Comments Not Inserted Into Database

[elitis]

the entire source (excluding static info such as <head>,<title>, etc)

PHP Code:

<div id="leftcontent">
    <?php 
    //News articles start
    $news = mysql_query("SELECT * FROM `news` ORDER BY `date` DESC LIMIT 10");
    while($article = mysql_fetch_array($news)) { 
        $articlePosted = $article['date'];
        $datePosted = date("F jS, Y", strtotime($articlePosted));
        if (empty($_GET['id'])) { 
            echo '<div class="box3">';
            echo '<article><header><h2>'.$article['article_name']. '</h2></header>';
            echo '<p>' .$article['summary']. '</p>';
            echo '<p>' .$datePosted. '</p>';
            echo "<a class='special' href='/news?id={$article['id']}'>Read More...</a></article></div>";
        } else if ($_GET['id'] == $article['id']) {
            echo '<section><article><header><h1 class="centered"><b><u>'.$article['article_name']. '</u></b></h1></header>';
            echo '<p>' .$article['news']. '</p>';
            echo '<footer><p>' .$datePosted.  '</p></footer></section>';
            echo '<section><h1 class="centered">Comments</h1></article>';
            //Comments start
            $getComments = mysql_query("SELECT * FROM `comments` WHERE `category` = 'news' AND `subcategory` = '$article[id]' ORDER BY `date` DESC LIMIT 20");
            while($comments = mysql_fetch_array($getComments)) {
                echo "<br />";
                echo "<div class='box'>";
                if ($comments['reply_to'] > 0) {
            $get_comment = mysql_query("SELECT * FROM `comments` WHERE `id` = $comments[reply_to]");
            while($r_comment = mysql_fetch_array($get_comment)) {
            echo "<i><p>Originally posted by " .$r_comment[username]. '</p></i>';
            echo "<i><p> " .$r_comment[comment]. '</p></i>';
            echo "<i><p> " .Agotime($r_comment[date]). '</p></i>';
            echo "<hr />";
  }
  }
        echo "<p>" .$comments[username]. '</p>';
        echo "<p>" .$comments[comment]. '</p>';
        echo "<p>" .Agotime($comments[date]). '</p>';
        echo "<a class='special' href=\"/news?id={$article['id']}&reply={$comments['id']}\"> Reply</a>";
        //Replies start
    if ($_GET['reply'] == $comments['id']) {
    echo "
    <form action=\"/news?id={$article['id']}\" method='POST'>
    <input class='field' type='text' name='name' placeholder='Name' required='true' />
    <br />
    <textarea class='field' name='comment' rows='2' cols='55' required='true'></textarea>
    <input type='hidden' name='submitted' value='1' />
    <input type='hidden' name='reply' value=\"{$comments['id']}\" />
    <input class='specialbutton' type='submit' name='submit' value='Post Comment' />
    </form>";
    }
    echo "<br />
    </div>";
    //Replies end
    }
    echo "
    <br />
    <div class='box'>
    <form action=\"/news?id={$article['id']}\" method='POST'>
    <input class='field' type='text' name='name' placeholder='Name' required='true' />
    <br />
    <textarea class='field' name='comment' rows='2' cols='55' required='true'></textarea>
    <input class='specialbutton' type='submit' name='submit' value='Post Comment' />
    <input type='hidden' name='submitted' value='1' />
    </form>
    </div>
    </section>";
    //Comments end
    
if ($_POST['submitted'] == 1) {
    if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
        $_POST['name'] = stripslashes($_POST['name']);
        $_POST['comment'] = stripslashes($_POST['comment']);
        $_POST['reply'] = stripslashes($_POST['reply']);
    }
$username = mysql_real_escape_string($_POST['name']);
$comment = mysql_real_escape_string($_POST['comment']);
$category = 'news';
$subcategory = $article['id'];
$reply = mysql_real_escape_string($_POST['reply']);
if (empty($username)) {
echo "<p>Name is a required field</p>";
exit();
}
if (empty($comment)) {
echo "<p>Comment is a required field</p>";
exit();
}

$sql = "INSERT INTO `comments` (`username`, `comment`, `date`, `category`, `subcategory`, `reply_to`) VALUES ('$username','$comment', NOW(), '$category', '$subcategory', '$reply')";

if (!mysql_query($sql)) {
  die('Error: ' . mysql_error());
  }
  }
    }
    //News articles end
        }
    ?>
    </div>

Edit: After updating error reporting, got this error: Notice: Undefined index: submitted in /home1/elitis/public_html/news/index.php on line 98.But 'submitted' has been defined...

[Fou-Lu]

You'll get that as well as other errors depending on whether you have provided get and post. Since you have no checks for isset, it will always trigger when attempting to read.

Where are you opening the connection to the database here? From what you have here you shouldn't even be able to reach the form.

[elitis]

include "../includes/database.php"; separate file. And to answer your previous question: no, no connection errors whatsoever

[Fou-Lu]

What's in the $_POST array when you've submitted the form? HTML5 at least with FF seems to be happy with input elements after the submit button, but I'm pretty sure in the past that was an issue.

[elitis]

$_POST['name'], $_POST['comment'], $_POST['submit'] and $_POST['submitted'] (input type='hidden' value='1')

[Fou-Lu]

That's not my question.

PHP Code:

var_dump($_POST);
// may as well add in the get but it looks pretty straight forward
var_dump($_GET); 


What does that have when you have submitted the form. What you think in there versus what is is likely the problem.

[elitis]

Quote:

Originally Posted by Fou-Lu

That's not my question.

PHP Code:

var_dump($_POST);
// may as well add in the get but it looks pretty straight forward
var_dump($_GET); 


What does that have when you have submitted the form. What you think in there versus what is is likely the problem.

oh lol, my mistake. You meant values; I'm not getting anything.

PHP Code:

$sql = "INSERT INTO `comments` (`username`, `comment`, `date`, `category`, `subcategory`, `reply_to`) VALUES ('$username','$comment', NOW(), '$category', '$subcategory', '$reply')";

var_dump($_POST);
// may as well add in the get but it looks pretty straight forward
var_dump($_GET);

if (!mysql_query($sql)) {
  die('Error: ' . mysql_error());
  } 


[Fou-Lu]

That indicates you don't make it there. Place those var_dump at the top of the page after the <?php, at the very minimum you should end up with array (0){} for both ($_GET and $_POST are always available as arrays unless explicitly unset). Also, make sure you pull it from the output HTML source since it has a format to it.

[elitis]

Quote:

Originally Posted by Fou-Lu

That indicates you don't make it there. Place those var_dump at the top of the page after the <?php, at the very minimum you should end up with array (0){} for both ($_GET and $_POST are always available as arrays unless explicitly unset). Also, make sure you pull it from the output HTML source since it has a format to it.

Quote:

array(0) { } array(1) { ["id"]=> string(1) "4" }

The '4' being correct as it was the id of the article I was viewing. So, it the script isn't making it to the comment-SQL block, what would most likely be the issue? Could it be the exit() conditionals?

[Fou-Lu]

This is from after you've submitted a form?
What's the rendered HTML prior to submission look like?

[elitis]

This is from before and after form submission. It stays exactly the same.

[Fou-Lu]

Quote:

Originally Posted by elitis

This is from before and after form submission. It stays exactly the same.

Okay, I'll try this again:

Quote:

Originally Posted by Fou-Lu

What's the rendered HTML prior to submission look like?

I need to see the rendered HTML. You don't have that here.

[elitis]

http://xtraz.cu.cc/news?id=5

[Fou-Lu]

I can't replicate this issue. Have you tried using a valid URL instead of the rewrite?

Edit:
Actually I can replicate it with mod_rewrite. Are you using a redirection type (using R=301 for example) in the rewrite rule? If so, that's a redirect in which case you will lose the post data as it forwards the request through get.

[elitis]

you've lost me unfortunately. As far as I know I'm not using a redirection type.