Form to leave comments on the web

Question

Form to leave comments on the web

Navigation

#1 by (0 votes)

0

I need to make a form to leave comments on my website, that users can comment and publish automatically.

This is the code I have but it does not work ... Can you help me? I put it before but it was not the right thread ..

Here are the comments:

<?PHP

    $conexion = mysqli_connect("servidor de la base de datos", 
    "usuario de la     base de datos", "contraseña del usuario");
    mysqli_select_db("base de datos", $conexion);

    if ($conexion)
    {
     $resultado = mysqli_query("SELECT id, usuario, fecha, 
     mensaje FROM   comentarios ORDER BY id DESC", $conexion);
    while ($fila = mysqli_fetch_row($resultado))
    {
        echo "<B>Mensaje</B> #" . $fila[0] . "; ";
        echo "<B>Escrito por:</B> " . $fila[1] . "; ";
        echo "<B>Fecha:</B> " . $fila[2] . "; ";
        echo "<BR>";
        echo $fila[3];
        echo "<HR>";
    }
    }

    mysqli_close($conexion);

    ?>
  </BODY>
  </HTML>

And the file to leave the message:

<HTML>
<HEAD>
<TITLE>Deja un mensaje</TITLE>
</HEAD>
<BODY>

<FORM ACTION="procesar_mensaje.php" METHOD=POST>
<B>Nombre de usuario:</B>
<INPUT TYPE=text SIZE=20 NAME="usuario">
<BR>
<B>Escribe tu mensaje:</B>
<BR>
<TEXTAREA ROWS=10 COLS=70 NAME="mensaje"></TEXTAREA>
<BR>
<INPUT TYPE=submit VALUE="Enviar mensaje">
</FORM>

<HR>

<?PHP
mysqli_select_db($conexion, "dbxxxxxx");
$conexion = mysqli_connect("dbxxxxx.db.1and1.com", "dboxxxxxx", "xxxxxxx");


if ($conexion)
{
$resultado = mysqli_query($conexion,"SELECT id, usuario, fecha, mensaje FROM comentarios ORDER BY id DESC");
    while ($fila = mysqli_fetch_row($resultado))
    {
        echo "<B>Mensaje</B> #" . $fila[0] . "; ";
        echo "<B>Escrito por:</B> " . $fila[1] . "; ";
        echo "<B>Fecha:</B> " . $fila[2] . "; ";
        echo "<BR>";
        echo $fila[3];
        echo "<HR>";
    }
}
mysqli_close($conexion);

?>

</BODY>
</HTML>

Capture of the database:

php mysqli

asked by rolmo 22.01.2018 в 22:06

source

1 answer

How can I get the Facebook ID of someone with Python? How to convert a String type to Float or Int?

score 0 · Accepted Answer

You have a problem executing the SQL statements, you are doing this:

mysqli_query(sentencia, conexión);

But if you go to the PHP documentation for mysqli_query you will see that the format is as follows :

mysqli_query(conexión, sentencia);

Then you should change the order of the parameters to make it work. Remember in MySQLi functions, the first parameter will always be the connection .

The first file has that problem for mysqli_select_db and mysqli_query . Here you can see it with corrections (commented):

<?PHP

    $conexion = mysqli_connect("servidor de la base de datos", 
    "usuario de la     base de datos", "contraseña del usuario");
    // $conexion debe ponerse primero
    mysqli_select_db($conexion,"base de datos");

    if ($conexion)
    {
     // $conexion debe ponerse primero
     $resultado = mysqli_query($conexion, "SELECT id, usuario, fecha, mensaje FROM   comentarios ORDER BY id DESC");
    while ($fila = mysqli_fetch_row($resultado))
    {
        echo "<B>Mensaje</B> #" . $fila[0] . "; ";
        echo "<B>Escrito por:</B> " . $fila[1] . "; ";
        echo "<B>Fecha:</B> " . $fila[2] . "; ";
        echo "<BR>";
        echo $fila[3];
        echo "<HR>";
    }
    }

    mysqli_close($conexion);

    ?>
  </BODY>
  </HTML>

And the second file has the problem that you select the database before the connection is made, which should not work. Move that to later.

<HTML>
<HEAD>
<TITLE>Deja un mensaje</TITLE>
</HEAD>
<BODY>

<FORM ACTION="procesar_mensaje.php" METHOD=POST>
<B>Nombre de usuario:</B>
<INPUT TYPE=text SIZE=20 NAME="usuario">
<BR>
<B>Escribe tu mensaje:</B>
<BR>
<TEXTAREA ROWS=10 COLS=70 NAME="mensaje"></TEXTAREA>
<BR>
<INPUT TYPE=submit VALUE="Enviar mensaje">
</FORM>

<HR>

<?PHP    
$conexion = mysqli_connect("dbxxxxx.db.1and1.com", "dboxxxxxx", "xxxxxxx");
// debes seleccionar la base de datos DESPUÉS de conectarte
mysqli_select_db($conexion, "dbxxxxxx");

if ($conexion)
{
$resultado = mysqli_query($conexion,"SELECT id, usuario, fecha, mensaje FROM comentarios ORDER BY id DESC");
    while ($fila = mysqli_fetch_row($resultado))
    {
        echo "<B>Mensaje</B> #" . $fila[0] . "; ";
        echo "<B>Escrito por:</B> " . $fila[1] . "; ";
        echo "<B>Fecha:</B> " . $fila[2] . "; ";
        echo "<BR>";
        echo $fila[3];
        echo "<HR>";
    }
}
mysqli_close($conexion);

?>

</BODY>
</HTML>

CAUTION: As I put you in the comments, the shared code is vulnerable to SQL injection attacks. Read about SQL injection and how to avoid it in PHP .