Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Php language , comment system

  1. May 19, 2013 #1
    i am making a comment system using dreamweaver and mysql ,
    and the data i wrote it in the text area didnt not save in the mysql _db ,
    below the index page contain the general fourm to let the user write comment
    and post_comment.php to send the data
    can you help me why the data didnt send to my db ??




    $find_comments = mysql_query("SELECT * FROM comments ");
    while($row = mysql_fetch_assoc ($find_comments))
    $comment_name = $row['name'];
    $comment = $row['comments'];
    echo "$comment_name - $comment <p>";
    echo "<p>100 character limit";

    <form actio="post_comment.php" method="POST">
    <input type="text" name="name" value="your name"><br>
    <textarea name="comment" cols="50" rows="2" >enter a comment </textarea>
    <input type="submit" value="comment">



    $con = mysql_connect("localhost","root","");

    $name = $_POST["username"];
    $comment =$_POST["comments"];
    $comment_length = strlen($comment);
    if($comment_length > 100)
    header("location: index.php?error=1");
    $sql="INSERT INTO comments VALUES('$name','$comment')";
    header("location: index.php");

  2. jcsd
  3. May 19, 2013 #2


    User Avatar
    Science Advisor
    Homework Helper

    Code (Text):
    $sql="INSERT INTO comments VALUES('$name','$comment')";
    Because you did not execute the sql? Don't you need to mysql_execute() it?

    Also note that I can now **** up your database by entering the following comment
    Code (Text):
    '); DELETE * FROM comments; INSERT INTO comments VALUES('You', 'have been hacked
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook