<?php ini_set('display_errors', 1); $host = "localhost"; $username = "root"; $password = "mypass123"; $databasename = "comments"; $connect = mysqli_connect($host, $username, $password, $databasename); if(isset($_POST['user_comm']) && isset($_POST['user_name'])) { $comment = $_POST['user_comm']; $name = $_POST['user_name']; $insert = "insert into comments values('', '$name', '$comment', CURRENT_TIMESTAMP)"; $runInsert = mysqli_query($connect, $insert); $select=mysqli_query("SELECT name, comment, post_time FROM comments where name='$name' and comment='$comment'"); $result = mysqli_query($connect, $select); if($row = mysqli_fetch_assoc($result)) { $name = $row['name']; $comment = $row['comment']; $time = $row['post_time']; ?> <div class="comment_div"> <p class="comment"><?php echo $comment;?></p> <p class="name">by: <?php echo $name;?></p> <p class="time"><?php echo $time;?></p> </div> <?php } exit; } ?> PHP: There's multiple errors because of: $select=mysqli_query("SELECT name, comment, post_time FROM comments where name='$name' and comment='$comment'"); the errors are: Warning: mysqli_query() expects at least 2 parameters, 1 given in C:\laragon\www\9\post_comment.php on line 17 Warning: mysqli_query(): Empty query in C:\laragon\www\9\post_comment.php on line 18 Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\laragon\www\9\post_comment.php on line 20 Fatal error: Uncaught Error: Call to undefined function mysql_query() in C:\laragon\www\9\post_comment.php:17 Stack trace: #0 {main} thrown in C:\laragon\www\9\post_comment.php on line 17 Warning: mysqli_query() expects at least 2 parameters, 1 given in C:\laragon\www\9\post_comment.php on line 17 Warning: mysqli_query(): Empty query in C:\laragon\www\9\post_comment.php on line 18 Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\laragon\www\9\post_comment.php on line 20 Fatal error: Uncaught Error: Call to undefined function mysql_query() in C:\laragon\www\9\post_comment.php:17 Stack trace: #0 {main} thrown in C:\laragon\www\9\post_comment.php on line 17 Fatal error: Uncaught Error: Call to undefined function mysql_query() in C:\laragon\www\9\post_comment.php:17 Stack trace: #0 {main} thrown in C:\laragon\www\9\post_comment.php on line 17 Parse error: syntax error, unexpected '$comment' (T_VARIABLE), expecting ',' or ')' in C:\laragon\www\9\post_comment.php on line 17 Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\laragon\www\9\index.php on line 45 Code (markup):
These error messages are self-explanatory, so there;s not much we can help about this because error message itself provides detailed instructions on how to fix the issue. For example: mysqli_query() expects at least 2 parameters, 1 given Code (markup): It means you should provide function with 2 arguments, but you only provided one. In order to fix the issue, add one more argument. You executed the same function perfectly on lines 15 and 16, just do the same on lines 17 and 18 now. Call to undefined function mysql_query() Code (markup): I don't see this function in your code, so I guess it comes from another file. But this one is self-explanatory too - it indicates that mysql_ function is not available. In short, it was removed from modern versions of PHP and replace with mysqli. Hence, you should always use mysqli_ instead of mysql_ to work with databases.
Try this. $connect = mysqli_connect($host, $username, $password, $databasename); $select= "SELECT name, comment, post_time FROM comments where name='$name' and comment='$comment'"; $result = mysqli_query($connect, $select);
LAUGH is, even if your existing errors were fixed, the code would STILL be garbage since you're wasting time creating variables for nothing and slopping them directly into your query string. It's called prepare/bind_param/execute, USE IT! (though bind_param and mysqli_stmt being such crap it's part of why I favor PDO) A LOT of your errors wouldn't even exist if you used the object method (aka proper use) of mysqli instead of the halfwitted crutch that are the procedural models. (another reason I favor PDO, it doesn't have that crap) What I THINK you're trying to do is this (warning, may have typos) <?php ini_set('display_errors', 1); $conn = new mysqli( 'localhost', 'root', 'mypass123', 'comments' ); if ( array_key_exists('user_comm', $_POST) && array_key_exists('user_name', $_POST) ) { $stmt = $conn->prepare(' INSERT INTO comments ( name, comment, post_time ) VALUES ( ?, ?, NOW() ) '); $stmt->bindParam( 'ss', $_POST['user_name'], $_POST['user_comm'] ); $stmt->execute(); $stmt = $conn->prepare(' SELECT name, comment, post_time FROM comments WHERE name = ? AND comment = ? '); $stmt->bindParam( 'ss', $_POST['user_name'], $_POST['user_comm'] ); $stmt->execute(); $stmt->bind_result( $user, $comment, $time ); if ($stmt->fetch()) { // don't forget to escape/sanitize user generated values! echo ' <div class="comment"> <p class="comment">', htmlspecialchars($comment), '</p> <p class="name">by: ', htmlspecialchars($name), '</p> <p class="time">', $time, '</p> </div>'; } else echo ' <p class="notFound">Not found after Insert?!?</p>'; } // you do not need to 'exit' here, and avoid closing ?> Code (markup): Though again this is a wonderful case for showing how superior PDO is over mysqli: <?php ini_set('display_errors', 1); $db = new PDO( 'mysql:host=localhost;dbname=comments', 'root', 'mypass123' ); if ( array_key_exists('user_comm', $_POST) && array_key_exists('user_name', $_POST) ) { $stmt = $db->prepare(' INSERT INTO comments ( name, comment, post_time ) VALUES ( :name, :comment, NOW() ) '); $stmt->execute([ ':name' => $_POST['user_name'], ':comment' => $_POST['user_comm'] ]); $stmt = $db->prepare(' SELECT name, comment, post_time FROM comments WHERE name = :name AND comment = :comment '); $stmt->execute([ ':name' => $_POST['user_name'], ':comment' => $_POST['user_comm'] ]); if ($row = $stmt->fetch()) { // don't forget to escape/sanitize user generated values! echo ' <div class="comment"> <p class="comment">', htmlspecialchars($row['comment']), '</p> <p class="name">by: ', htmlspecialchars($row['name']), '</p> <p class="time">', $row['post_time'], '</p> </div>'; } else echo ' <p class="notFound">Not found after Insert?!?</p>'; } // you do not need to 'exit' here, and avoid closing ?> Code (markup): Though if I were writing that to pull the timestamp from when it was created, I would NOT use the complex search and instead pull the ID from the insert. $stmt = $db->prepare(' INSERT INTO comments ( name, comment, post_time ) VALUES ( :name, :comment, NOW() ) '); $stmt->execute([ ':name' => $_POST['user_name'], ':comment' => $_POST['user_comm'] ]); $id =$db->lastInsertId(); $stmt = $db->prepare(' SELECT name, comment, post_time FROM comments WHERE id = ? '); $stmt->bindParam(1, $id); $stmt->execute($id); Code (markup): Which assuming your table as a unique ID auto-increment column would be WAY faster than a full text comparison of multiple fields. NOT that in practice I'd return the name or comment since those would still exist in $_POST so why waste memory, database, and socket connection time pulling information you already have?