Get id of other table and insert to another one

Question

I'm having a problem in making a comment section for my website. Whenever I make a comment, only one comment saved in my table, I don't know what's wrong coz I already inserted the code inside the while to loop the id of the question and insert to every comment id. Here's the html and php code.

<?PHP

session_start();
include "function.php";

$con    = db();
?>

<div class="row">
    <div class="col-md-8">
        <div class="panel panel-default">
            <div class="panel-heading"><div class="panel panel-green"><svg style="margin-left:20px" class="glyph stroked app window with content"><use xlink:href="#stroked-app-window-with-content"></use></svg><b>Question and  Answer</b>
        </div>
    </div>
    <div class="panel-body">
        <form class="form-horizontal" action="" method="post">
        <fieldset>
            <table data-toggle="table" data-url="tables"  data-show-refresh="true" data-show-toggle="true" data-show-columns="true" data-search="true" data-select-item-name="toolbar1" data-pagination="true" data-sort-name="name" data-sort-order="desc">
                <br>
<?PHP
    $sql = "SELECT * FROM tbl_alum_question ORDER BY ques_id desc";
    $result = mysqli_query($con, $sql);
    if(mysqli_num_rows($result) > 0) {
        while($row = mysqli_fetch_array($result)) {

            echo '<form action="" method="post" >';
            echo '<p style= "text-align: right;">'; echo ''.$row["created"].''; 
            echo '</p>';
            echo '<p>&nbsp;Asked by:</p>';
            echo '<p >'; 
            echo ''.$row["questions"].''; 
            echo '</p>';
            echo '<input type="hidden" name="comment_id" value="';
            echo ''.$row['ques_id'].'' ;
            echo '">';

            //echo '<form action="" method="post" style="display: block;"';
            echo '<input name="commentid" id="commentid"type="hidden" value="'.$row['ques_id'].'">';
            echo '<input type="text" name="reps" value=""style="display: block;"><br>
            <input type="submit" name="reply" value="Comment"/><br>';
            //echo '</form>';
            //echo '<input type="text" name="reps" /><br>
            echo '</form>';

            if(isset($_POST['reply'])) {
                $id = $_POST['commentid'];
                $reps = $_POST['reps'];
                $datetime=date("Y/m/d h:i:sa");

                $sqq = 'INSERT INTO tbl_alum_answer 
                                    (ques_id, answer, created, username) 
                        VALUES ("'.$id.'","'.$reps.'","'.$datetime.'","red" )';
                $ress = mysqli_query($con, $sqq);
            }
        }
        echo '</div>';
    }
?>
<?php
?>
        </table>
        </fieldset>
        </form>
    </div>

    </div>
    </div><!--/.col-->

Some sensible code indentation would be a good idea. It helps us read the code and more importantly it will help **you debug your code** [Take a quick look at a coding standard](http://www.php-fig.org/psr/psr-2/) for your own benefit. You may be asked to amend this code in a few weeks/months and you will thank me in the end. — RiggsFolly, Feb 18 '17 at 22:47
only the last id will be inserted. I need every id of the post to be inserted inside the table of comment. — Mal Eyy, Feb 18 '17 at 22:47
@RiggsFolly sorry I'm just a beginner and I only do this for my capstone project. — Mal Eyy, Feb 18 '17 at 22:49
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Feb 18 '17 at 23:01

Get id of other table and insert to another one

0 Answers0