Jump to content

sorting

etsted

By etsted
in PHP

 Share

Recommended Posts

etsted Member

etsted

Posted
Posted

i have created a guestbook for my website, but everytime i add a comment it just put the comment below the other. I want it so that the first page only shows maybe 35 comments, then a new page will be created and then 35 comments can be placed there etc.

 

echo "<h1>guestbook</h1>";

echo "<hr />";
$form = "
<form action='index.php' method='POST'>
<table>
<tr>
<td>name:</td>
<td><input type='text' name='name' /></td>
</tr>
<tr>
<td>message:</td>
<td><textarea rows='5' cols='30' name='message'></textarea></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='submit' /></td>
</tr>
</table>
</form>
";
include "connect.php";
$getdata = mysql_query("SELECT * FROM guestbook ORDER BY id DESC");
while($row = mysql_fetch_assoc($getdata))
{
$id = $row['id'];
$name = $row['name'];
$message = $row['message'];
$date = $row['date'];
$message = nl2br($message);
echo "
<table>
<tr>
<td><strong>lastet opp av $name. Dato: $date</strong></td>
</tr>
<tr>
<td>$message</td>
</tr><br />
</table>
";
}
echo "<hr />";
$submit = $_POST['submit'];
if($submit)
{
$name = $_POST['name'];
$message = $_POST['message'];
if($name && $message)
{
include "connect.php";
$query = mysql_query("SELECT * FROM guestbook WHERE name='$name' && message='$message'");
$numrows = mysql_num_rows($query);
if($numrows == 0)
{
mysql_query("INSERT INTO guestbook VALUES('','$name','$message',CURDATE())");
echo "du har sent en melding $form";
}
else
{
echo "du kan ikke sende den samme meldingen om igjen $form";
}
}
else
{
echo "du må fylle ut skjemaet $form";
}
}
else
{
echo $form;
}
?>
Link to comment
Share on other sites
justsomeguy w3schools Guru

justsomeguy

Posted
Posted

They call that pagination, there should be several examples online:

 

https://www.google.com/search?client=opera&q=php+pagination&sourceid=opera&ie=UTF-8&oe=UTF-8

 

Essentially, you'll need to define some variables like how many results to show per page and which page you're currently showing, and you can use that to figure out the records to get from the database and show only that page. Your links to the next and previous pages will just change the page number that you're currently showing.

 

Your code isn't secure, though. You're using the very old and deprecated mysql extension instead of something more modern and secure like mysqli or PDO, and your queries are vulnerable to SQL injection attacks. Without some validation, your site is also open to a variety of other attacks like cross-site scripting vulnerabilities because you're not sanitizing the data that people enter. They could be writing some Javascript code that they want to inject on your site so that all of your users run it.

 

https://www.google.com/search?client=opera&q=protect+against+sql+injection+attacks+in+php&sourceid=opera&ie=UTF-8&oe=UTF-8

https://www.google.com/search?client=opera&q=protect+against+cross+site+scripting+attacks+in+php

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...