TalkPHP - View Single Post

lesP · 02-29-2008, 11:35 PM

Hi. When I use the form, I am getting redirected to login.php:

<?
session_start();
include("connect.php");
$id = $_GET[id];

if(!isset($_SESSION['id'])){
header("location:login.php");
}else{
$query = "SELECT * FROM users WHERE id = '".$_SESSION['id']."'";

$result = mysql_query($query)or die("MySQL fejl: " . mysql_error());
$log = mysql_fetch_array($result);
$user = $log["user"];
echo"$user";
$query2 = "SELECT * FROM messages WHERE modtager = '$user' && laest = 'n'";
$result2 = mysql_query($query2)or die("MySQL fejl: " . mysql_error());
$log2 = mysql_fetch_array($result2);
if(isset($_POST[text])){

$query3 = "SELECT * FROM topics WHERE id_parent = '$id'";
$result3 = mysql_query($query3)or die("MySQL fejl: " . mysql_error());
$log3 = mysql_fetch_array($result3);

$sql = "INSERT INTO topics (titel,text,date,author,id_parent)
VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')";
$sql = sprintf($sql,
mysql_real_escape_string($log3['titel']),
mysql_real_escape_string($_POST['text']),
mysql_real_escape_string(now()),
mysql_real_escape_string($user),
mysql_real_escape_string($log3['id_parent'])
);

$res = mysql_query($sql) or die(mysql_error());

}

$foresp = mysql_query("SELECT * FROM topics where id_parent = '$id'") or die(mysql_error());

while ($row = mysql_fetch_array($foresp)) {
echo"<br><br>Titel: $row[titel]<br>Text: $row[text]<br>";

echo"<form method='post' action='$PHP_SELF'>
<textarea name='text'>Skriv en meddelelse</textarea>
<input type='submit'></form>";
}
}
?>

02-29-2008, 11:35 PM	#1 (permalink)
lesP The Contributor Join Date: Jan 2008 Posts: 27 Thanks: 1	Form destroys my session Hi. When I use the form, I am getting redirected to login.php: <? session_start(); include("connect.php"); $id = $_GET[id]; if(!isset($_SESSION['id'])){ header("location:login.php"); }else{ $query = "SELECT * FROM users WHERE id = '".$_SESSION['id']."'"; $result = mysql_query($query)or die("MySQL fejl: " . mysql_error()); $log = mysql_fetch_array($result); $user = $log["user"]; echo"$user"; $query2 = "SELECT * FROM messages WHERE modtager = '$user' && laest = 'n'"; $result2 = mysql_query($query2)or die("MySQL fejl: " . mysql_error()); $log2 = mysql_fetch_array($result2); if(isset($_POST[text])){ $query3 = "SELECT * FROM topics WHERE id_parent = '$id'"; $result3 = mysql_query($query3)or die("MySQL fejl: " . mysql_error()); $log3 = mysql_fetch_array($result3); $sql = "INSERT INTO topics (titel,text,date,author,id_parent) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')"; $sql = sprintf($sql, mysql_real_escape_string($log3['titel']), mysql_real_escape_string($_POST['text']), mysql_real_escape_string(now()), mysql_real_escape_string($user), mysql_real_escape_string($log3['id_parent']) ); $res = mysql_query($sql) or die(mysql_error()); } $foresp = mysql_query("SELECT * FROM topics where id_parent = '$id'") or die(mysql_error()); while ($row = mysql_fetch_array($foresp)) { echo"<br><br>Titel: $row[titel]<br>Text: $row[text]<br>"; echo"<form method='post' action='$PHP_SELF'> <textarea name='text'>Skriv en meddelelse</textarea> <input type='submit'></form>"; } } ?>