My code of what I have so far:
home.php
<?php include('core/init.inc.php'); if (isset($_POST['user'], $_POST['body'])){ add_post($_POST['user'], $_POST['body']); header('Location: home.php'); die(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title>Welcome to ViBeate</title> <meta name="description" content="Welcome to ViBeate. ViBeate allows you to connect with friends, family, and co-workers." /> <meta name="keywords" content="social, networking, games, chat, hangout, friends" /> <meta name="robots" content="index, follow" /> <link rel="stylesheet" href="styles/style.css" type="text/css"> <script type="text/javascript"> WebFontConfig = { google: { families: [ 'Chewy::latin' ] } }; (function() { var wf = document.createElement('script'); wf.src = ('https:' == document.location.protocol ? 'https' : 'http') + '://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js'; wf.type = 'text/javascript'; wf.async = 'true'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(wf, s); })(); </script> </head> <body> <div id="wrapper"> <?php include('extras/menu.php'); ?> <br /> <br /> <div id="main"> <div id="left_side"> <form action="" method="post"> <p> <label for="user">Name</label> <input type="text" name="user" id="user" /> </p> <p> <textarea name="body" rows="5" cols="60" placeholder="Post a status here..."></textarea> </p> <p> <input type="submit" value="Post" /> </p> </form> <?php $posts = get_posts(); foreach ($posts as $post){ ?> <h3><?php echo $post['user']; ?></h3> Posted on <?php echo $post['date']; ?> <hr /> <p><?php echo $post['preview']; ?></p> <i><a href="read_post.php?pid=<?php echo $post['id']; ?>">(<?php echo $post['total_comments']; ?> comments) <?php echo $post['last_comment']; ?></a></i> <?php } ?> </div> <div id="right_side"> <div class="ads"> /*Advertisments go here*/ Advertisment </div> <br /> <div class="footer"> <center><?php include('extras/footer.php'); ?></center> </div> </div> </div> </div> </body> </html>
read_posts.php
<?php include('core/init.inc.php'); if (isset($_GET['pid'], $_POST['user'], $_POST['body'])){ if (add_comment($_GET['pid'], $_POST['user'], $_POST['body'])){ header("Location: read_post.php?pid={$_GET['pid']}"); }else{ header("Location: home.php"); } die(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title>Welcome to ViBeate</title> <meta name="description" content="Welcome to ViBeate. ViBeate allows you to connect with friends, family, and co-workers." /> <meta name="keywords" content="social, networking, games, chat, hangout, friends" /> <meta name="robots" content="index, follow" /> <link rel="stylesheet" href="styles/style.css" type="text/css"> <script type="text/javascript"> WebFontConfig = { google: { families: [ 'Chewy::latin' ] } }; (function() { var wf = document.createElement('script'); wf.src = ('https:' == document.location.protocol ? 'https' : 'http') + '://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js'; wf.type = 'text/javascript'; wf.async = 'true'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(wf, s); })(); </script> </head> <body> <div id="wrapper"> <?php include('extras/menu.php'); ?> <br /> <br /> <div id="main"> <div id="left_side"> <?php if (isset($_GET['pid']) === false || valid_pid($_GET['pid']) === false){ echo 'Invalid post ID!'; }else{ $post = get_post($_GET['pid']); ?> <h3><?php echo $post['user']; ?></h3> Posted on <?php echo $post['date']; ?> <hr /> <p><?php echo $post['body']; ?></p> <i>(<?php echo count($post['comments']); ?> comments)</i> <hr /> <?php foreach ($post['comments'] as $comment){ ?> <h4>By <?php echo $comment['user']; ?> on <?php echo $comment['date']; ?></h4> <p><?php echo $comment['body']; ?></p> <hr /> <?php } ?> <form action="" method="post"> <p> <label for="user">Name</label> <input type="text" name="user" id="user"> </p> <p> <textarea name="body" rows="5" cols="60" placeholder="Type in your comment"></textarea> </p> <p> <input type="submit" value="Add comment"> </p> </form> <?php } ?> </div> <div id="right_side"> <div class="ads"> /*Advertisments go here*/ Advertisment </div> <br /> <div class="footer"> <center><?php include('extras/footer.php'); ?></center> </div> </div> </div> </div> </body> </html>posts.inc.php
<?php //checks if the given post id is in the table function valid_pid($pid){ $pid = (int)$pid; $total = mysql_query("SELECT COUNT(`post_id`) FROM `posts` WHERE `post_id` = '{$pid}'"); $total = mysql_result($total, 0); echo mysql_error(); if ($total != 1){ return false; }else{ return true; } } //fetches a summary of all the posts function get_posts(){ $sql = "SELECT `posts`.`post_id` AS `id`, `posts`.`post_body` AS `preview`, `posts`.`post_user` AS `user`, DATE_FORMAT(`posts`.`post_date`, '%d/%m/%Y %H:%i') AS `date`, `comments`.`total_comments`, DATE_FORMAT(`comments`.`last_comment`, '%d/%m/%Y %H:%i:%s') AS `last_comment` FROM `posts` LEFT JOIN( SELECT `post_id`, COUNT(`comment_id`) AS `total_comments`, MAX(`comment_date`) AS `last_comment` FROM `comments` GROUP BY `post_id` ) AS `comments` ON `posts`.`post_id` = `comments`.`post_id` ORDER BY `posts`.`post_date` DESC"; $posts = mysql_query($sql); $rows = array(); while (($row = mysql_fetch_assoc($posts)) !== false){ $rows[] = array( 'id' => $row['id'], 'preview' => $row['preview'], 'user' => $row['user'], 'date' => $row['date'], 'total_comments' => ($row['total_comments'] === null) ? 0 : $row['total_comments'], 'last_comment' => ($row['last_comment'] === null) ? 'No recent comments. Be the first to comment!' : $row['last_comment'] ); } return $rows; } //fetches a single post from the table function get_post($pid){ $pid = (int)$pid; $sql = "SELECT `post_body` AS `body`, `post_user` AS `user`, `post_date` AS `date` FROM `posts` WHERE `post_id` = {$pid}"; $post = mysql_query($sql); $post = mysql_fetch_assoc($post); $post['comments'] = get_comments($pid); return $post; } // adds a new post entry function add_post($name, $body){ $name = mysql_real_escape_string(htmlentities($name)); $body = mysql_real_escape_string(nl2br(htmlentities($body))); mysql_query("INSERT INTO `posts` (`post_user`, `post_body`, `post_date`) VALUES ('{$name}', '{$body}', NOW())"); } ?>comments.inc.php
<?php //fetches all of the comments for a given post function get_comments($pid){ $pid = (int)$pid; $sql = "SELECT `comment_body` AS `body`, `comment_user` AS `user`, DATE_FORMAT(`comment_date`, '%d/%m/%Y %H:%i:%s') AS `date` FROM `comments` WHERE `post_id` = {$pid}"; $comments = mysql_query($sql); $return = array(); while (($row = mysql_fetch_assoc($comments)) !== false){ $return[] = $row; } return $return; } //adds a comment function add_comment($pid, $user, $body){ if (valid_pid($pid) === false){ return false; } $pid = (int)$pid; $user = mysql_real_escape_string(htmlentities($user)); $body = mysql_real_escape_string(nl2br(htmlentities($body))); mysql_query("INSERT INTO `comments` (`post_id`, `comment_user`, `comment_body`, `comment_date`) VALUES ({$pid}, '{$user}', '{$body}', NOW())"); return true; } ?>