MyBB Community Forums

MyBB Community Forums > Extensions > Plugins > Plugin Development > MYSQL Fetch Array Inserting Double Query
Full Version: MYSQL Fetch Array Inserting Double Query
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

Spudster

2014-07-02, 11:47 AM
Firstly I am hoping I am asking this in the right section if not please move it to the correct section.

Anyway,
I am trying to make a feature for the Mybb system going to call it social groups, so far it's been great but when I try to insert a comment in the database it inserts it twice due to the msql_fetch_array and how it works (php should fix this)

Anyway how can I get the Posts id the user is commenting on and insert it only once in the database not twice


<?php
require_once ("core/connection.php");
require_once ("core/group_functions.php");



	//We need to post the message update in to the database
if(isset($_POST['post_message_submit'])) {
$post_message_submit = $_POST['post_message_submit'];
$post_message = $_POST['post_message'];
	if(($post_message_submit) && ($post_message)) {

	$insert_query = $db->query("INSERT INTO " . TABLE_PREFIX . "groups_posts" . "(posted_by, group_name, post_body)
VALUES ('$mybb_username', '$get_group_url' ,'$post_message')");
	
	
	} else {
	echo "<text style='color:red;'> You Must Specify A Message</a></text>";
	}
	}
	
	

echo "
	<form action='' method='POST'>
<textarea name='post_message' id='post_message' placeholder='Whats Going On?'></textarea><br> 
	   <input type='submit' name='post_message_submit' value='Post'>
		</form>

";


$fetch_index_query = $db->query("SELECT post_id,posted_by,post_body,post_active,group_name FROM " . TABLE_PREFIX . "groups_posts WHERE group_name='$get_group_url'");





while($fetch_index_groups_array = $db->fetch_array($fetch_index_query)) {
$post_id_row = $fetch_index_groups_array['post_id'];
$posted_by = $fetch_index_groups_array['posted_by'];
$g_name = $_fetch_index_groups_array['g_name'];
$g_body = $fetch_index_groups_array['post_body'];
echo("<br>" . "<a href=''> $posted_by </a>" . "<br>" . $gname
. "<br>____________
<br> 
<form action='' method='POST'>
<input type='text' name='comment_post' placeholder='Comment then Hit Enter'>
</form>
"
);
$fetch_comments_query = $db->query("SELECT g_name,post_body,comment_by FROM spud_groups_comments WHERE post_id='$post_id_row'");
while($fetch_groups_comments = $db->fetch_array($fetch_comments_query)) {
$post_body = $fetch_groups_comments['post_body'];


	

echo ("<br>" . $post_body);



}
$insert_query = $db->query("INSERT INTO " . TABLE_PREFIX . "groups_posts" . "(posted_by, group_name, post_body)
VALUES ('$mybb_username', '$get_group_url' ,'$post_message')");
	
}

//We have done everything we need to do we can now exit and not execute anything beyond this point
exit();
?>

This software is going to be open source so you are really contributing to the feature by helping as I have never gone this advanced before.



Thanks!

Dannymh

2014-07-02, 12:08 PM
This needs to go into the Plugin support forum
Also there is already a plugin called social groups

- what are those core/includes?
- You dont need to use $_POST either as there is a mybb handler for this, $mybb->input["varname"];
- You shoud sanitise your data before inserting it into the DB, either by using intval($var) for integers and $db->escape_string for text or other values, otherwise you could open up SQL injection

finally you have the insert query written twice and once within the if(($post_message_submit) && ($post_message)) {

So I havent read through the code in too much detail as its a little messy, but it seems that there is some flawed logic here.

You are essentially saying "if the post has been submitted then enter it, then further down the page outside of any conditionals above, select the post and add the comment again."

Second one probably is not needed

You should also look at at using templates.

Spudster

2014-07-02, 12:24 PM
I am hoping a staff will move it in to that section soon.

I know there is probably loads of issues with the code that I need to fix and I don't think the social groups allows users to assign staff to there group.

And I have tried removing the second insert query that somehow got copied there but still does the same thing, I think since the fetch_array is looping through data it somehow inserts the query from how many loops it gone through (for example if it has found 5 posts in a group it will insert the comment in to the database 5 times)

Yes as soon as I can get the functionality working I be looking in to integrating in to the forums with templates.

Thanks for the reply and help so far Wink

dragonexpert

2014-07-02, 12:24 PM
I own the Social Groups Plugin for MyBB. It is also open source on Github. You will need to call it something else. You do have an insert query statement twice in your code. It also is vulnerable to SQL Injection.

I also moved it to Plugin Development since you are trying to develop a plugin.

Spudster

2014-07-02, 12:26 PM
I will think of another name maybe GroupBB, There is a lot of security issues that I will also be fixing and I haven't sanitized anything yet but I will be doing this once I found out the cause to this issue.

also does your plugin allow group leaders to assign staff to there group.

dragonexpert

2014-07-02, 12:31 PM
Members have to join a group. At this time, members can't be force added. I am looking at making that a possibility in the future. It should be noted though, moderators have abilities to edit posts, unapprove posts, and lock threads and groups.

Spudster

2014-07-02, 12:34 PM
I might use your plugin then since it's a proper plugin and would be more secure, I did leave those security holes I had open since I was only using it on my local server but was going to fix them with the real_escape string once it was ready for release.

It would be great to have a option where group leaders can add staff to there group it would make it more social Smile

I will still develop this feature and just use locally (I will learn something from it anyway)

Also would you know why the query is inserting multiple times? (from how many times the fetch_array loops through)

dragonexpert

2014-07-02, 12:38 PM
In the 2.1 update, I will have a feature to add a member / staff to a group.

With how your code is formatted, it is hard to tell where it is going wrong beyond just that there are two insert queries. If you indent properly and make use of comments when you have a large bracket so it is easy to know what that bracket closes.

Spudster

2014-07-02, 12:42 PM
I will update the code now to make it better to understand Wink

Give me 10 minutes


For some reason it came up a cloud flare error so I post it here


<?php
require_once ("core/connection.php");
require_once ("core/group_functions.php");



  
if(isset($_POST['post_message_submit'])) {
$post_message_submit = $_POST['post_message_submit'];
$post_message = $_POST['post_message'];
    if(($post_message_submit) && ($post_message)) {

    $insert_query = $db->query("INSERT INTO " . TABLE_PREFIX . "groups_posts" . "(posted_by, group_name, post_body)
VALUES ('$mybb_username', '$get_group_url' ,'$post_message')");
    
    
    } else {
    echo "<text style='color:red;'> You Must Specify A Message</a></text>";
    }
    }
    
    
//we echo the form to display
echo "
    <form action='' method='POST'>
<textarea name='post_message' id='post_message' placeholder='Whats Going On?'></textarea><br> 
       <input type='submit' name='post_message_submit' value='Post'>
        </form>

";


$fetch_index_query = $db->query("SELECT post_id,posted_by,post_body,post_active,group_name FROM " . TABLE_PREFIX . "groups_posts WHERE group_name='$get_group_url'");




//we fetch the groups posts also known as statuses
while($fetch_index_groups_array = $db->fetch_array($fetch_index_query)) {
//each of these array data is a row
$post_id_row = $fetch_index_groups_array['post_id'];
$posted_by = $fetch_index_groups_array['posted_by'];
$g_name = $_fetch_index_groups_array['g_name'];
$g_body = $fetch_index_groups_array['post_body'];
echo("<br>" . "<a href=''> $posted_by </a>" . "<br>" . $gname
. "<br>____________
<br> 
<form action='' method='POST'>
<input type='text' name='comment_post' placeholder='Comment then Hit Enter'>
</form>
"
);
//we fetch the comments for each status/post
$fetch_comments_query = $db->query("SELECT g_name,post_body,comment_by FROM spud_groups_comments WHERE post_id='$post_id_row'");
while($fetch_groups_comments = $db->fetch_array($fetch_comments_query)) {
$post_body = $fetch_groups_comments['post_body'];


    

echo ("<br>" . $post_body);



}
//insert the comment in to the database - this IS WHERE THE PROBLEMS LIES MAYBE IT BEING IN THE FETCH ARRAY
$insert_query = $db->query("INSERT INTO " . TABLE_PREFIX . "groups_posts" . "(posted_by, group_name, post_body)
VALUES ('$mybb_username', '$get_group_url' ,'$post_message')");
    
}

//We have done everything we need to do we can now exit and not execute anything beyond this point
exit();
?>

dragonexpert

2014-07-02, 01:30 PM
I think if you just remove the second time you do the insert you'll be fine. You also should look into using the $db->insert_query and $db->simple_select methods. If your groups_posts table only has one or two columns you didn't put, use * instead; it will execute the query faster.
Pages: 1 2
MyBB Community Forums > Extensions > Plugins > Plugin Development > MYSQL Fetch Array Inserting Double Query