0

I am creating a social site and I am trying to add a comment under a post.

When I try to add it from the comment_frame.php(where all of the comment code is) the comment uploads properly. But when I try to add a comment from the index.php page to the comment_frame.php page, nothing goes into the database and I don't get any errors. My code is below.

comment_frame.php(the code that works):

$post_id = $_POST['post_id'] ?? 0;

<form class='comment_frame.php' id='single_form' name='postComment<?php echo $post_id; ?>' 
    method='POST'>

    <textarea name='post_body' rows="3" placeholder='Write a comment...'></textarea>

    <input type='submit' name='postComment<?php echo $post_id; ?>' value='Post'>

</form>

if(isset($_POST['postComment' . $post_id])) {

        if (empty($_POST["post_body"])) {

            // echo "Comment can't be empty";
            echo "Comment can't be empty. <a href=".$_SERVER['HTTP_REFERER'].">Try Again</a>";
            //die() also terminates the script with display the message.
            exit();
        }

        $post_body = trim(strip_tags(filter_var($_POST['post_body'], FILTER_SANITIZE_STRING)));

        $stmt = $con->prepare("INSERT INTO comments (post_body, posted_by, posted_to, post_id) 
        VALUES (?, ?, ?, ?)");
        $stmt->bind_param("sssi", $post_body, $userLoggedIn, $posted_to, $post_id);
        $stmt->execute();

        if($posted_to != $userLoggedIn) {

            $notification = new Notification($con, $userLoggedIn);
            $notification->insertNotification($post_id, $posted_to, 'comment');
        }

            $get_commenters = $con->prepare('SELECT post_body, posted_by, posted_to, date_added 
                FROM comments WHERE post_id = ? ORDER BY date_added DESC');

            $get_commenters->bind_param("i", $post_id);
            $get_commenters->execute();
            $get_commenters->bind_result($post_body, $posted_by, $posted_to, $date_added);
            $get_commenters_result = $get_commenters->get_result();
            $notified_users = array();

            while ($row = $get_commenters_result->fetch_assoc()) {

            if($row['posted_by'] != $posted_to && $row['posted_by'] != $user_to 
                && $row['posted_by'] != $userLoggedIn && !in_array($row['posted_by'], $notified_users)) {

                $notification = new Notification($con, $userLoggedIn);
                $notification->insertNotification($post_id, $row['posted_by'], "comment_non_owner");

                array_push($notified_users, $row['posted_by']);
            }
        }
    }

The code that doesn't work:

index.php:

<div class='comment_div'>

                            <form target='frame' class='comment_frame.php?post_id=$post_id' 
                            id='comment_form' name='postComment" . $post_id . "' 
                            method='POST'>

                                <textarea name='post_body' placeholder='Write a comment...'></textarea>

                                <input type='submit' name='postComment" . $post_id . "' 
                                value='". $post_id ."'>

                            </form>

                        </div>

comment_frame.php:

$post_id = $_POST['post_id'] ?? 0;

if(isset($_POST['postComment' . $post_id])) {

        if (empty($_POST["post_body"])) {

            // echo "Comment can't be empty";
            echo "Comment can't be empty. <a href=".$_SERVER['HTTP_REFERER'].">Try Again</a>";
            //die() also terminates the script with display the message.
            exit();
        }

        $post_body = trim(strip_tags(filter_var($_POST['post_body'], FILTER_SANITIZE_STRING)));

        $stmt = $con->prepare("INSERT INTO comments (post_body, posted_by, posted_to, post_id) 
        VALUES (?, ?, ?, ?)");
        $stmt->bind_param("sssi", $post_body, $userLoggedIn, $posted_to, $post_id);
        $stmt->execute();

        if($posted_to != $userLoggedIn) {

            $notification = new Notification($con, $userLoggedIn);
            $notification->insertNotification($post_id, $posted_to, 'comment');
        }

            $get_commenters = $con->prepare('SELECT post_body, posted_by, posted_to, date_added 
                FROM comments WHERE post_id = ? ORDER BY date_added DESC');

            $get_commenters->bind_param("i", $post_id);
            $get_commenters->execute();
            $get_commenters->bind_result($post_body, $posted_by, $posted_to, $date_added);
            $get_commenters_result = $get_commenters->get_result();
            $notified_users = array();

            while ($row = $get_commenters_result->fetch_assoc()) {

            if($row['posted_by'] != $posted_to && $row['posted_by'] != $user_to 
                && $row['posted_by'] != $userLoggedIn && !in_array($row['posted_by'], $notified_users)) {

                $notification = new Notification($con, $userLoggedIn);
                $notification->insertNotification($post_id, $row['posted_by'], "comment_non_owner");

                array_push($notified_users, $row['posted_by']);
            }
        }
    }
Improve this question
15
  • 1
    It would be useful for you to identify the problem more specifically. That a script doesn't work is a bit broad. Have you checked what does work and where it fails/doesn't do as you expect. Commented Sep 12, 2021 at 6:45
  • 1
    action is right. You are making this request as GET, Since passing ?post_id=$post_id Commented Sep 12, 2021 at 6:48
  • 1
    Try passing post_Id in input type hidden Commented Sep 12, 2021 at 6:50
  • 1
    @Dharman I don't see anywhere that says it's deprecated. Commented Sep 12, 2021 at 19:46
  • 1
    @sirtoby It's deprecated in PHP 8.1. It hasn't been released yet, but I am already warning you that this filter is basically meaningless and it will be removed soon. Commented Sep 12, 2021 at 19:52

2 Answers 2

Reset to default
2

Instead of class in form tag use action attribute. <form target='frame' class='comment_frame.php..., use <form action='comment_frame.php'...

<form target='frame' action='comment_frame.php?post_id=$post_id' 
                        id='comment_form' name='postComment" . $post_id . "' 
                        method='POST'>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

-1

try this

//put this code in the index.php

    <form action="comment_frame.php"  id='single_form' name='postComment' 
        method='POST'>
        
        <input type="hidden" value="<?php echo $post_id; ?>" name="post_id">
        <textarea name='post_body' required rows="3" placeholder='Write a comment...'></textarea>
    
        <input type='submit' name='postComment<?php echo $post_id; ?>' value='Post'>
    
    </form>
    
    //put this code in the comment_frame.php
    
    $post_id = $_POST['post_id'];
    
    if(isset($_POST['postComment' . $post_id])) {
    
            if (empty($_POST["post_body"])) {
    
                // echo "Comment can't be empty";
                echo "Comment can't be empty. <a href=".$_SERVER['HTTP_REFERER'].">Try Again</a>";
                //die() also terminates the script with display the message.
                exit();
            }
    
            $post_body = trim(strip_tags(filter_var($_POST['post_body'], FILTER_SANITIZE_STRING)));
    
            $stmt = $con->prepare("INSERT INTO comments (post_body, posted_by, posted_to, post_id) 
            VALUES (?, ?, ?, ?)");
            $stmt->bind_param("sssi", $post_body, $userLoggedIn, $posted_to, $post_id);
            $stmt->execute();
    
            if($posted_to != $userLoggedIn) {
    
                $notification = new Notification($con, $userLoggedIn);
                $notification->insertNotification($post_id, $posted_to, 'comment');
            }
    
                $get_commenters = $con->prepare('SELECT post_body, posted_by, posted_to, date_added 
                    FROM comments WHERE post_id = ? ORDER BY date_added DESC');
    
                $get_commenters->bind_param("i", $post_id);
                $get_commenters->execute();
                $get_commenters->bind_result($post_body, $posted_by, $posted_to, $date_added);
                $get_commenters_result = $get_commenters->get_result();
                $notified_users = array();
    
                while ($row = $get_commenters_result->fetch_assoc()) {
    
                if($row['posted_by'] != $posted_to && $row['posted_by'] != $user_to 
                    && $row['posted_by'] != $userLoggedIn && !in_array($row['posted_by'], $notified_users)) {
    
                    $notification = new Notification($con, $userLoggedIn);
                    $notification->insertNotification($post_id, $row['posted_by'], "comment_non_owner");
    
                    array_push($notified_users, $row['posted_by']);
                }
        }
    }
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.