我为论坛创建了一个简单的主题帖子页面。它有一个下拉菜单来选择该主题属于哪个类别。我为子类别添加了第二个下拉菜单。页面加载没有错误,但当我尝试创建主题“体育”(类别)=> “足球”(子类别),它给了我错误“你试图创建一个主题的论坛,不存在!”
这是我的代码。
<?php
$id = mss($_GET['id']);
if ($id) {
$sql = "SELECT * FROM `forum_sub_cats` WHERE `id`='" . $id . "'";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 0) {
echo "The forum you are trying to create a topic on, does not exist!\n";
} else {
$row1 = mysql_fetch_assoc($res);
if ($row1['admin'] == 1 && $admin_user_level == 0) {
echo "You are not an administrator, therefore you cannot post on this forum!\n";
} else {
if (!$_POST['submit']) {
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./index.php?act=create&id=".$id."\">\n";
$sql = "SELECT id, name FROM forum_cats";
$result = mysql_query($sql);
echo "<select name=\"cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['id'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
$sql = "SELECT cid, name FROM forum_sub_cats";
$result = mysql_query($sql);
echo "<select name=\"sub_cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['cid'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
echo "<tr><td><textarea name=\"message\" style=\"width:300px;height:100px;\"></textarea></td></tr>\n";
echo "<tr><td align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n";
echo "</form></table>\n";
} else {
$cat = mss($_POST['cat']);
$msg = mss($_POST['message']);
if ($cat && $msg) {
$sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 0) {
echo "This forum sub category does not exist!\n";
} else {
$row = mysql_fetch_assoc($res);
if ($row['admin'] == 1 && $admin_user_level != 1) {
echo "You are not an admin therefore you cannot post a new topic on this forum!\n";
} else {
if (strlen($msg) < 3 || strlen($msg) > 10000) {
echo "The message must be between 3 and 10,000 characters!\n";
} else {
$date = date("m-d-y") . " at " . date("h:i:s");
$time = time();
$sql2 = "INSERT INTO `forum_topics` (`cid`,`uid`,`date`,`time`,`message`) VALUES('" .
$cat . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time .
"','" . $msg . "')";
$res2 = mysql_query($sql2) or die(mysql_error());
$tid = mysql_insert_id();
topic_go($tid);
}
}
}
} else {
echo "Please supply all the fields!\n";
}
}
}
}
} else {
if (!$_POST['submit']) {
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./index.php?act=create&id=".$id."\">\n";
$sql = "SELECT id, name FROM forum_cats";
$result = mysql_query($sql);
echo "<select name=\"cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['id'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
$sql = "SELECT id, name FROM forum_sub_cats";
$result = mysql_query($sql);
echo "<select name=\"sub_cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['cid'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
echo "<tr><td><textarea name=\"message\" style=\"width:300px;height:100px;\"></textarea></td></tr>\n";
echo "<tr><td align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n";
echo "</form></table>\n";
} else {
$cat = mss($_POST['cat']);
$msg = mss($_POST['message']);
if ($cat && $msg) {
$sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 0) {
echo "This forum sub category does not exist!\n";
} else {
$row = mysql_fetch_assoc($res);
if ($row['admin'] == 1 && $admin_user_level != 1) {
echo "You are not an admin therefore you cannot post a new topic on this forum!\n";
} else {
if (strlen($msg) < 3 || strlen($msg) > 10000) {
echo "The message must be between 3 and 10,000 characters!\n";
} else {
$date = date("m-d-y") . " at " . date("h:i:s");
$time = time();
$sql2 = "INSERT INTO `forum_topics` (`cid`,`uid`,`date`,`time`,`message`) VALUES('" .
$cat . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time .
"','" . $msg . "')";
$res2 = mysql_query($sql2) or die(mysql_error());
$tid = mysql_insert_id();
header("Location: index.php?act=topic&id=" . $tid . "");
}
}
}
} else {
echo "Please supply all the fields!\n";
}
}
}
?>
答案 0 :(得分:0)
您正在寻找名为id,$id = mss($_GET['id']);的表单字段,但您创建的唯一select元素是cat或sub_cat。可以命名其中一个id或更改您要查找的内容。