Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where comment_id = '495'' at line 1 in C:\xampp\htdocs\Innerjoin\user\postinsert.php:96 Stack trace: #0 C:\xampp\htdocs\Innerjoin\user\postinsert.php(96): mysqli_query(Object(mysqli), 'SELECT * ,UNIX_...') #1 {main} thrown in C:\xampp\htdocs\Innerjoin\user\postinsert.php on line 96
ito code ko
<?php
ob_start();
// include navigation with connection and session
include "../partials/newnav.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Posted</title>
<link href="You do not have permission to view the full content of this post. Log in or register now." rel="stylesheet">
<link href="You do not have permission to view the full content of this post. Log in or register now." rel="stylesheet">
<script src="You do not have permission to view the full content of this post. Log in or register now."></script>
<link href="You do not have permission to view the full content of this post. Log in or register now." rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
<script src="You do not have permission to view the full content of this post. Log in or register now." integrity="sha384-IQsoLXl5PILFhosVNubq5LC7Qb9DXgDA9i+tQ8Zj3iwWAwPtgFTxbJ8NT4GN1R8p" crossorigin="anonymous"></script>
<script src="You do not have permission to view the full content of this post. Log in or register now." integrity="sha384-cVKIPhGWiC2Al4u+LWgxfKTRIcfu0JTxR+EQDz/bgldoEyl4H0zUF0QKbrJ0EcQF" crossorigin="anonymous"></script>
<script src="You do not have permission to view the full content of this post. Log in or register now."
integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script>
</head>
<body>
<?php
// insert to post database
if (isset($_POST['post'])) {
$page_content = $_POST['post_content']; //get the input text
$pagecontent = $_POST['postcontent']; //get the input title
$date_created = strtotime(date("Y-m-d h:i:sa")); //get the date and time
// prevent to ****ing sql injection
$slq = mysqli_prepare($con, "INSERT INTO post (comment,title, date_created, user_id) VALUES (?, ?, ?, ?)");
mysqli_stmt_bind_param($slq, "sssi", $page_content, $pagecontent, $date_created, $user_id);
mysqli_stmt_execute($slq);
header('locationostinsert.php');
exit();
ob_end_flush();
}
?>
<?php
// display query from post database
$post_query = mysqli_query($con, "SELECT *,UNIX_TIMESTAMP() - date_created as TimeSpent FROM post left join registration on registration.user_id = post.user_id order by comment_id DESC limit 1 ") or die(mysqli_error($con));
// loop
while ($post_row = mysqli_fetch_array($post_query)){
$id = $post_row['comment_id']; //get the comment_id
$uid = $post_row['user_id']; //get the user_id
$postedby = $post_row['username']; //get the username
?>
<!-- body of posted -->
<div class="container col-md-6 bg-body-tertiary border rounded-3">
<h5>Posted by: <a href="#" style= "margin-left:10px; text-decoration:none;"> <?php echo $postedby; ?></a></h5>
<!-- time interval -->
<?php
$days = floor($post_row['TimeSpent'] / (60 * 60 * 24));
$remainder = $post_row['TimeSpent'] % (60 * 60 * 24);
$hours = floor($remainder / (60 * 60));
$remainder = $remainder % (60 * 60);
$minutes = floor($remainder / 60);
$seconds = $remainder % 60;
if($days > 0)
echo date('F d, Y - H:i:sa', $post_row['date_created']);
elseif($days == 0 && $hours == 0 && $minutes == 0)
echo "A few seconds ago";
elseif($days == 0 && $hours == 0)
echo $minutes.' minutes ago';
?>
<img src="../img/hour.png" alt= "hour logo" style = "width:20px";>
<h1><?php echo $post_row['comment']; ?></h1>
<?php ?>
</div>
<form>
Comment:<br>
<input type="hidden" name="id" value="<?php echo $id; ?>">
<textarea name="comment_content" class="form-control" rows="2" cols="44" style="" placeholder=".........Type your comment here........" required></textarea><br>
<input type="submit" name="comment">
</form>
</div>
</br>
<?php
if (isset($_POST['comment'])){
$comment_content = $_POST['comment_content'];
$post_id=$_POST['id'];
mysqli_query($con,"insert into comment (comment,date_posted,user_id,comment_id) values ('$comment_content','".strtotime(date("Y-m-d h:i:sa"))."','$user_id','$post_id')") or die (mysqli_error());
}
?>
<?php
$comment_query = mysqli_query($con,"SELECT * ,UNIX_TIMESTAMP() - date_posted AS TimeSpent FROM comment inner JOIN registration on registration.user_id = comment.user_id order by comment.date_posted DESC where comment_id = '$id' ") or die (mysqli_error());
while ($comment_row=mysqli_fetch_array($comment_query)){
$comment_id = $comment_row['id'];
$comment_by = $comment_row['username'];
?>
<br><div class="container col-md-6 bg-body-tertiary border rounded-3"><?php echo $comment_by; ?> - <?php echo $comment_row['comment']; ?>
<br>
<?php }}?>
<div class="mt-2">
<?php
include "../partials/footer.php";
?>
</div>
</body>
</html>
ito code ko
<?php
ob_start();
// include navigation with connection and session
include "../partials/newnav.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Posted</title>
<link href="You do not have permission to view the full content of this post. Log in or register now." rel="stylesheet">
<link href="You do not have permission to view the full content of this post. Log in or register now." rel="stylesheet">
<script src="You do not have permission to view the full content of this post. Log in or register now."></script>
<link href="You do not have permission to view the full content of this post. Log in or register now." rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
<script src="You do not have permission to view the full content of this post. Log in or register now." integrity="sha384-IQsoLXl5PILFhosVNubq5LC7Qb9DXgDA9i+tQ8Zj3iwWAwPtgFTxbJ8NT4GN1R8p" crossorigin="anonymous"></script>
<script src="You do not have permission to view the full content of this post. Log in or register now." integrity="sha384-cVKIPhGWiC2Al4u+LWgxfKTRIcfu0JTxR+EQDz/bgldoEyl4H0zUF0QKbrJ0EcQF" crossorigin="anonymous"></script>
<script src="You do not have permission to view the full content of this post. Log in or register now."
integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script>
</head>
<body>
<?php
// insert to post database
if (isset($_POST['post'])) {
$page_content = $_POST['post_content']; //get the input text
$pagecontent = $_POST['postcontent']; //get the input title
$date_created = strtotime(date("Y-m-d h:i:sa")); //get the date and time
// prevent to ****ing sql injection
$slq = mysqli_prepare($con, "INSERT INTO post (comment,title, date_created, user_id) VALUES (?, ?, ?, ?)");
mysqli_stmt_bind_param($slq, "sssi", $page_content, $pagecontent, $date_created, $user_id);
mysqli_stmt_execute($slq);
header('locationostinsert.php');
exit();
ob_end_flush();
}
?>
<?php
// display query from post database
$post_query = mysqli_query($con, "SELECT *,UNIX_TIMESTAMP() - date_created as TimeSpent FROM post left join registration on registration.user_id = post.user_id order by comment_id DESC limit 1 ") or die(mysqli_error($con));
// loop
while ($post_row = mysqli_fetch_array($post_query)){
$id = $post_row['comment_id']; //get the comment_id
$uid = $post_row['user_id']; //get the user_id
$postedby = $post_row['username']; //get the username
?>
<!-- body of posted -->
<div class="container col-md-6 bg-body-tertiary border rounded-3">
<h5>Posted by: <a href="#" style= "margin-left:10px; text-decoration:none;"> <?php echo $postedby; ?></a></h5>
<!-- time interval -->
<?php
$days = floor($post_row['TimeSpent'] / (60 * 60 * 24));
$remainder = $post_row['TimeSpent'] % (60 * 60 * 24);
$hours = floor($remainder / (60 * 60));
$remainder = $remainder % (60 * 60);
$minutes = floor($remainder / 60);
$seconds = $remainder % 60;
if($days > 0)
echo date('F d, Y - H:i:sa', $post_row['date_created']);
elseif($days == 0 && $hours == 0 && $minutes == 0)
echo "A few seconds ago";
elseif($days == 0 && $hours == 0)
echo $minutes.' minutes ago';
?>
<img src="../img/hour.png" alt= "hour logo" style = "width:20px";>
<h1><?php echo $post_row['comment']; ?></h1>
<?php ?>
</div>
<form>
Comment:<br>
<input type="hidden" name="id" value="<?php echo $id; ?>">
<textarea name="comment_content" class="form-control" rows="2" cols="44" style="" placeholder=".........Type your comment here........" required></textarea><br>
<input type="submit" name="comment">
</form>
</div>
</br>
<?php
if (isset($_POST['comment'])){
$comment_content = $_POST['comment_content'];
$post_id=$_POST['id'];
mysqli_query($con,"insert into comment (comment,date_posted,user_id,comment_id) values ('$comment_content','".strtotime(date("Y-m-d h:i:sa"))."','$user_id','$post_id')") or die (mysqli_error());
}
?>
<?php
$comment_query = mysqli_query($con,"SELECT * ,UNIX_TIMESTAMP() - date_posted AS TimeSpent FROM comment inner JOIN registration on registration.user_id = comment.user_id order by comment.date_posted DESC where comment_id = '$id' ") or die (mysqli_error());
while ($comment_row=mysqli_fetch_array($comment_query)){
$comment_id = $comment_row['id'];
$comment_by = $comment_row['username'];
?>
<br><div class="container col-md-6 bg-body-tertiary border rounded-3"><?php echo $comment_by; ?> - <?php echo $comment_row['comment']; ?>
<br>
<?php }}?>
<div class="mt-2">
<?php
include "../partials/footer.php";
?>
</div>
</body>
</html>