0

I don't think it is returning the right value here. Try echoing $tid just before you run your sql, or better yet, echo the sql to the screen and check that it has the right variables.

Right mate I think we are almost there!

I checked the table and yes the data is going in but there are problems in the tid and reply_id fields......

in the tid field it has the wrong value which why the error is poping up.....also the value in the tid is the ID of the previous comment to which a reply is being made......

and for the reply_id the value is going in as 0

and yes the mss function is not getting the right value....:S

0

Does mss give you the right id according to the data that you have in the database? That is, is it the mss function or the data in the database that is wrong?

0

Does mss give you the right id according to the data that you have in the database? That is, is it the mss function or the data in the database that is wrong?

reply_id is working alright now....as my SQL was incorrect.......

Anyways, mss function is not able to find the correct tid for some unknown reasons........and in the tid field the ID of the previous field is going in which causes the else statement to cause the error statment...

0

Hard to say what is happening in the mss function without seeing the code, however I notice that you use the mss function twice with different parameters:

$msg = mss($_POST['reply']);
$tid = mss($_GET['id']);

Does it return two different things based on what is passed in?

0

Right a bit an update......

Got the tid working as my link was wrong.....

Anyhow.....the only issue is with reply_id even though it is echoing the right value but it is inserting the tid value......???

here is my code

<?php

if(!$_SESSION['uid']){
header("Location: index.php");
}

 
	
	$msg = mss($_POST['reply']);
	$tid = mss($_GET['id']);
	$reply_id = $_GET['reply_id'];
 
	
	
	
	if($tid){
			echo $reply_id;
		$sql = "SELECT * FROM `forum_topics` WHERE `id`='".$tid."'";
		$res = mysql_query($sql) or die(mysql_error());
		if(mysql_num_rows($res) == 0){
			echo "This topic does not exist!";
		}else {
			$row = mysql_fetch_assoc($res);
			$sql2 = "SELECT admin FROM `forum_sub_cats` WHERE `id`='".$row['cid']."'";
			$res2 = mysql_query($sql2) or die(mysql_error());
			$row2 = mysql_fetch_assoc($res2);
			if(!$_POST['submit']){
			echo "<form method=\"post\" action=\"./index.php?act=test&id=".$row['id']."&reply_id=".$row['id']."\">\n";
			echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";			    
			echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td></tr>\n";
			echo "</table>\n";
		}else{
			if($row2['admin'] == 1 && $admin_user_level == 0){
				echo "You do not have sufficient priveleges to add a reply to this topic";
			}else {
			      if(!$msg){
			               echo "You did not supply a reply";
				       }else {
					     if(strlen($msg) < 10 || strlen($msg) > 10000){
						echo "Your reply must be between 10 and 10,000 characters!";
						}else {
							
							
							$reply_id = $_GET['reply_id'];					
							$date = date("d-m-y") ." at ". date("h-i-s");
							$time = time();
							
							$sql4 = "INSERT INTO `forum_replies` (`tid`,`uid`,`message`,`date`,`time`,`reply_id`) VALUES('".$tid."','".$_SESSION['uid']."','".$msg."','".$date."','".$time.",'".$reply_id."')";
							$res4 = mysql_query($sql4) or die(mysql_error());
							header("Location: ./index.php?act=topic&id=".$tid); 
							
													
						}		
					 }
				  }
			   }	
		    }
		}
?>
0
echo "<form method=\"post\" action=\"./index.php?act=test&id=".$row['id']."&reply_id=".$row['id']."\">\n";

I believe your problem lies here. You are in effect setting $_GET to $_GET, which in turn sets $reply_id to $tid when the page is refreshed after the submit of the form.

0
echo "<form method=\"post\" action=\"./index.php?act=test&id=".$row['id']."&reply_id=".$row['id']."\">\n";

I believe your problem lies here. You are in effect setting $_GET to $_GET, which in turn sets $reply_id to $tid when the page is refreshed after the submit of the form.

Hmmmmmm you are right......

What would be the correct way to do it????

0

After few adjustments and tweaks the issue is now resolved.....

echo "<form method=\"post\" action=\"./index.php?act=test&id=".$row['id']."&reply_id=".$reply_id."\">\n";

Thanks for the all the advice.:cool:

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.