SQL database receives comments made on a post in localhost, but my 000webhost database doesn't receive it

Community support
#1

Hey guys,

Here is my problem: I have a project ( a blog made up of SQL/PHP ) that works perfectly in my localhost. Every time a user clicks on a post and wants to put a comment, it works and the database logs it in.

However on my 000webhost site, even though the database works fine when it comes to displaying the content (the posts are there, etc.), every time I try to post a comment on a post, for some reason it doesn’t work and the database doesn’t receive it.

Here is my post.php, which consists of a form for posting comments:

<?php

        if(isset($_POST['create_comment'])){


          $the_post_id = $_GET['p_id'];

          $comment_author = $_POST['comment_author'];
          $comment_email = $_POST['comment_email'];
          $comment_content = $_POST['comment_content'];

          $query = "INSERT INTO comments (comment_post_id, comment_author,
          comment_email, comment_content, comment_status, comment_date)";

          $query .= "VALUES ($the_post_id ,'{$comment_author}', '{$comment_email}', '{$comment_content}', 'approved', now())";


          $create_comment_query = mysqli_query($connection, $query);

        }

        ?>

<div class="container">
  <div class="row">
    <div class="col-lg-8 col-md-10 mx-auto">
     <p>COMMENT HERE :</p>
      <form  id="contactForm" action="" method="post" novalidate>
        <div class="control-group">
          <div class="form-group floating-label-form-group controls">
            <label>Name</label>
            <input type="text" class="form-control" placeholder="Name" name="comment_author" id="name" required data-validation-required-message="Please enter your name.">
            <p class="help-block text-danger"></p>
          </div>
        </div>
        <div class="control-group">
          <div class="form-group floating-label-form-group controls">
            <label>Email Address</label>
            <input type="email" class="form-control" name="comment_email" placeholder="Email Address" id="email" required data-validation-required-message="Please enter your email address.">
            <p class="help-block text-danger"></p>
          </div>
        </div>
        <div class="control-group">
          <div class="form-group floating-label-form-group controls">
            <label>Message</label>
            <textarea rows="5" class="form-control" placeholder="Message" id="message" required data-validation-required-message="Please enter a message." name="comment_content"></textarea>
            <p class="help-block text-danger"></p>
          </div>
        </div>
        <br>
        <div id="success"></div>
        <div class="form-group">
          <button type="submit" class="btn btn-primary" id="sendMessageButton" name="create_comment">Send</button>
        </div>
      </form>

<?php } ?>

<?php

 $query = "SELECT * FROM comments WHERE comment_post_id = {$the_post_id} AND ";
 $query .= "comment_status = 'approved' ";
 $query .= "ORDER BY comment_id DESC ";
 $select_comment_query = mysqli_query($connection, $query);

 while($row = mysqli_fetch_array($select_comment_query)){
  $comment_date = $row['comment_date'];
  $comment_content = $row['comment_content'];
  $comment_author = $row['comment_author'];

 ?>

  <div class="container">
  <div class="row">
      <div class="comments" style="padding-top: 90px">
        <h3><?php echo $comment_author; ?></h3 style="font-family: ">
        <p>Posted on <?php echo $comment_date; ?></p>
        <p><?php echo $comment_content; ?></p>
      </div>
  </div>
  </div>

  <?php } ?>

<hr>

<!-- Footer -->
<footer>
  <div class="container">
    <div class="row">
      <div class="col-lg-8 col-md-10 mx-auto">
        <ul class="list-inline text-center">
          <li class="list-inline-item">
            <a href="#">
              <span class="fa-stack fa-lg">
                <i class="fa fa-circle fa-stack-2x"></i>
                <i class="fa fa-twitter fa-stack-1x fa-inverse"></i>
              </span>
            </a>
          </li>
          <li class="list-inline-item">
            <a href="#">
              <span class="fa-stack fa-lg">
                <i class="fa fa-circle fa-stack-2x"></i>
                <i class="fa fa-facebook fa-stack-1x fa-inverse"></i>
              </span>
            </a>
          </li>
          <li class="list-inline-item">
            <a href="#">
              <span class="fa-stack fa-lg">
                <i class="fa fa-circle fa-stack-2x"></i>
                <i class="fa fa-github fa-stack-1x fa-inverse"></i>
              </span>
            </a>
          </li>
        </ul>
        <p class="copyright text-muted">Copyright &copy; Your Website 2018</p>
      </div>
    </div>
  </div>
</footer>

<!-- Bootstrap core JavaScript -->
<script src="vendor/jquery/jquery.min.js"></script>
<script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script>

<!-- Custom scripts for this template -->
<script src="js/clean-blog.min.js"></script>

I appreciate all responses.

#2

Hi can you try changing your php version to 5.6

#3

where do I do that ?

#4

Open your 000webhost account and click on manage website then go to general and scroll down and change your php version.

#5

it still doesn’t work…

#6

Well then you have to wait because i am not good at php

#7

Please replace this

$create_comment_query = mysqli_query($connection, $query);

With this

$create_comment_query = mysqli_query($connection, $query)or die(mysqli_error($connection));

Are there any errors thrown now? :slight_smile:

1 Like
#8

Thanks, I was able to fix everything !

1 Like
#9

This query contains a SQL injection vulnerability. The variable $the_post_id comes from the user, and is an easy way for a hacker to run their own SQL in your database. Search for “SQL injection PHP” in a search engine to research how to close this security hole.

1 Like