computergeek67
Administrator
Joined: 31 Jul 2007
Posts: 144
Tokens: 147
Location: US
|
 Posted: Wed Jan 23, 2008 6:14 pm Post subject: Simple Forum in PHP and MySQL |
 |
|
If you've ever wondered how to build a simple forum in PHP/Mysql, this simple tutorial will give you the basics of how to post and reply to threads
and display messages.
First we need to create the SQL tables which will store the data for our threads and posts for this forum:
| Code: | CREATE TABLE forumtutorial_posts (
postid bigint(20) NOT NULL auto_increment,
author varchar(255) NOT NULL default '',
title varchar(255) NOT NULL default '',
post mediumtext NOT NULL,
showtime varchar(255) NOT NULL default '',
realtime bigint(20) NOT NULL default '0',
lastposter varchar(255) NOT NULL default '',
numreplies bigint(20) NOT NULL default '0',
parentid bigint(20) NOT NULL default '0',
lastrepliedto bigint(20) NOT NULL default '0',
PRIMARY KEY (postid)
) |
This is pretty basic. It creates the fields for the id of the post(this is how each post is identified), the author, the title, the time of post, the number of replies, if it was a reply, the thread it is a reply of, the last person to reply, and when the thread was last replied to.
Next we have the basic connect.php file to connect to our database:
| Code: | <?php
$db = mysql_connect("localhost", "username", "password") or die("Could not connect.");
if(!$db)
die("no db");
if(!mysql_select_db("database_name",$db))
die("No database selected.");
if(!get_magic_quotes_gpc())
{
$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
}
else
{
$_GET = array_map('stripslashes', $_GET);
$_POST = array_map('stripslashes', $_POST);
$_COOKIE = array_map('stripslashes', $_COOKIE);
$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
}
?> |
Simple, a simple connector function where you have to input your username, password, and database name to connect. Not that the function below starting at
if(!get_magic_quotes_gpc()) is not actually part of the connector function, it is simply to parse out mySQL injections and may not be needed. If your php to mysql extenson classes are not updated, mysql_escape_string may not work and you will have to take the parser lines out.
Next we have a stylesheet to give our forum colors and look:
| Code: | <!---
body {
a:link, a:visited, a:active { text-decoration: none}
font-family:Verdana, Sans-serif;
color; #000000;
font-size: 12px
}
input,textarea, select,{
color : #000000;
font: normal 12px;
border-collapse: collapse; border: 1px solid #000000;
}
.maintable {border: 0px ; width: 100%; padding: 0px; background-color: #FFFFFF} /*main table for forum*/
.regrow {font-family: Verdana,Sans-serif; color: #000000; font-weight: bold; background-color: #FFFFFF;font-size: 12px;} /*registration row, mainly here for symetry*/
.headline {font-family: Verdana,Sans-serif;font-weight: bold;color: #FFFFFF;background-color: #003366;font-size: 11px;} /*headline row, the first row that says forum name, topics, posts and such*/
.forumrow {font-family: Verdana,Sans-serif; color: #000000;background-color: #F2F2F2;font-size: 12px;} /*color of the forum rows*/
.mainrow a:link, a:visited, a:active { text-decoration: none;}
.mainrow {font-family: Verdana,Sans-serif; color: #000000;background-color: #F2F2F2;font-size: 12px; a:link, a:visited, a:active { text-decoration: none}} /*color of the forum rows*/
.maintables{background-color: #FFFFFF; width: 95%; padding: 0px; border: 1px solid; cellspacing: no} /*main table for forum*/
--->
|
Simple basic stylesheet to define some table headings and colors we will use, you can change this as you please.
Now the actual message board files. We only need 4 files, index.php(the one to display all the threads), post.php(The file to post and start threads),
message.php(The file that displays the messages), and reply.php(The file to reply to posts).
First index.php:
| Code: | <?php
include "connect.php"; //mysql db connection here
print "<link rel='stylesheet' href='style.css' type='text/css'>";
print "<A href='post.php'>New Topic</a><br>";
print "<table class='maintable'>";
print "<tr class='headline'><td width=50%>Topic</td><td width=20%>Topic Starter</td><td>Replies</td><td>Last replied time</td></tr>";
$getthreads="SELECT * from forumtutorial_posts where parentid='0' order by lastrepliedto DESC";
$getthreads2=mysql_query($getthreads) or die("Could not get threads");
while($getthreads3=mysql_fetch_array($getthreads2))
{
$getthreads3[title]=strip_tags($getthreads3[title]);
$getthreads3[author]=strip_tags($getthreads3[author]);
print "<tr class='mainrow'><td><A href='message.php?id=$getthreads3[postid]'>$getthreads3[title]</a></td><td>$getthreads3[author]</td><td>$getthreads3[numreplies]</td><td>$getthreads3[showtime]<br>Last post by <b>$getthreads3[lastposter]</b></td></tr>";
}
print "</table>";
?> |
This is straightforward, it simply selects all threads with a parentid of 0, meaning that all threads that are not replies and it selects them by the last time they were replied to, beginning with the latest first. Then it goes through a loop to display all of them along with the number of replies they have, and the thread starter. It links the thread subject with a message identifier to message.php so people can view the thread by clicking on the link.
The strip_tags function parses out SQL injections that user might have put in.
Now the message.php file:
| Code: | <?php
include "connect.php"; //mysql db connection here
$id=$_GET['id'];
print "<link rel='stylesheet' href='style.css' type='text/css'>";
print "<A href='index.php'>Back to main forum</a>-<A href='post.php'>New Topic</a>-<A href='reply.php?id=$id'>Reply<br>";
print "<table class='maintable'>";
print "<tr class='headline'><td width=20%>Author</td><td width=80%>Post</td></tr>";
$gettopic="SELECT * from forumtutorial_posts where postid='$id'";
$gettopic2=mysql_query($gettopic) or die("Could not get topic");
$gettopic3=mysql_fetch_array($gettopic2);
print "<tr class='mainrow'><td valign='top'>$gettopic3[author]</td><td vakign='top'>Last replied to at $gettopic3[showtime]<br><hr>";
$message=strip_tags($gettopic3['post']);
$message=nl2br($message);
print "$message<hr><br>";
print "</td></tr>";
$getreplies="Select * from forumtutorial_posts where parentid='$id' order by postid desc"; //getting replies
$getreplies2=mysql_query($getreplies) or die("Could not get replies");
while($getreplies3=mysql_fetch_array($getreplies2))
{
print "<tr class='mainrow'><td valign='top'>$getreplies3[author]</td><td vakign='top'>Last replied to at $getreplies3[showtime]<br><hr>";
$message=strip_tags($getreplies3['post']);
$message=nl2br($message);
print "$message<hr><br>";
print "</td></tr>";
}
print "</table>";
?> |
This file gets some data passed to it in the form $id in the URL.
What this code does is it first selects the topic post in $gettopic, printing it and then selects all the posts in $getreplies and prints them. Strip_tags is there to parse out HTML injectons and nl2br is there to make sure line breaks work right.
Now the post.php file
| Code: | <?php
include "connect.php"; //connection string
print "<link rel='stylesheet' href='style.css' type='text/css'>";
print "<table class='maintables'>";
print "<tr class='headline'><td>Post a message</td></tr>";
print "<tr class='maintables'><td>";
if(isset($_POST['submit']))
{
$name=$_POST['name'];
$yourpost=$_POST['yourpost'];
$subject=$_POST['subject'];
if(strlen($name)<1)
{
print "You did not type in a name."; //no name entered
}
else if(strlen($yourpost)<1)
{
print "You did not type in a post."; //no post entered
}
else if(strlen($subject)<1)
{
print "You did not enter a subject."; //no subject entered
}
else
{
$thedate=date("U"); //get unix timestamp
$displaytime=date("F j, Y, g:i a");
//we now strip HTML injections
$subject=strip_tags($subject);
$name=strip_tags($name);
$yourpost=strip_tags($yourpost);
$insertpost="INSERT INTO forumtutorial_posts(author,title,post,showtime,realtime,lastposter) values('$name','$subject','$yourpost','$displaytime','$thedate','$name')";
mysql_query($insertpost) or die("Could not insert post"); //insert post
print "Message posted, go back to <A href='index.php'>Forum</a>.";
}
}
else
{
print "<form action='post.php' method='post'>";
print "Your name:<br>";
print "<input type='text' name='name' size='20'><br>";
print "Subject:<br>";
print "<input type='text' name='subject' size='20'><br>";
print "Your message:<br>";
print "<textarea name='yourpost' rows='5' cols='40'></textarea><br>";
print "<input type='submit' name='submit' value='submit'></form>";
}
print "</td></tr></table>";
?> |
This file has two cases, if submit was pressed, and if submit was not pressed. If submit was not pressed, then it prints a form for you to type in , your name, a message subject, and a message. If you have pressed submit, it checks first if the required fields of name, subject, and post have been entered
and spits out error message if the have not. If everything has been entered, then it draws the local time both in Unix format and in readable format and inserts all the data of the post along with the timestamps into the database.
Now the reply.php file:
| Code: | <?php
include "connect.php"; //connection string
print "<link rel='stylesheet' href='style.css' type='text/css'>";
print "<table class='maintables'>";
print "<tr class='headline'><td>Reply</td></tr>";
print "<tr class='maintables'><td>";
if(isset($_POST['submit']))
{
$name=$_POST['name'];
$yourpost=$_POST['yourpost'];
$subject=$_POST['subject'];
$id=$_POST['id'];
if(strlen($name)<1)
{
print "You did not type in a name."; //no name entered
}
else if(strlen($yourpost)<1)
{
print "You did not type in a post."; //no post entered
}
else
{
$thedate=date("U"); //get unix timestamp
$displaytime=date("F j, Y, g:i a");
//we now strip HTML injections
$subject=strip_tags($subject);
$name=strip_tags($name);
$yourpost=strip_tags($yourpost);
$insertpost="INSERT INTO forumtutorial_posts(author,title,post,showtime,realtime,lastposter,parentid) values('$name','$subject','$yourpost','$displaytime','$thedate','$name','$id')";
mysql_query($insertpost) or die("Could not insert post"); //insert post
$updatepost="Update forumtutorial_posts set numreplies=numreplies+'1', lastposter='$name',showtime='$displaytime', lastrepliedto='$thedate' where postid='$id'";
mysql_query($updatepost) or die("Could not update post");
print "Message posted, go back to <A href='message.php?id=$id'>Message</a>.";
}
}
else
{
$id=$_GET['id'];
print "<form action='reply.php' method='post'>";
print "<input type='hidden' name='id' value='$id'>";
print "Your name:<br>";
print "<input type='text' name='name' size='20'><br>";
print "Your message:<br>";
print "<textarea name='yourpost' rows='5' cols='40'></textarea><br>";
print "<input type='submit' name='submit' value='submit'></form>";
}
print "</td></tr></table>";
?> |
Note this is very similar to the post.php file except it passed a hidden parameter id, which indicates which thread you are reply to. Also after you have pressed submit, it checks if the required fields have been filled out, inserts the message with the timestamps and then it updates the original message which you replied to with new timestamps and adds one to the number of replies that message has while putting you as the last replier to that message.
Ok, there you have it, a simple working forum.
-Chipmunk Scripts
_________________
Come to me if you have any questions  |
|
