When I run blog_read.php, it says invalid POST ID. I did add echo mysql_error(); in posts.inc.php.
When I load the blog_list.php and click on the link (title) it goes to the blog_read.php then it gives me an error message (I attached an image with the error)
blog_read.php code:
<?php
include('core/init.inc.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php
if(isset($_GET['pid']) === false || valid_pid($_GET['pid'])=== false){
echo 'Invalid post ID.';
}else{
$post=get_post($_GET['pid']);
?>
<h2><?php echo $post['title']; ?></h2>
<h4>By <?php echo $post['user']; ?> on <?php echo $post['date']; ?> (<?php echo count($post['comments']);?> comments)</h4>
<hr />
<p><?php echo $post['body']; ?></p>
<hr />
<div>
<form action="" method="post">
<p>
<label for="user">Name</label>
<input type="text" name="user" id="user" />
</p>
<p>
<textarea name="body" rows="20" cols="60"></textarea>
</p>
<p>
<input type="submit" value="Add Comment"/>
</p>
</form><?php
}
?>
</div>
</body>
</html>
posts.inc.php code:
<?php
// checks if given id is in table
function valid_pid($pid){
$pid = (int)$pid;
$total =mysql_query("SELECT COUNT('post_id') FROM 'posts' WHERE 'post_id'={$pid}");
$total = mysql_result($total, 0);
echo mysql_error();
if($total !=1){
return false;
}else{
return true;
}
}
// Fetches summary of all blog post
function get_posts(){
$sql="SELECT
`posts`.`post_id` AS `id`,
`posts`.`post_title` AS `title`,
LEFT(`posts`.`post_body`, 512) AS `preview`,
`posts`.`post_user` AS `user`,
DATE_FORMAT(`posts`.`post_date`, '%d/%m/%Y %H:%i:%s') AS `date`,
`comments`.`total_comments`,
DATE_FORMAT(`comments`.`last_comment`, '%d/%m/%Y %H:%i:%s') AS `last_comment`
FROM `posts`
LEFT JOIN (
SELECT
`post_id`,
COUNT(`comment_id`) AS `total_comments`,
MAX(`comment_date`) AS `last_comment`
FROM `comments`
GROUP BY `post_id`
) AS `comments`
ON `posts`.`post_id`=`comments`.`post_id`
ORDER BY `posts`.`post_date` DESC";
$posts = mysql_query($sql);
$rows=array();
while(($row= mysql_fetch_assoc($posts)) !== false){
$rows[]=array(
'id' =>$row['id'],
'title' => $row['title'],
'preview' => $row['preview'],
'user' => $row['user'],
'date' => $row['date'],
'total_comments'=>($row['total_comments']=== null)? 0 : $row['total_comments'],
'last_comment' =>($row['last_comment']=== null)? 'never' : $row['last_comment']
);
}
return $rows;
}
// fetches single post from the table
function get_post($pid){
$pid=(int)$pid;
$sql= "SELECT
`post_title` AS `title`,
`post_body` AS `body`,
`post_user` AS `user`,
`post_date` AS `date`
FROM `posts`
WHERE `post_id` = {$pid}";
$post =mysql_query($sql);
$post=mysql_fetch_assoc($post);
$post['comments'] = get_comments($pid);
return $post;
}
// adds a new blog entry
function add_post($name,$title, $body){
$name = mysql_real_escape_string(htmlentities($name));
$title = mysql_real_escape_string(htmlentities($title));
$body = mysql_real_escape_string(nl2br(htmlentities($body)));
mysql_query("INSERT INTO 'posts' ('post_user','post_title','post_body', 'post_date') VALUES ('{$name}','{$title}','{$body}', NOW())");
}
?>
woohoo!