check cookie
 if ($_SESSION['logged_in'] != 1 && isset($_COOKIE['login_cookie'])) {
    list($user, $pass) = explode('[]', $_COOKIE['login_cookie']);
     $qu = mysql_query("SELECT `user_password` FROM `members` WHERE `username` = '".addslashes($user)."'");
    if (mysql_num_rows($qu) == 1) {
        $passw = mysql_fetch_object($qu);
        if ($passw->user_password == $pass) {
          $_SESSION['logged_in'] = 1;
           $_SESSION['username'] = $user;
            $_SESSION['password'] = $pass;

if(!isset($_SESSION['username']) && !isset($_SESSION['password'])) {
   $_SESSION['logged_in'] = 0;
   $user = "Guest"; 

I see that you’re using ob_start() at the top of your page. Are you using ob_end_flush or a similar flushing method call anywhere?

actually there is no ob end. should i place it at the page end? under the form…

Make sure you know what a function does ;) Don’t just use it because some tutorial told you. ob_start() buffers any and all output, so nothing gets sent to the client browser until you flush the buffer.

yeah ive read up on them. ob_end_flush() isn’t needed in most cases because it is called automatically at the end of script execution by PHP itself when output buffering is turned on either in the php.ini or by calling ob_start(). so i didnt think it was needed here but i’ve tried flushing and i still get the same outcome on the page.

Hmm, you’re right. I thought output buffering didn’t call an implicit flush at the end of the script, but it does. Have you tried using error_reporting(E_ALL)?

Sponsor our Newsletter | Privacy Policy | Terms of Service