Trying to make a php forum


#1

Hey guys!

I am trying to create a php forum by watching this tutorial but I have the following error on my page but can’t figure out what is wrong:

I have the following error:

image

But I have sql error:

<?php
include_once 'header.php';

if (!isset($_SESSION['u_uid'])) {
	header("Location: index.php?view_category=notlogin");
	exit();
} else {
	include_once 'includes/dbh.php';
	$cid = $_GET['cid'];
	$logged = "  <a href='create_topic.php?cid=".$cid."'>Click here to create a topic</a>";
   
}


$limit = 1;



$sql = "SELECT id FROM categories WHERE id= ? LIMIT =?";

$stmt = mysqli_stmt_init($conn);

	if (!mysqli_stmt_prepare($stmt, $sql)) {
	   echo 'SQL error';
	   
	} else {
	    mysqli_stmt_bind_param($stmt, "ii", $cid, $limit);
	    mysqli_stmt_execute($stmt);
	    $result = mysqli_stmt_get_result($stmt);
	    $resultCheck = mysqli_num_rows($result);

	    if ($resultCheck ==1) {
            $sql2 = "SELECT * FROM topics WHERE category_id= ? ORDER BY topic_reply_date DESC;";
            $stmt = mysqli_stmt_init($conn);

	if (!mysqli_stmt_prepare($stmt, $sql2)) {
	   echo 'SQL error';
	   
	} else {
	    mysqli_stmt_bind_param($stmt, "i", $cid);
	     mysqli_stmt_execute($stmt);
	    $result2 = mysqli_stmt_get_result($stmt);
	    $resultCheck2 = mysqli_num_rows($result2);



	    if ($resultCheck2 > 0) {
           $topics .= "<table width='100%' style='border-collapse: collapse:'>";
           $topics .= "<tr><td colspan='3'><a href='forum.php'>Return to Forum Index</a>".$logged."</td></tr>";
           $topics .= "<tr style='background-color: #dddddd:'><td>Topic Title</td>><td width='65' align='center'>Replies</td><td width='65' align='center'>Views</td></tr>";
           $topics .= "<tr><td colspan='3'><hr></td></tr>";

           while ($row = mysqli_fetch_assoc($result2)) {
              $tid = $row['id'];
              $title = $row['topic_title'];
              $views = $row['topic_views'];
              $date = $row['topic_date'];
              $creator = $row['topic_creator'];
              $topics .= "<tr><td><a href='view_topic.php?cid=".$cid."&tid=".$tid."'>".$title."</a><br /><span class='post_info'>Posted by: ".$creator." on ".$date."</span></td><td align='center'>0</td><td align='center'>".$views."</td></tr>";
              $topics .= "<tr><td colspan='3'><hr /></td></tr>";
           }
           $topics .= "</table>";
           echo $topics;
	    } else {
	    	echo "<a href='header.php'>Return to the Forum page</a>";
	    	echo "<p> There are no topics in this Category yet.".$logged."</p>";
	    }
	    } 
	    }else {
	    	echo "<a href='header.php'>Return to the Forum page</a>";
	    	echo "<p> You are trying to view a catebory that does not exists yet.</p>";
	}
}




#2

This is the problem with following along with something you see on the web. You are not actually learning the meaning of what you are doing, so, when it doesn’t work or produces errors, you have no idea what to do to fix it. You are just learning to mimic/ape the things you see.

Whoever ‘designed’ this logic forgot, or never learned in the first place, to define/initialize a variable before concatenating further strings with it.


#3

I know what you mean but I guess for some of us who don’t have much time to learn, it does help a bit… I got it to work with my query and found out that I don’t need an equal sign but now I am getting this error:

image

<?php
include_once 'header.php';

if (!isset($_SESSION['u_uid'])) {
	header("Location: index.php?view_category=notlogin");
	exit();
} else {
	include_once 'includes/dbh.php';
	$cid = $_GET['cid'];
	$logged = "  <a href='create_topic.php?cid=".$cid."'>Click here to create a topic</a>";
   
}


$limit = 1;



$sql = "SELECT id FROM categories WHERE id= ? LIMIT ?";

$stmt = mysqli_stmt_init($conn);

	if (!mysqli_stmt_prepare($stmt, $sql)) {
	   echo 'SQL error';
	   
	} else {
	    mysqli_stmt_bind_param($stmt, "ii", $cid, $limit);
	    mysqli_stmt_execute($stmt);
	    $result = mysqli_stmt_get_result($stmt);
	    $resultCheck = mysqli_num_rows($result);

	    if ($resultCheck ==1) {
            $sql2 = "SELECT * FROM topics WHERE category_id= ? ORDER BY topic_reply_date DESC;";
            $stmt = mysqli_stmt_init($conn);

	if (!mysqli_stmt_prepare($stmt, $sql2)) {
	   echo 'SQL error';
	   
	} else {
	    mysqli_stmt_bind_param($stmt, "i", $cid);
	     mysqli_stmt_execute($stmt);
	    $result2 = mysqli_stmt_get_result($stmt);
	    $resultCheck2 = mysqli_num_rows($result2);



	    if ($resultCheck2 > 0) {
           $topics .= "<table width='100%' style='border-collapse: collapse:'>";
           $topics .= "<tr><td colspan='3'><a href='forum.php'>Return to Forum Index</a>".$logged."</td></tr>";
           $topics .= "<tr style='background-color: #dddddd:'><td>Topic Title</td>><td width='65' align='center'>Replies</td><td width='65' align='center'>Views</td></tr>";
           $topics .= "<tr><td colspan='3'><hr></td></tr>";

           while ($row = mysqli_fetch_assoc($result2)) {
              $tid = $row['id'];
              $title = $row['topic_title'];
              $views = $row['topic_views'];
              $date = $row['topic_date'];
              $creator = $row['topic_creator'];
              $topics .= "<tr><td><a href='view_topic.php?cid=".$cid."&tid=".$tid."'>".$title."</a><br /><span class='post_info'>Posted by: ".$creator." on ".$date."</span></td><td align='center'>0</td><td align='center'>".$views."</td></tr>";
              $topics .= "<tr><td colspan='3'><hr /></td></tr>";
           }
           $topics .= "</table>";
           echo $topics;
	    } else {
	    	echo "<a href='header.php'>Return to the Forum page</a>";
	    	echo "<p> There are no topics in this Category yet.".$logged."</p>";
	    }
	    } 
	    }else {
	    	echo "<a href='header.php'>Return to the Forum page</a>";
	    	echo "<p> You are trying to view a catebory that does not exists yet.</p>";
	}
}



#4

The error in the two screen shots is the same. There is no sql error in the first screen shot. If you are getting an error, why don’t you paste the actual error text you want us to look at in the forum post.


#5

This is the error page but I found out that you don’t need an equal sign after Limit… and it works:

image

if I changed the query to the following, then it does work:

$sql = “SELECT id FROM categories WHERE id= ? LIMIT ?”;


#6

Well, you programmed it to display SQL-error. So, it did. Perhaps you should have it also show the error.
Perhaps change the error display to be more like this:
echo "SQL Error: " . htmlspecialchars($mysqli->error);

Then, you can read the actually error and figure out the issues… good luck!


#7

Okay, I will give you some more help… Queries where there are optional filters need to include the correct formatting. Therefore look at your code “WHERE id= ? LIMIT =?”;"… You are missing the AND…

So, either you want to check two fields id and LIMIT but forgot the AND or you want to limit the number of returned records. If you want that, there is no “=” in the LIMIT clause…

WHERE id=? AND LIMIT=?
OR
WHERE id=? LIMIT ?


#8

Given that the original sql query you started with didn’t have an equal sign at that point, and it worked, why did you add it?

For that matter, why did you change the literal 1 in the query to be a prepared query place-holder? For literal values, there’s no point in adding the extra syntax and code.

BTW - since the id column in the categories table is or should be a primary index, the LIMIT 1 in the query is pointless. If the query finds a row with the matching id value, it does so directly by the index, and the LIMIT 1 is just unnecessary clutter.


#9

Thanks and you are correct that i was printing out the error because he was using mysql query instead of prepared statement… i was doing more steps than necessary


#10

It’s easy then. You use something already there rather than writing your own. Since you don’t have time to learn…