PHP data not sending between two pages

Question

I'm having trouble trying to send data between two pages. I have looked for examples but could not figure it out at all; it's frustrating.

The SQL is the following:

$query = "SELECT post_id, title , bodyofpost , username, datetime
            FROM Post GROUP BY datetime DESC
            LIMIT ?,?";

Here is the code snippet of the first PHP page that has the data that is needed to be sent to the other:

while ($stmt->fetch()) 
  {

    echo "Post ID: ".$post_id."<br/>";
    echo "Title : ".$title."<br/>";
    echo "<strong> Username: ".$username."</strong><br />";
    echo "BodyofPost: ".$bodyofpost."<br/>";
    echo "Date Created: ".$datetime."<br/><p>";
    echo $addComment = "<a href=\"addComments.php?$post_id\">AddComment</a>";
    echo"</br>";
    echo"</br>";


  }

This is the add comments page that the postID needs to be sent to. It has a hidden value and when I try to insert the postID into the database, the postID is always 0, which it shouldn't be.

    echo'</form>';
    echo '<form method="post" action="addComments.php">';
    echo'<input type="hidden" name="post_id" value="postID"/>';
    echo '<table>';
    echo '<tr><td>Comments:</td>';
    echo '<td><input type="text" name="comment"></td></tr>';
    echo '<tr><td colspan="2" align="center">';
    echo '<input type="submit" value="PostComment"></td></tr>';
    echo '</table></form>';

Ignore the comment form above; it works.

This is the part of the add comment code where I tried inserting only the postID into the database to test if it works but it didn't.

if(isset($_GET['post_id'])){
    $postID= $_GET['post_id'];
    $sql = "INSERT INTO Comments (post_id)
    VALUES ('$postID') ";

}

So let's say we have 10 posts and we group by descending order and I clicked the linked for post 10. Then it would send me to the addcomment page and I typed in the desired comments etc. Then when I go and check the inserted comment at my database the post ID would always be 0; it should be 10 because it's the postID I was commenting on. Any help is appreciated!! Thank you!!

Try `"AddComment";` When you look in `$_GET['post_id']` you've never actually assigned to that key. — ficuscr, May 11 '18 at 18:18
@ficuscr i just tried your way it didnt work unfortunately not sure what else could be the problem — liang123, May 11 '18 at 18:36
@PatrickQ its just a code snippet i have more code i just posted the parts that is needed. i have free result and close database right afterwards — liang123, May 11 '18 at 18:37

yanntinoco · Answer 1 · 2018-05-11T18:55:46.797

3

Your form method is set to POST and your code are specting GET method.

try this out:

if(isset($_POST['post_id'])){
    $postID= $_POST['post_id'];
    $stmt = $connection->prepare("INSERT INTO Comments (post_id)
    VALUES (?) ");
    $stmt->bind_param('i',$postID);
    $stmt->execute();
    $stmt->close();
}

edited May 11 '18 at 18:55

answered May 11 '18 at 18:31

yanntinoco

152
7

2

I think you are correct, but please do not insert the post id like that, I think you risk an SQL injection. Please use a prepared statement or at least escape the variable before you use it. See [How to prevent SQL injections](https://stackoverflow.com/q/60174/2506609). – david May 11 '18 at 18:34
@david great observation! I've missed that cuz have just pasted the OP code changing `GET` to `POST` – yanntinoco May 11 '18 at 18:38
i just tried it but postID still 0. Not sure what is wrong. Everything seems to be right but the database is not displaying the right postID – liang123 May 11 '18 at 18:39
`post_id ` != `postID `. Do a `var_dump($_POST);`. See what is there (and remember my earlier comment). – ficuscr May 11 '18 at 18:41
@liang123 are you fetching results from Post table to addcomments page? – yanntinoco May 11 '18 at 18:46
if yes, you need to set this line: `echo'';` to `echo'';` – yanntinoco May 11 '18 at 18:48
@ficuscr it says array(2) { ["post_id"]=> string(6) "postID" – liang123 May 11 '18 at 18:49
@liang123 it's because you're passing `value="postID"` in your form as I've said. change it to `value="$post_id"` if you're fetching results from Post table to addcomments page – yanntinoco May 11 '18 at 18:50
@liang123 mmm, when you fetch the table, what's in `$post_id`, in your `while ($stmt->fetch()) ...` on addcomments page? – yanntinoco May 11 '18 at 18:58
the fetching is on another php code but when i click add comment on a specific post the url would show addComments.php?post_id=10, for example when i pick 10. So i really dont know what is the problem – liang123 May 11 '18 at 19:04
how this 'another php code' are passing data to addcomments page? – yanntinoco May 11 '18 at 19:14

PHP data not sending between two pages

1 Answers1