thread434-1760928 Hello, Was

[johnvins]

thread434-1760928

Hello,

Was there ever a resolution to the thread above?
I have exactly the same problem---both on a development test server and VPS, this is the only piece of the pie that doesn't work. Fill out the form and submit it---nothing happens, no post to the database or confirmation to the user and no write to append the recipe with the star rating and comment.

The code is in a file that will allow a user to vote and comment on a recipe. You could give up to 5 stars and write a comment. The app was free from mfscripts.com All in all everything works and I've been able to customize it very much to my liking. Since it was "free" mfscripts.com offers no support, alas.

If okay here is the the content of the file view.html, Thanks in advance and BTW the name of the database is world and the data is to go into comments.

johnvins

<?php

include_once("config.php");

// get vars
$id = $_REQUEST['id'];
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

$vote = $_REQUEST['vote'];
if($submitme) {

$yourname = formatField($_POST['yourname']);
$comment = formatField($_POST['comment']);

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");
$hideform = TRUE;

if(strlen($vote) > 0) {
$lookup_field = "votestar".$vote;
$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1");
$votestar1 = mysql_result($get_values, 0, votestar1);
$votestar2 = mysql_result($get_values, 0, votestar2);
$votestar3 = mysql_result($get_values, 0, votestar3);
$votestar4 = mysql_result($get_values, 0, votestar4);
$votestar5 = mysql_result($get_values, 0, votestar5);
if($vote == 1) $votestar1 = $votestar1+1;
elseif($vote == 2) $votestar2 = $votestar2+1;
elseif($vote == 3) $votestar3 = $votestar3+1;
elseif($vote == 4) $votestar4 = $votestar4+1;
elseif($vote == 5) $votestar5 = $votestar5+1;
$total = ($votestar1 * 1)+($votestar2 * 2)+($votestar3 * 3)+($votestar4 * 4)+($votestar5 * 5);
$total = $total/($votestar1+$votestar2+$votestar3+$votestar4+$votestar5);
$update_joke = mysql_query("UPDATE recipes SET ".$lookup_field." = ".$$lookup_field.", votestartotal = ".$total." WHERE id = ".$id." LIMIT 1");
}
}
}

$temp = mysql_query("SELECT * FROM recipes WHERE id = ".$id." LIMIT 1");
$title = UCWords(mysql_result($temp, 0, title));
$category = mysql_result($temp, 0, category);
$subcategory = mysql_result($temp, 0, category2);
$recipe = mysql_result($temp, 0, recipe);
$recipe = trim(str_replace(array("<h1>", "</h1>"), "", $recipe));
$votestartotal = mysql_result($temp, 0, votestartotal);

$ptitle = "Recipe for ".$title;
$pkeys = $title.", italian recipe, lasagna recipe, low carb recipe, low fat recipe";
$pdesc = $title." food recipe";

// get comments
$get_comments = mysql_query("SELECT name, comment, recipeid, dateadded, userip FROM comments WHERE recipeid = ".$id." ORDER BY dateadded DESC");

include_once("header_view.php");

?>
<tr>
<td height="100%" background="images/captext.gif" valign="top" style="padding-left:100px;padding-top:11px">
<table width="900" height="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="160" height="100%" valign="top">
<?php
include("mainmenu.php");
?>
</td>

<td width="525" align="right" style="padding-right:3px" valign="top">
<table width="388" border="0" cellspacing="0" cellpadding="0">
<?php
include("toptext.php");
?>
<tr>
<td height="29" background="#FFFFFF" style="padding-left:23px"><strong>RECIPE FOR <?php echo strtoupper($title); ?></strong></td>
</tr>
<tr>
<td bgcolor="#FFFFFF" height="100%" style="padding-top:2px;" valign="top">
<table width="100%" height="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="100%" style="padding-left:11px;padding-top:3px;" valign="top">

<table width='100%' cellpadding='0' cellspacing='0'>
<?php
echo "<tr><td valign='top'><b>Title:</b></td><td width='280'>$title</td></tr>";
if(strlen($category) > 0) echo "<tr><td><b>Category:</b></td><td>".UCWords($category)."</td></tr>";
if(strlen($subcategory) > 0) echo "<tr><td><b>Sub-Category:</b></td><td>".UCWords($subcategory)."</td></tr>";

if(number_format($votestartotal, 0) == 0) $rating = "not yet rated";
else $rating = number_format($votestartotal, 0)." stars";
echo "<tr><td style='padding-top:4px;' height='35'><b>Rating:</b></td><td style='padding-top:4px;'><img src='images/small-stars-".number_format($votestartotal, 0).".gif' width='52' height='8' alt='".$rating."'>";
echo "</td></tr>";

echo "</table>";


echo "<b>Instructions:</b><br><br>";
echo $recipe."<br><br>";

?>


</td>
</tr>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
&nbsp;
</td>
</tr>

<?php
if(mysql_numrows($get_comments) > 0) {
?>
<tr><td style="padding-left:11px;padding-top:9px;" valign="top" bgcolor="#FFFFFF">
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td class="commentlabel"><b>User Comments:</b><br><br></td></tr>
<?php
while($row = mysql_fetch_array($get_comments)) {
$date_com = substr($row['dateadded'], 8, 2)."/".substr($row['dateadded'], 5, 2)."/".substr($row['dateadded'], 0, 4);
echo "<tr><td style='color:#999999;'>".$date_com." - ".$row['name']."</td></tr>";
echo "<tr><td style='color:#999999; border-bottom:1'>\"".$row['comment']."\"<br><br></td></tr>";
}
echo "</table>";

?>
</td>
</tr>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
&nbsp;
</td>
</tr>
<?php
}
?>
<?php

if(!$hideform) {
?>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>
<table width='100%' cellpadding='0' cellspacing='0'>
<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php
echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>

<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>

</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden' value='1'>
</form>
</table><br>
<?php
}
?>

</td>
</tr>


</table>
</td>
</tr>
<tr>
<td height="3"><img src="images/spacer.gif" width="1" height="3"></td>
</tr>
</table>
</td>

<?php
include("menuright.php");
?>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr><td height="10" background="#FFFFFF"><img src="images/spacer.gif" width="1" height="1"></td></tr>

<?php
include("footer.php");
?>

 

[vacunita]

I clicked on the Chicken Curry recipe and then, in the very upper left top of the page that displays, is--- id=[12746]==

O.K. That means the recipe ID is getting sent. Which means that part is o.k. Remove the part in red, you added and lets check the next part.

Next section, add the red part, and test again as before:

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");

[b][COLOR=#A40000]echo "MYSQL QUERY = " . "INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')";
[/color][/b]

$hideform = TRUE;

if(strlen($vote) > 0) {

...

This should let us see how the query looks like after all the variable replacements have been done. And we can see if there's an error there.



----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

 

[johnvins]

Phil,

I added, copy and pasted, as instructed above. It made no difference to what has been happening, same old nothing.

John V.

 

[vacunita]

It should have echoed the query.

If it did not, it means its not getting to that point in the code. Which points to a problem with the validation portion which stops the rest of the code from running if an error is issued.


Add the following:

if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

[b][COLOR=#CC0000]echo "The error was: "  . $error;[/color][/b]

if(strlen($error) == 0) {

...

Run it and post back. I have a feeling the captcha is not actually working as evidenced by your previous post.



Also your original code looks like this:

if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif([b]$_SESSION["captcha"] != $_POST['captcha'][/b]) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

But somewhere down the line it changed to this:

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif([b]$_SESSION != $_POST[/b]) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

If it currently looks like the second block, then your captcha will never validate as $_POST will never ever be equal to $_SESSION.


----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

 

[johnvins]

The code is still the same on the captcha, I just checked the live site and production server.

nothing happened with echo "The error was: " . $error;

John V.

 

[vacunita]

hmm, that's very strange, it should have at least displayed the text: "The error was:" even if the error variable was empty.

Something is not right.

The echo function simply prints to screen whatever you tell it. Since there is nothing preventing the code from running up to that point it should have displayed something.





----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

 

[Olaf Doschke]

Sorry to jump in, but there might be the unlikely case the echo goes into a div or any html tag which is in display:hidden mode. Right click and view page source, the error message might only be seen there.
You could also try and put die() after the echos, to see whether the rest of the script hits a timeout or crashes so nothing is returned. die() would end the script at the point and so you see what's output. Also check out, whether you're in output buffering, this would even be more likely and simpler than assuming output to a hidden tag.

Bye, Olaf.

 

[Olaf Doschke]

if you enter an incorrect Captcha sequence, it doesn't throw back to say it wasn't correct.

elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

This check only runs if previous checks are passed. Like vacunita already said it's strange you don't see any output, but the reasoning might be something afterwards failing, the output doesn't get out, maybe because of buffering.

Bye, Olaf.

 

[johnvins]

Hi all,

I cleared the cache in the browser and tried -the error was- still nothing on the screen?
Right clicked view source, didn't reveal anything there.
I tried the ()die after every echo, one at a time, it did die on the line where I put it; all the way to the end.
I cleaned up the html, removed all white space, At least I know how to do that!

Might it be the form itself?
Here are the lines of code just before the form---

<?php
}
?>
<?php								
if(!$hideform) {
?>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>
<table width='100%' cellpadding='0' cellspacing='0'>

And now the form:

<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php
echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>

John V.
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>
										
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>
										
</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden'value='1'>
</form>

John V.

 

[Olaf Doschke]

What is $hideform? If it is true while you test, anything in that branch isn't executed of course, including any echo of errors.

Bye, Olaf.

 

[vacunita]

$hideform being true or false should not affect the code before it, unless as Olaf points out there's a buffer catch somewhere before (but the code does not show it, its possible it may be in config.php), which seems strange.

The position of the hideform validation is so far down the code, the rest of it should at least produce something.

More so because the previous echo of the $id being received was shown.

Maybe the html is hiding it somewhere.


Try in the same place:

echo '<div style="display:block; position:absolute; background-color:#000; color:#dd2200; height:300px; width:300px; top:0; left:0;">The error was: ' . $error . '</div>';

This should produce a black box with orange text visible in the top left corner of the browser.


If this still is not shown, then there's some type of error going on. Check the error logs since your production server does not have errors turned on.




----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

 

[johnvins]

I think there maybe something to the buffer cache, I just read a lot about it. Once again I got this scrip free from the developer, who in the instructions said to---Set the following permissions on directories:
CHMOD 777 - /cache

In reading I can't tell where the cache file should be located---any thoughts on this as the problem?

John V.

 

[Olaf Doschke]

Output buffering is happening, when your config.php script includes ob_start(), it's done in memory and has nothing to do with file system.

Anyway, you might simply add more echo lines to see when they stop coming through, which is the essential line. Also read error.log as Vacunita said, the logs are typically in webroot /logs/ a couple of gz archives and a current error.log and access.log. phpinfo() will also tell about the location of logs.

Bye, Olaf.

 

[johnvins]

I'll do all the above and get back to both of you soon. Thanks again, John V.