im having problems getting my comments submit box to show when users are logged in. and when a user is not logged in comments submitted are viewable but guests cannot comment unless they register. this is what i got. i think i got my IF and ELSE wrong can soemone help me correct this problem please.
[code] <?php
require_once (‘connect database’);
//query comments for this page of this article
$inf = “SELECT * FROM comments
WHERE page = '”.stripslashes($_SERVER[‘REQUEST_URI’])."’ ORDER BY time ASC";
$info = mysql_query($inf);
if(!$info) die(mysql_error());
$info_rows = mysql_num_rows($info);
if($info_rows > 0) {
echo ‘
Comments:
’;echo ‘
"’.stripslashes($info2->subject).’" by: ‘.stripslashes($info2->username).’ | @ ‘.date(‘h:i:s a’, $info2->time).’ on ‘.$info2->date.’ | ’;
‘.stripslashes($info2->comment).’ | ';
echo ‘
’;
} else echo ‘
’;
if(isset($_POST[‘submit’])) {
if(!addslashes($_POST[‘username’])) die(‘ERROR: you must enter a username to add a comment.’);
if(!addslashes($_POST[‘contact’])) die(‘ERROR: enter contact method in contact field.’);
if(!addslashes($_POST[‘subject’])) die(‘ERROR: enter a subject to your comment.’);
if(!addslashes($_POST[‘comment’])) die(‘ERROR: cannot add comment if you do not enter one!?’);
//this is for a valid contact
if(substr($_POST[‘contact’],0,7) != ‘mailto:’ && !strstr($_POST[‘contact’],’//’)) {
if(strstr($_POST[‘contact’],’@’))
$_POST[‘contact’] = “mailto:”.$_POST[‘contact’]."";
else
$_POST[‘contact’] = “http://”.$_POST[‘contact’]."";
} //end valid contact
//try to prevent multiple posts and flooding…
$c = “SELECT * from comments
WHERE ip = '”.$_SERVER[‘REMOTE_ADDR’]."’";
$c2 = mysql_query($c);
while($c3 = mysql_fetch_object($c2)) {
$difference = time() - $c3->time;
if($difference < 300) die(‘ALERT: ‘.$c3->username.’, You have already commented earlier!
’);
} //end while
//add comment
$q =“INSERT INTO comments
(article_id, page, date, time, username, ip, contact, subject, comment) VALUES (’”.$_GET[‘id’]."’, ‘".$_POST[‘page’]."’, ‘".$_POST[‘date’]."’, ‘".$_POST[‘time’]."’, ‘".addslashes(htmlspecialchars($_POST[‘username’]))."’, ‘".$_SERVER[‘REMOTE_ADDR’]."’, ‘".addslashes(htmlspecialchars($_POST[‘contact’]))."’, ‘".addslashes(htmlspecialchars($_POST[‘subject’]))."’, ‘".addslashes(htmlspecialchars(nl2br($_POST[‘comment’])))."’)";
$q2 = mysql_query($q);
if(!$q2) die(mysql_error());
//refresh page so they can see new comment
header('Location: http://. $_SERVER[‘HTTP_HOST’] . $_POST[‘page’] . “#comments”);
//user must be logged in
if($_SESSION[‘logged_in’] == 1)
{
?>
Leave a Reply
">
Username: |
|
Contact: |
(email or url) | Subject: |
Comment: |
|
[/code]