Blog Tutorial, Invalid post ID. and other errors..

[Jaami]

Hello,

i am a beginner with all of this, so have some mercy with me please..

After adding a comment in phpmyadmin, it doesn't show up in "blog_list.php".
Also when clicking on the "TEST post"-link "blog_read.php?pid=1", i get these errors:

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''posts' WHERE 'post_id' = 1' at line 1
Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\core\inc\posts.inc.php on line 9
Invalid post ID. "

Here is my "posts.inc.php":

<?php

//checks if the given post id is in the table.
function valid_pid($pid){
    $pid = (int)$pid;

    $total = mysql_query("SELECT COUNT('post_id')FROM 'posts' WHERE 'post_id' = {$pid}");
    echo mysql_error();
    $total = mysql_result($total, 0);

    if($total != 1){
       return false;
    }
    else{
        return true;
    }
}

//fetches a summery of all the blog posts.
function get_posts(){
    $sql = "SELECT
                `posts`.`post_id` AS `id`,
                `posts`.`post_title` AS `title`,
                LEFT(`posts`.`post_body`, 512) AS `preview`,
                `posts`.`post_user` AS `user`,
                DATE_FORMAT(`posts`.`post_date`, '%d/%m/%Y %H:%i:%s') AS `date`,
                `comments`.`total_comments`,
                DATE_FORMAT(`comments`.`last_comment`, '%d/%m/%Y %H:%i:%s') AS `last_comment`
           FROM `posts`
           LEFT JOIN (
                SELECT
                    `post_id`,
                    COUNT(`comment_id`) AS `total_comments`,
                    MAX(`comment_date`) AS `last_comment`
                FROM `comments`
                GROUP BY `post_id`
           ) AS `comments`
           ON `posts`.`post_id` = `comments`.`post_id`
           ORDER BY `posts`.`post_date` DESC";

    $posts = mysql_query($sql);

    $rows = array();
    while (($row = mysql_fetch_assoc($posts)) !== false) {
        $rows[] = array(
            'id'                => $row['id'],
            'title'             => $row['title'],
            'preview'           => $row['preview'],
            'user'              => $row['user'],
            'date'              => $row['date'],
            'total_comments'    => ($row['total_comments'] === null) ? 0 : $row['total_comments'],
            'last_comment'      => ($row['last_comment'] === null) ? 'never' : $row['last_comment']
         );
    }

    return $rows;
}

//fetches a single post from the table.
function get_post($pid){
    $pid = (int)$pid;

    $sql = "SELECT
               `post_title` AS `title`,
               `post_body` AS `body`,
               `post_user` AS `user`,
               `post_date` AS `date`
            FROM `posts`
            WHERE `post_id` = {$pid}";

    $post = mysql_query($sql);
    $post = mysql_fetch_assoc($post);

    $post['comments'] = get_comments($pid);

    return $post;
}

//adds a blog entry.
function add_posts($name, $title, $body){
    $name = mysql_real_escape_string(htmlentities($name));
    $title = mysql_real_escape_string(htmlentities($title));
    $body = mysql_real_escape_string(nl2br(htmlentities($body)));

    mysql_query("INSERT INTO `posts` (`post_user`, `post_title`, `post_body`, `post_date`) VALUES ('{$name}', '{$title}', '{$body}', NOW())");
}


?>

"comments.inc.php"

<?php

//fetches all of the comments for a given blog post.
function get_comments($pid){
    $pid = (int)$pid;

    $sql = "SELECT
                `comment_body` AS `body`,
                `comment_user` AS `user`,
                DATE_FORMAT(`comment_date`, '%d/%m/%Y %H:%i:%s') AS `date`
            FROM `comments`
            WHERE `post_id` = {$pid}";

     $comments = mysql_query($sql);

     $return = array();
     while (($row = mysql_fetch_assoc($comments)) !== false){
          $return[] = $row;
     }

     return $return;
}

//adds a comment.
function add_comment($pid, $user, $body){
    if(valid_pid($pid) === false){
        return false;
    }

    $pid    = (int)$pid;
    $user   = mysql_real_escape_string(htmlentities($user));
    $body   = mysql_real_escape_string(nl2br(htmlentities($body)));

    mysql_query("INSERT INTO `comments` (`post_id`, `comment_user`, `comment_body`, `comment_date`) VALUES ({$pid}, '{$user}', '{$body}', NOW())");

    return true;
}

?>

"blog_read.php"

<?php

include('core/init.inc.php');

?>

<!DOCTYPE html PUBLIC ".//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org//1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Test Title</title>
    </head>
    <body>
        <div>
            <?php

            if (isset($_GET['pid']) === false || valid_pid($_GET['pid']) === false){
                echo 'Invalid post ID.';
            }else{
                $post = get_post($_GET['pid']);

                ?>

                 <h2><?php echo $post['title']; ?></h2>
                 <h4>By <?php echo $post['user'] ?> on <?php echo $post['date']; ?> (<?php echo count($post['comments']); ?> comments)</h4>

                 <hr />

                 <p></p>

                 <hr />

                <form action="" method="post">
                    <p>
                        <label for="user">Name</label>
                        <input type="text" name="user" id="user"/>
                    </p>
                    <p>
                        <textarea name="body" rows="20" cols="60"></textarea>
                    </p>
                    <p>
                        <input type="submit" value="Add Comment" />
                    </p>
                </form>
                <?php
            }

             ?>
        </div>
    </body>
</html>

"blog_list.php"

<?php

include('core/init.inc.php');

?>

<!DOCTYPE html PUBLIC ".//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org//1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Test Title</title>
    </head>
    <body>
        <div>
            <?php

            $posts = get_posts();

            foreach($posts as $post){
                ?>
                <h2><a href="blog_read.php?pid=<?php echo $post['id']; ?>"><?php echo $post['title']; ?></a></h2>
                <h4>By <?php echo $post['user']; ?> on <?php echo $post['date']; ?></h4>
                <h4>(<?php echo $post['total_comments']; ?> comments, last comment <?php echo $post['last_comment'];  ?>)</h4>

                <hr />

                <p><?php echo $post['preview']; ?></p>
                <?php
            }

             ?>

        </div>
    </body>
</html>

[Temor]

Well, the SQL syntax error is because you're using semiquotes( ' ) instead of backticks( ` )
This:

$total = mysql_query("SELECT COUNT('post_id')FROM 'posts' WHERE 'post_id' = {$pid}");

Should be this:

$total = mysql_query("SELECT COUNT(`post_id`)FROM posts WHERE 'post_id' = {$pid}");

[Jaami]

hey, that was fast.
now i only need some solutions for the "Invalid post ID." + no comments problem..

[Temor]

what does your database structure look like?

[Jaami]

Edit: ..ok, i solved the comment problem..with setting also post id to 1....
now only "Invalid post ID"...

Clipboard03.jpg

see attachment

Clipboard02.jpg

Clipboard01.jpg

[Temor]

Oh, I must have been very tired yesterday...

This is how the valid_pid query should look... Silly me

$total = mysql_query("SELECT COUNT(`post_id`)FROM `posts` WHERE `post_id`  = '{$pid}'");

[Jaami]

i saw that yesterday too, but didnt changed it for some reasons..

hm, but still it shows me "invalid post id"..

EDIT: ok, i solved it lol. http://localhost//blog_read.php?pid=1 was the right link, and not just http://localhost//blog_read.php ..duh. well it actually didnt work on both links before, because of the other errors.

so, THANK YOU VERY MUCH for your fast help!!

[Temor]

No problems. You're always welcome back if you're in need of further assistance.