Tweet
I'm validating some input, and between using sessions and a header to redirect to my index, all of the content is being doubled. For example, see http://ggserver.dyndns-server.com/ and press send comment without filling out information. Everything on the index page doubles and I can't figure out why.
In the index.php file
In the insert_into_issues.php file
Any ideas? Thanks a ton.
In the index.php file
PHP Code:
<?php session_start(); ?>
<html>
<script type="text/javascript" src="functions.js"></script>
<head>
<link rel="stylesheet" type="text/css" href="style.css" />
<title> PolyView </title>
</head>
<body onload="javascipt:ajax('stream.php','tmp_post','POST');">
<h1>
<a href = "index.php">
<img src="/images/header.png" alt="PolyView Banner" id="banner" />
</a>
</h1>
<h1>
Welcome to PolyView <br/>
</h1>
<?php include "menu.php"; ?>
<br/> <p id="tmp_post"></p> <br/>
<?php
if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
echo '<ul class="err">';
foreach($_SESSION['ERRMSG_ARR'] as $msg) {
echo '<li>',$msg,'</li>';
echo '<br>';
}
echo '</ul>';
unset($_SESSION['ERRMSG_ARR']);
}
?>
<p class="pos_fixed">
Issue:<br/>
<select id="issue">
<option value=5>Obama</option>
<option value=6>Healthcare</option>
</select>
<br/>
Title: <br/>
<input type="text" name="title" id="title"/> <br/>
Comment: </br>
<textarea name = "content" id="content" rows="10" cols="50">
</textarea>
<br/>
<input type="submit" value="Send Comment" onclick= "insert_into_issuePosts()" />
</p>
</body>
</html>
PHP Code:
<?php
session_start();
require_once('config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$title = clean($_GET['title']);
$content = clean($_GET['content']);
//Input Validations
if($title == '') {
$errmsg_arr[] = 'Title missing';
$errflag = true;
}
if($content == '') {
$errmsg_arr[] = 'Content missing';
$errflag = true;
}
//If there are input validations, redirect back to index.php
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: index.php");
exit();
}
$con = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db(DB_DATABASE, $con);
//$issueID = mysql_query("SELECT id FROM issueCategories where title =" . '$_GET[issue]');
$sql="INSERT INTO issuePosts (title,content,issueID)
VALUES
('$title','$content','$_GET[issueID]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
$result = mysql_query("SELECT * FROM issuePosts ORDER BY id DESC");
while($row = mysql_fetch_array($result))
{
echo "<p class = 'center'>";
$issue = mysql_query("Select title FROM issueCategories where id = " . $row['issueID']);
echo "On " . mysql_result($issue,0);
echo "<br/>";
echo $row['title'];
echo "<br/>";
echo mysql_query("Select title FROM users where id = " . $row['userID']);
echo "<br/>";
echo $row['content'];
echo "<br/> <br/>";
echo "</p>";
}
mysql_close($con);
?>