Hi, I currently have a script for my news, the PHP file is this: <?php $amount_get = mysql_query("SELECT * FROM comment WHERE articleid='" . mysql_real_escape_string($_GET['id']) . "'"); $comments = mysql_num_rows($amount_get); $grab = mysql_query("SELECT * FROM articles WHERE id='" . mysql_real_escape_string($_GET['id']) . "' LIMIT 1"); $article = $row['news_title']; if (mysql_num_rows($grab)==0) { die(); } while($row = mysql_fetch_array($grab)){ ?> <p></p> <div class="container"> <div class="header"><?php echo $row['news_title'] ?></div> <div class="content"><?php echo $row['news_content'] ?></div> <div class="comments"> <a href="<?php echo $row['id'] ?>">Comments (<?php echo $comments ?>)</a> </div> <div class="posted"> <i> Posted by <strong><?php echo $row['news_author'] ?></strong> on <strong><?php echo $row['news_date'] ?></strong> </i> </div> </div> <?php } ?> <div class="container"> <div class="header_comments">Article Comments</div> <?php $name = mysql_real_escape_string($_POST['name']); $comment = mysql_real_escape_string($_POST['comment']); $submit = $_POST['submit']; $date = date("y-m-d"); $ip = "".$_SERVER['REMOTE_ADDR'].""; if($submit) { if($name&&$comment) { $query=mysql_query(" INSERT INTO comment (id, articleid, name, comment, date, ip) VALUES ('','". mysql_real_escape_string($_GET['id']) ."','$name','$comment','$date','$ip') "); header("Location: " . mysql_real_escape_string($_GET['id']) . ""); } else { echo "<div class='red'>You must fill in all fields!</div>"; } } ?> <?php $amount_get = mysql_query("SELECT * FROM comment WHERE articleid='" . mysql_real_escape_string($_GET['id']) . "'"); $comments = mysql_num_rows($amount_get); $grab = mysql_query("SELECT * FROM comment WHERE articleid='" . mysql_real_escape_string($_GET['id']) . "'"); if (mysql_num_rows($grab)==0) { echo "<p> There are no comments to be displayed! </p>"; } while($row = mysql_fetch_array($grab)){ ?> <div class="grey"> Posted by <strong><?php echo $row['name'] ?></strong> on <strong><?php echo $row['date'] ?></strong> <br /><br /> <?php echo $row['comment'] ?> </div> <div class="grey_line"></div> <?php } ?> <a href="../comment.php" rel="facebox">Post Comment</a> </div> </body> </html> <?php ob_flush(); ?> PHP: Now, this is my .htaccess: RewriteEngine On RewriteRule ^article/(.*)/?$ article/article.php?id=$1 [L,QSA] Code (markup): the finished product would look like this: article/5 or article/6 based on what my articles are. Now I'm simply trying to add a "article/ID.ARTICLE-NAME-HERE", how would I go about doing this? Is it a PHP file problem, or a .htaccess problem? Thank you for your time!
Can I get what you are trying to achieve? Are you trying to change the article/id to article/article-title ?
Firstly you should not be using the mysql functions. check php.net . you should be usig mysqli or PDO Secondly you should never ever in your live trust user input without validating the data. User imput includes GET, POST, FILES, COOKIE, SERVER data. Things like this t WHERE articleid='" . mysql_real_escape_string($_GET['id']) . "'"); $c PHP: are just screaming for issues. what if someone inserts some text?? yes you have escaped it but your script will still not be able to handle it. Before you pass the value of GET['id'] you should be validating it that it is an positive integer. Hope above comments help. anyway. You have mistakes in both the php and htaccess not testing it but a quick look brought these issues the link <div class="comments"> <a href="<?php echo $row['id'] ?>">Comments (<?php echo $comments ?>)</a> </div> PHP: should be looking more like this <div class="comments"> <a href="article/<?php echo $row['id'] ?>.<?php echo str_replace(' ','-',$row['news-title']); ?>">Comments (<?php echo $comments ?>)</a> </div> PHP: then your htaccess rule should look more like this RewriteRule ^article/([0-9*).*?$ article/article.php?id=$1 [L,QSA] Code (markup): Like I said only had a quick look at it. give it a try,