little SQL help please

[Cabbit]

hiya im working on my test development http://test.jennifersplaygroup.co.uk now if you go to my stories page then click on any story and then on a comment it comes up a error

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/fhlinux169/t/test.jennifersplaygroup.co.uk/user/htdocs/includes/story_comments.php on line 23

I been looking though the code but can't seem to be able to find the error

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "database";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM `storys_comments` WHERE story_id = $id ORDER BY id DESC");
?>
<div id="globalNav"> 
<div>
<h2>Comments</h2>
  </div>
</div>
<div id="headlines">
</div>
<div id="content">
<div>
<?php
while ($row = mysql_fetch_array($sql, MYSQL_BOTH)) {
print nl2br($row[3]);
print "<br />By $row[2]<br /><hr><br />";
}
?>
</div>
</div>
<!-- end content -->
<div id="navBar">

 

[elppa]

$sql = mysql_query("SELECT * FROM `storys_comments` WHERE story_id = $id ORDER

That's your problem.

Should be something along the lines of, where fieldname is a name of the field in the table you want the info organised by:

$sql = mysql_query("SELECT * FROM `storys_comments` WHERE story_id = $id ORDER BY fieldname");

BTW get rid of your username, password and host unless that info is fake.

PS: I take it you got it working because I can see no error anymore.

 

[Cabbit]

That's your problem.

Should be something along the lines of, where fieldname is a name of the field in the table you want the info organised by:



BTW get rid of your username, password and host unless that info is fake.

PS: I take it you got it working because I can see no error anymore.

the error is still there, and it is set up with order correctly. the message says

<?php
while ($row = mysql_fetch_array($sql, MYSQL_BOTH)) {
print nl2br($row[3]);
print "<br />By $row[2]<br /><hr><br />";
}
?>

is were the problem is

 

[Thom_Edwards]

don't put quotes around storys_comments

 

[Cabbit]

don't put quotes around storys_comments

emm that hassent helped but thanks

 

[stndn]

I noticed you connected to the server twice:

$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);

You only need to connect once, especially since you'll be using the same database. But if you end up using different database, you might want to use different connections or you'll be doing mysql_select_db () often.

Anyway, looks like the error is down here:

while ($row = mysql_fetch_array($sql, MYSQL_BOTH)) {

Try changing it to:

while ($row = mysql_fetch_array ($sql, [b]$connection[/b])) {

The problem seems to be that your connection is using $server, but you are trying to fetch data using MYSQL_BOTH.

See if it fixes the problem.


-stndn.

 

[SMM]

I can give you the VB equivalent code that will work:

Yours:
"SELECT * FROM `storys_comments` WHERE story_id = $id ORDER BY id DESC"

VB:
"SELECT * FROM storys_comments WHERE story_id = " & id & " ORDER BY id DESC"

Not sure if your variable is ID, and the leading "$" means to concatenate. If so, you might just need to also concatenate your "ORDER BY" clause as well. You are passing this as a literal, correct?

 

[Cabbit]

I noticed you connected to the server twice:

$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);

You only need to connect once, especially since you'll be using the same database. But if you end up using different database, you might want to use different connections or you'll be doing mysql_select_db () often.

Anyway, looks like the error is down here:

while ($row = mysql_fetch_array($sql, MYSQL_BOTH)) {

Try changing it to:

while ($row = mysql_fetch_array ($sql, [b]$connection[/b])) {

The problem seems to be that your connection is using $server, but you are trying to fetch data using MYSQL_BOTH.

See if it fixes the problem.


-stndn.

now tells me there is a syntax error an unexpected [ someware

 

[janey]

now tells me there is a syntax error an unexpected [ someware

the reply was a bit messed up by the BBCode. Try this:

while ($row = mysql_fetch_array ($sql, $connection)) {

 

[stndn]

Oopss... sorry
I didn't know the php tag won't parse the [ b ] to bold.

It's left as is, that's why you got the parse error there..

What I really meant was:
while ($row = mysql_fetch_array ($sql, $connection)) {

Try it again and see if it works..


-stndn.

 

[Cabbit]

Oopss... sorry
I didn't know the php tag won't parse the [ b ] to bold.

It's left as is, that's why you got the parse error there..

What I really meant was:
while ($row = mysql_fetch_array ($sql, $connection)) {

Try it again and see if it works..


-stndn.

error

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/fhlinux169/t/test.jennifersplaygroup.co.uk/user/htdocs/includes/story_comments.php on line 12

refrence code

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM storys_comments WHERE story_id = $id ORDER BY id DESC");
while ($row = mysql_fetch_array ($sql, $connection)) {
print nl2br($row[3]);
print "<br />By $row[2]<br /><hr><br />";
}
?>

 

[janey]

emm that hassent helped but thanks

You know, I don't think it was much about solving your problem as it was fixing another potentially larger problem, cause I think that person was pointing out the possibility of SQL injection.



Try removing $connection from the mysql_fetch_array.

Also, edit your post, you just left in your password and username

 

[stndn]

Ouch, what was I thinking?

Let's look at it again, one at a time.
But before we do that, please remove your login/password details and just put an example or whatever in your code.

Going down to the line which gave us the problems, the original code was:
while ($row = mysql_fetch_array($sql, MYSQL_BOTH)) {

Which gave us troubles because MYSQL_BOTH is not a connection link to database.

My original suggestion was to change it to this:
while ($row = mysql_fetch_array ($sql, $connection)) {

But that didn't work also, because I made a mistake by mixing the call to mysql_query (which takes an optional link to database, in which case would be $server if you wanted to include that) and the call to mysql_fetch_array (which takes an optional second parameter which is the result type).

Try what's suggested by janey and simply remove the second parameter from the code, making it:

while ($row = mysql_fetch_array ($sql)) {

Now, let's move back to the top for a bit (although it's not that related to your original problem):

$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);

As you can see, these four lines are doing basically the same thing twice. If you are not going to use both connections, just remove one of them. For now I assume we will remove the first two lines.

Now, we get $server as a link to database, and $db (and $connection) as the result from changing database to use.


Now that I've looked into the PHP manual again, it looks like MYSQL_BOTH is supposedly pre-defined by PHP to mean return both associative and numeric array. However, I'm not sure why this doesn't work in your case.


My guess is that there's an error on the call to mysql_query () itself, which caused no results to be returned. But then again, I'm not sure after I've made two silly mistakes in a row... -(

If my guess is correct, probably the column 'id' is not defined in database? Would you give this a try? Change this line:
$sql = mysql_query("SELECT * FROM storys_comments WHERE story_id = $id ORDER BY id DESC");

To this line:
$sql = mysql_query("SELECT * FROM storys_comments WHERE story_id = $id ORDER BY story_id DESC");

Of course, if the column id is actually defined, just ignore this.


-stndn.

 

[Cabbit]

You know, I don't think it was much about solving your problem as it was fixing another potentially larger problem, cause I think that person was pointing out the possibility of SQL injection.



Try removing $connection from the mysql_fetch_array.

Also, edit your post, you just left in your password and username

they arnt the real passwords and user names

 

[Cabbit]

ok no more errors but its also not doing what it is supposed to do anymore it is uploading the comments but its not saving the story id number with the comment and its not displaying the comments and i think its using frames someware

here are the sources to the files

newcomment.php

<?php
print "<IFRAME SRC=\"includes/storys_comment.php?id=".$_GET['id']."\" width=\"100%\" height=\"275\" frameborder=\"0\" name=\"bottomiframe\"></IFRAME>";
?>

story_body.php

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db(jennifersp, $server);

$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM `storys` WHERE id = $id");
$row = mysql_fetch_row($sql);
?>
<div>
<?php
print "<A HREF=\"javascript:popUp('./story_comment_whole.php?id=".$id."')\">Comments</A>"; ?>
</div>
<?php
print "<b>$row[1]</b> by $row[2]<br><br>";
print nl2br($row[3]);
?>
<br /><br />
<a href="http://jennifersplaygroup.co.uk/?q=node/11">Back to the story page</a>
</div>

story_comment_whole.php

<?php
print "<IFRAME SRC=\"includes/story_comments.php?id=".$_GET['id']."\" width=\"100%\" height=\"325\" frameborder=\"0\" name=\"topiframe\"></IFRAME><br />";
?>
<br />
<a href="javascript:ajaxpage('includes/newcomment.php', 'addnew');">Add new comment</a>
<div id="addnew">
</div>

story_comments.php

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM storys_comments WHERE story_id = $id ORDER BY id DESC");
while ($row = mysql_fetch_array ($sql)) { 
print nl2br($row[3]);
print "<br />By $row[2]<br /><hr><br />";
}
?>

story_display.php

<?php
$host = "mysql10.streamline.net";
$username = "us";
$password = "paass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);

$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM `storys` WHERE id = $id");
$row = mysql_fetch_row($sql);
?>
<div>
<a href="javascript:ajaxpage('includes/story_comment_whole.php?id=%s', 'comments');">Comments</a><br />
<div id="comments">
</div>
<br /><br />
</div>
<?php
print "<b>$row[1]</b> by $row[2]<br><br>";
print nl2br($row[3]);
?>
<br /><br />

<a href="javascript:ajaxpage('stories.php', 'contentarea');">Back to the story page</a><br /><br />

storys_comment.php

<?php
$host = "mysql10.streamline.net";
$username = "pass";
$password = "usr";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$id = $_GET['id'];
?>
<div id="globalNav"> 
<div>
  </div>
</div>
<div id="headlines">
<h3>Add a comment:</h3>
</div>
<div id="content">
<div>
<?php
print "<form action=\"storys_comment2.php?id=$id\" method=\"post\">";
?>
Name: <br /> <input type="textbox" name="name"><br />
Comment: <br /><textarea name="comment" rows="5" cols="40"></textarea><br />
<input type="submit" value="Submit">
</form>
</div>
</div>

storys_comment2.php

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db(jennifersp, $server);
$id = $_GET['id'];
$story_id = $_POST['story_id'];
$name = $_POST['name'];
$comment = $_POST['comment'];
?>
<div id="globalNav"> 
<div>
  </div>
</div>
<div id="headlines">
<h3>Add a comment:</h3>
</div>
<div id="content">
<div>
<?php
$sql = 'INSERT INTO `storys_comments` (`id`, `story_id`, `name`, `comment`) VALUES (\'\', \''.$id.'\', \''.$name.'\', \''.$comment.'\');';
$query = mysql_query($sql);
if(!query) {
print "Error! mysql_error()";
} else {
print "Addition successful";
print "
<script>
setTimeout(\"top.topiframe.location = './story_comments.php?id=".$id."'\", 9);
</script>
";
}

?>
</form>
</div>
</div>
<!-- end content -->
<div id="navBar">

storys_uploads.php

<form name="story" action="./uploader.php" method="post">
  <br>
  <br>
  <br>
  <table width="80%" border="0" cellpadding="0" align="center">
  <tr>
    <td>Author:</td>
    <td><div align="right">
      <input type="text" name="author" />
    </div></td>
  </tr>
  <tr>
    <td>Title:</td>
    <td><div align="right">
      <input type="text" name="title" />
    </div></td>
  </tr>
  <tr>
    <td colspan="2"><textarea name="body" cols="65" rows="25"></textarea></td>
    </tr>
  <tr>
    <td><input name="bn_submit" type="submit" value="Submit" /></td>
    <td> </td>
  </tr>
</table>
</form>

uploader.php

<?php
//story upload
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);

//grab data from form
$author = $_POST['author'];
$title = $_POST['title'];
$body = $_POST['body'];

$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server); 
$sql_phrase = 'INSERT INTO `storys` (`id`, `author`, `title`, `body`) VALUES (\'\',\''.$author.'\', \''.$title.'\', \''.$body.	'\');';
$sql = mysql_query($sql_phrase);
if(!$sql) {
echo "There was an error, please try again.";
print mysql_error();
} 
else 
echo "uploaded";
?>

 

[Cabbit]

oh i sould mention this is how it is displayed

<script type="text/javascript">
var bustcachevar=1 //bust potential caching of external pages after initial request? (1=yes, 0=no)
var loadedobjects=""
var rootdomain="http://"+window.location.hostname
var bustcacheparameter=""

function ajaxpage(url, containerid){
var page_request = false
if (window.XMLHttpRequest) // if Mozilla, Safari etc
page_request = new XMLHttpRequest()
else if (window.ActiveXObject){ // if IE
try {
page_request = new ActiveXObject("Msxml2.XMLHTTP")
} 
catch (e){
try{
page_request = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e){}
}
}
else
return false
page_request.onreadystatechange=function(){
loadpage(page_request, containerid)
}
if (bustcachevar) //if bust caching of external page
bustcacheparameter=(url.indexOf("?")!=-1)? "&"+new Date().getTime() : "?"+new Date().getTime()
page_request.open('GET', url+bustcacheparameter, true)
page_request.send(null)
}

function loadpage(page_request, containerid){
if (page_request.readyState == 4 && (page_request.status==200 || window.location.href.indexOf("http")==-1))
document.getElementById(containerid).innerHTML=page_request.responseText
}

function loadobjs(){
if (!document.getElementById)
return
for (i=0; i < arguments.length; i++){
var file=arguments[i]
var fileref=""
if (loadedobjects.indexOf(file)==-1){ //Check to see if this object has not already been added to page before proceeding
if (file.indexOf(".js")!=-1){ //If object is a js file
fileref=document.createElement('script')
fileref.setAttribute("type","text/javascript");
fileref.setAttribute("src", file);
}
else if (file.indexOf(".css")!=-1){ //If object is a css file
fileref=document.createElement("link")
fileref.setAttribute("rel", "stylesheet");
fileref.setAttribute("type", "text/css");
fileref.setAttribute("href", file);
}
}
if (fileref!=""){
document.getElementsByTagName("head").item(0).appendChild(fileref)
loadedobjects+=file+" " //Remember this object as being already added to page
}
}
}

</script>
<script type="text/javascript">
var rootdomain="http://"+window.location.hostname

function ajaxinclude(url) {
var page_request = false
if (window.XMLHttpRequest) // if Mozilla, Safari etc
page_request = new XMLHttpRequest()
else if (window.ActiveXObject){ // if IE
try {
page_request = new ActiveXObject("Msxml2.XMLHTTP")
} 
catch (e){
try{
page_request = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e){}
}
}
else
return false
page_request.open('GET', url, false) //get page synchronously 
page_request.send(null)
writecontent(page_request)
}

function writecontent(page_request){
if (window.location.href.indexOf("http")==-1 || page_request.status==200)
document.write(page_request.responseText)
}

</script>
<script type="text/javascript">
<!-- Begin
function popUp(URL) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=600,height=600');");
}
// End -->
</script>

<div id="apDiv1">
<div id="apDiv2">
  <h2>Welcome to the Stories Archive</h2>
  <br />
  <p>You will find here and extensive collection of stories.  Even better than that, this story archive is easy to use.</p>
  <p>The Stories are listed in order of newest to oldest so the latest story will always be right at the top of the list for you to read.</p>
  <p>As an added bonus, you can view and add comments about the stories, this is great if you find a problem with a story, or just want to make general comments.</p>
  <p>You too can add stories to the story archive to share with everyone.</p>
  <p>Enjoy searching through the stories ^_^</p>
  <p> </p>
<a href="/themes/zen/storys_uploads.php">Add a new story</a>
  </div>
<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$sql = mysql_query('SELECT * FROM `storys` ORDER BY `id` DESC');
print "<table><tr><th>Story</th><th>Author</th><th>Comments</th></tr>";
while($row = mysql_fetch_array($sql, MYSQL_BOTH)) {
printf("<tr><td><A HREF=\"javascript:ajaxpage('/includes/story_display.php?id=%s', 'contentarea');\">%s</a></td><td><span style=\"TEXT-ALIGN:center\">%s</span></td><td colspan=2><A HREF=\"javascript:ajaxpage('/includes/story_comment_whole.php?id=%s', 'comment');\">Comments</a><br /><br /></td>", $row["id"], $row["title"], $row["author"], $row["id"]);
}
?>
</table>

<br/ >
</div>
<br/ >

I think the error is below, it seems to not be taking working at the bit id=".$_GET['id']. as it isnt finding it perhaps jue to the uniqe way it works, but if the id is typed in manually in the browser when you open the frame out on its own http://www.test.jennifersplaygroup.co.uk/includes/story_comments.php?id=%s this is the raw result but if you manually type in the story id you get http://www.test.jennifersplaygroup.co.uk/includes/story_comments.php?id=55

<?php
print "<IFRAME SRC=\"includes/story_comments.php?id=".$_GET['id']."\" width=\"100%\" height=\"325\" frameborder=\"0\" name=\"topiframe\"></IFRAME><br />";
?>
<br />
<a href="javascript:ajaxpage('includes/newcomment.php', 'addnew');">Add new comment</a>
<div id="addnew">
</div>

 

[oookye]

First of all, you should first escape all your inputs, as your current code is vulnerable to sql injection.

The problem you're having is, when $id is null, or is not set, then the SQL query you are doing is

SELECT * FROM storys_comments WHERE story_id = ORDER BY id DESC

This is obviously no valid SQL syntax.

When set to anything other than a number, such as... http://www.test.jennifersplaygroup.co.uk/includes/story_comments.php?id=1 OR 1=1

the query becomes

SELECT * FROM storys_comments WHERE story_id =1 OR 1=1 ORDER BY id DESC

which returns all the comments, and you really don't want this...
instead, what you should do is check whether $id is set first and that it is numeric..

You should also do some error checking.

Try something like this

$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$db = mysql_select_db($database, $server);
if (isset($_GET['id']) and is_numeric($_GET['id'])) {
$id = $_GET['id'];
} else {
     exit ('invalid id');
}

$sql = mysql_query("SELECT * FROM storys_comments WHERE story_id = $id ORDER BY id DESC");

if (!$sql) {
     exit ('Error retrieving comments..');
} 

while ($row = mysql_fetch_array ($sql)) { 
print nl2br(htmlspecialchars($row[3]));
print "<br />By " . htmlspecialchars($row[2]) . "<br /><hr><br />";
}

Hope this helps.

 

[Cabbit]

i found out that its just not getting the right id form the other page, is there a way for me to do something like

$id = otherpage.php(id)


as it is the other pages id it needs to aquire.

 

[savar]

i found out that its just not getting the right id form the other page, is there a way for me to do something like

$id = otherpage.php(id)


as it is the other pages id it needs to aquire.

You need to pass it as a variable. You can do something like this, make the link look like:

http://myserver.com/mypage.php?id=1234

That "?id=1234" tells PHP to make a variable called $_GET['id'] with the value 1234 in it.

Listen to what others are saying about SQL injection...people can do nasty thing with your site. The quick fix is to wrap all your "dirty" parameters in quotes, like this:

SELECT * FROM MYTABLE WHERE id='$id'

Notice that this works even for numbers, despite the quotation marks.

Then you also need to escape any dangerous characters in the $id variable, like this:

$id = mysql_real_escape_string($id, $db_connection);

This is off the top of my head and the actual syntax may be wrong. The PHP manual is your friend.

When I have problems with SQL embedded in PHP, I do this:
1) In your script, store the query you want to execute in a variable,like $my_query.
2) Print out this variable either with <pre> tags or in an HTML comment, e.g.
print("<pre>$my_query</pre>\n"); That makes it easier to read.
3) Cut and paste from the debug output into a SQL tool, like phpMyAdmin, or even the mysql command line tool. Run it with this tool. This way you see the exact error message, and you can also look at your data and data structures directly.

 

[Cabbit]

ok im giving a few things a try it seems to be printing out invalid id, this may be because of the way the page is set up with ajax that the two php documents are not seeing each other properly so im going to try to solve it as best i can. secureing the code is on my list of things to do but only once it all works.

 

[Cabbit]

ok so the current formula


Index.html, this is the main page

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Ajax Tech Demo Dynamic page loads</title>
<link rel="stylesheet" href="stylesheet.css" type="text/css" />
<script type="text/javascript">
var bustcachevar=1 //bust potential caching of external pages after initial request? (1=yes, 0=no)
var loadedobjects=""
var rootdomain="http://"+window.location.hostname
var bustcacheparameter=""

function ajaxpage(url, containerid){
var page_request = false
if (window.XMLHttpRequest) // if Mozilla, Safari etc
page_request = new XMLHttpRequest()
else if (window.ActiveXObject){ // if IE
try {
page_request = new ActiveXObject("Msxml2.XMLHTTP")
} 
catch (e){
try{
page_request = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e){}
}
}
else
return false
page_request.onreadystatechange=function(){
loadpage(page_request, containerid)
}
if (bustcachevar) //if bust caching of external page
bustcacheparameter=(url.indexOf("?")!=-1)? "&"+new Date().getTime() : "?"+new Date().getTime()
page_request.open('GET', url+bustcacheparameter, true)
page_request.send(null)
}

function loadpage(page_request, containerid){
if (page_request.readyState == 4 && (page_request.status==200 || window.location.href.indexOf("http")==-1))
document.getElementById(containerid).innerHTML=page_request.responseText
}

function loadobjs(){
if (!document.getElementById)
return
for (i=0; i < arguments.length; i++){
var file=arguments[i]
var fileref=""
if (loadedobjects.indexOf(file)==-1){ //Check to see if this object has not already been added to page before proceeding
if (file.indexOf(".js")!=-1){ //If object is a js file
fileref=document.createElement('script')
fileref.setAttribute("type","text/javascript");
fileref.setAttribute("src", file);
}
else if (file.indexOf(".css")!=-1){ //If object is a css file
fileref=document.createElement("link")
fileref.setAttribute("rel", "stylesheet");
fileref.setAttribute("type", "text/css");
fileref.setAttribute("href", file);
}
}
if (fileref!=""){
document.getElementsByTagName("head").item(0).appendChild(fileref)
loadedobjects+=file+" " //Remember this object as being already added to page
}
}
}

</script>
<script type="text/javascript">
var rootdomain="http://"+window.location.hostname

function ajaxinclude(url) {
var page_request = false
if (window.XMLHttpRequest) // if Mozilla, Safari etc
page_request = new XMLHttpRequest()
else if (window.ActiveXObject){ // if IE
try {
page_request = new ActiveXObject("Msxml2.XMLHTTP")
} 
catch (e){
try{
page_request = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e){}
}
}
else
return false
page_request.open('GET', url, false) //get page synchronously 
page_request.send(null)
writecontent(page_request)
}

function writecontent(page_request){
if (window.location.href.indexOf("http")==-1 || page_request.status==200)
document.write(page_request.responseText)
}

</script>
</head>
<body>
<div id="container">
<div id="Layer1">
<div id="logo_container">
<table width="500px" >
  <tr class="logo">
    <td><a href="?q=forum" class="frm"></a></td>
    <td><a href="?q=babblechat" class="cht"></a></td>
    <td><a href="javascript:ajaxpage('stories.php', 'contentarea');" class="str"></a></td>
    <td><a href="?q=video" class="vid"></a></td>
    <td><a href="javascript:ajaxpage('links.html', 'contentarea');" class="lin"></a></td>
    <td><a href="?q=blog" class="blo"></a></td>
  </tr>
  <tr class="logo">
    <td><a href="?q=image" class="img"></a></td>
    <td> </td>
    <td> </td>
    <td> </td>
    <td> </td>
    <td> </td>
  </tr>
</table>
</div></div>
<img src="/img/web-banner.jpg" alt="banner" />
<div id="left-block">
<script type="text/javascript">
ajaxinclude("includes/blocks/stoires_block.php")
</script>
</div>
<div id="content">
<a href="javascript:ajaxpage('home.html', 'contentarea');">home</a>
<br /><br />
<div id="contentarea">
  <h2>Welcome</h2>
  <br />

Welcome to the playgroup, our community has over 492 registered members. The playgroup is a online community for everyone to enjoy, learn and share. You are key to making this site a great place to be.  <br /><br />


This side deals with infantilism, Adult Babies, Teen Babies, Diaper lovers, Age Player, and there respective parents and carers are all welcome here. Our forum is here for everyone to share their experience or to just talk to other like minded individuals it is open to all of our users.
  <br />
  <br />

<h3>Announcement</h3>

Everyday at 9PM London time you can speak to me Jerry Louise on the chat network.
  <br />
  <br />

<h3>Main Pages</h3>

The main pages on the site are the forum, stories, image gallery's and the user  blogs. You as users can post to any of these pages new content and comments on existing content.
  <br /><br />

Forum: Works like every other forum check it out.
  <br /><br />

Stories Page: As is says on the tin post stories here and read other users stories , you can also comment on any story posted.
  <br /><br />

Image Galleries: Post your own images here, you can now create your own album by clicking on the album link in the "Create Content" block.
  <br /><br />

Blogs: To create a Blog just goto the "Create content" module and click "Blog entry". A Blog is a bit like a diary that other users can read.
  <br />  <br />


<h3>Get involved</h3>

So you sign up and say to yourself "what now", well the answer is simple, contribute to the site, as a user you can create your own blog, forum topics and replies, you can also add comments to most articles, images and videos. 
  <br /><br />

More features will be added soon such as the return of the stories and tips and tricks pages and the addition of the support pages to complement the forum. 
  <br /><br />

You will notice there are a few albums, currently users can not create there own, in order to get your own album you can request it by pm'ing me, but user gallery's are only for your own content, you must own the copyright to the images. 
  <br /><br />

As always if you have any problems you can message me using the pm network.  <br />
  <br />

<h3>Request a feature</h3>


Please add your feature requests here, i need to know what you want in order to make this site our community. To add a feature request simply click on the link add new comment
  <br /><br />

Thanks Jerry Louise
</div>
<br /><br />
  <p>
    <a href="http://validator.w3.org/check?uri=referer"><img
        src="http://www.w3.org/Icons/valid-xhtml10"
        alt="Valid XHTML 1.0 Transitional" height="31" width="88" /></a>
  </p>
</div>
<img src="/img/logo_bottom.jpg" alt="banner" />
</div>
</body>
</html>

stories.php, opens up inside contentarea witch is a div tag inside index.html

<script type="text/javascript">
<!-- Begin
function popUp(URL) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=600,height=600');");
}
// End -->
</script>

<div id="apDiv1">
<div id="apDiv2">
  <h2>Welcome to the Stories Archive</h2>
  <br />
  <p>You will find here and extensive collection of stories.  Even better than that, this story archive is easy to use.</p>
  <p>The Stories are listed in order of newest to oldest so the latest story will always be right at the top of the list for you to read.</p>
  <p>As an added bonus, you can view and add comments about the stories, this is great if you find a problem with a story, or just want to make general comments.</p>
  <p>You too can add stories to the story archive to share with everyone.</p>
  <p>Enjoy searching through the stories ^_^</p>
  <p> </p>
<a href="/themes/zen/storys_uploads.php">Add a new story</a>
  </div>
<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$sql = mysql_query('SELECT * FROM `storys` ORDER BY `id` DESC');
print "<table><tr><th>Story</th><th>Author</th><th>Comments</th></tr>";
while($row = mysql_fetch_array($sql, MYSQL_BOTH)) {
printf("<tr><td><A HREF=\"javascript:ajaxpage('/includes/story_display.php?id=%s', 'contentarea');\">%s</a></td><td><span style=\"TEXT-ALIGN:center\">%s</span></td><td colspan=2><A HREF=\"javascript:ajaxpage('/includes/story_comment_whole.php?id=%s', 'comment');\">Comments</a><br /><br /></td>", $row["id"], $row["title"], $row["author"], $row["id"]);
}
?>
</table>

<br/ >
</div>
<br/ >

story_display.php, opens up inside contentarea once a story has been chosen

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);

$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM `storys` WHERE id = $id");
$row = mysql_fetch_row($sql);
?>
<div>
<a href="javascript:ajaxpage('includes/story_comments.php?id=%s', 'comments');">Comments</a>
<div id="comments">
</div>
<br />
<a href="javascript:ajaxpage('includes/newcomment.php', 'addnew');">Add new comment</a>
<div id="addnew">
</div>
<br /><br />
</div>
<?php
print "<b>$row[2]</b> by $row[1]<br><br>";
print nl2br($row[3]);
?>
<br /><br />

<a href="javascript:ajaxpage('stories.php', 'contentarea');">Back to the story page</a><br /><br />

story_comments.php pens up inside comments witch is a div tag inside stories.php

<?php
$host = "mysql10.streamline.net";
$username = "usr";
$password = "pass";
$database = "db";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);
$id = $_GET['id'];
?>
<div id="globalNav"> 
<div>
  </div>
</div>
<div id="headlines">
<h3>Add a comment:</h3>
</div>
<div id="content">
<div>
<?php
print "<form action=\"storys_comment2.php?id=$id\" method=\"post\">";
?>
Name: <br /> <input type="textbox" name="name"><br />
Comment: <br /><textarea name="comment" rows="5" cols="40"></textarea><br />
<input type="submit" value="Submit">
</form>
</div>
</div>

 

[Cabbit]

dang this is annoying me.

 

[macfaninpdx]

I just visited the site, http://test.jennifersplaygroup.co.uk/ and saw a series of Notice: errors under the Stories menu on the left of the page. Are these the errors you are currently trying to fix (see attached)?

We will need to see the code on your file /includes/blocks/stoires_block.php (note the misspelled filename, this is how the file is actually spelled - maybe this is causing some other issues?).

The error you had in a previous post was corrected by adding quotation marks around your array keys. I would imaging that since the Notice warnings are the same, that the same issue is occurring.

So look for something on line 18 of the file stoires_block.php that looks like:

$row[id]

and change it to

$row["id"]

And the same would go for "id" on line 23, and "title" on line 23 as well.

Are there other errors you are still getting?

 

[Cabbit]

I just visited the site, http://test.jennifersplaygroup.co.uk/ and saw a series of Notice: errors under the Stories menu on the left of the page. Are these the errors you are currently trying to fix (see attached)?

We will need to see the code on your file /includes/blocks/stoires_block.php (note the misspelled filename, this is how the file is actually spelled - maybe this is causing some other issues?).

The error you had in a previous post was corrected by adding quotation marks around your array keys. I would imaging that since the Notice warnings are the same, that the same issue is occurring.

So look for something on line 18 of the file stoires_block.php that looks like:

$row[id]

and change it to

$row["id"]

And the same would go for "id" on line 23, and "title" on line 23 as well.

Are there other errors you are still getting?

these errors have been sorted, the current problem is the comments.php not getting the id form story_disply.php

 

[Cabbit]

Anyway to get it to work like this having all the code on the same page.

<?php
$host = "mysql10.streamline.net";
$username = "jennifersp";
$password = "s92630";
$database = "jennifersp";
$server = mysql_connect($host, $username, $password);
$connection = mysql_select_db($database, $server);
$server = mysql_connect($host, $username, $password);
$db = mysql_select_db($database, $server);

$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM `storys` WHERE id = $id");
$row = mysql_fetch_row($sql);
?>
<?php
$id = $_GET['id'];
$sql = mysql_query("SELECT * FROM storys_comments WHERE story_id = $id ORDER BY story_id DESC");
while ($row = mysql_fetch_array ($sql)) {  
print nl2br($row[3]);
print "<br />By $row[2]<br /><hr><br />";
}
?>
<div>
<a href="javascript:ajaxpage('includes/story_comments.php?id=%s', 'comments');">Comments</a>
<div id="comments">
</div>
<br />
<a href="javascript:ajaxpage('includes/newcomment.php', 'addnew');">Add new comment</a>
<div id="addnew">
</div>
<br /><br />
</div>
<?php
print "<b>$row[2]</b> by $row[1]<br><br>";
print nl2br($row[3]);
?>
<br /><br />

<a href="javascript:ajaxpage('stories.php', 'contentarea');">Back to the story page</a><br /><br />