|
|
 |
 |
 |
 |
PHP Mini Message Board TutorialMini Message Board Tutorial
Many websites like to have a message board / forum on their site, but would prefer their own "product". Well if you like, feel free to follow this tutorial and you'll learn how to create a mini message board in PHP and MySQL.
Database Stuff
Before we start with any of the coding, you will need to go into your phpMyAdmin and (if you haven't already got a 'threads' and 'replies' table) paste this in the SQL box. If you already have a threads and replies table in your database then you will need to change it accordingly to what's on the tutorial.
CREATE TABLE `threads` (
`id` INT NOT NULL AUTO_INCREMENT ,
`title` VARCHAR( 255 ) NOT NULL ,
`message` TEXT NOT NULL ,
`author` VARCHAR( 255 ) NOT NULL ,
`replies` INT( 11 ) NOT NULL ,
`posted` VARCHAR( 255 ) NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = MYISAM;
CREATE TABLE `replies` (
`id` INT NOT NULL AUTO_INCREMENT ,
`thread` INT( 11 ) NOT NULL ,
`message` TEXT NOT NULL ,
`author` VARCHAR( 255 ) NOT NULL ,
`posted` VARCHAR( 255 ) NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = MYISAM
This will allow the information to be stored in the database.
New Thread Form
Now as that has been added we need to start with the first page (index.php).
<?php
mysql_connect("localhost", "USERNAME", "PASSWORD");
mysql_select_db("DATABASE");
?>
The code above has connected to the database. You will need to change USERNAME to your database username, PASSWORD to your database password and DATABASE to the name of your database.
Now we need to first of all be able to make a thread. To do this you'll need to create a form on the index.php page with three boxes and a button.
<form action="newthread.php" method="POST">
Your Name: <input type="text" name="author"><br>
Thread Title: <input type="text" name="title"><br>
Thread:<br><textarea cols="60" rows="5" name="message"></textarea><br>
<input type="submit" value="Post Thread">
</form>
Your page should look something like this at the moment.
Inserting the New Thread
Now we need the form to enter the information into the database. To do this we will create a file, which is where the form will send the data to called 'newthread.php'. At the top of the file you will need to connect to the database again, then add an INSERT function.
<?php
mysql_connect("localhost", "USERNAME", "PASSWORD");
mysql_select_db("DATABASE");
$time = time();
mysql_query("INSERT INTO threads VALUES(NULL,'$_POST[title]','$_POST[message]','$_POST[author]','0','$time')");
echo "Thread Posted.<br><a href='index.php'>Return</a>";
?>
If you don't understand what's happening about, basically we're telling the script to add the data sent from the form on the previous page into the database.
Hopefully when you fill something in the form and click "Post Thread" you should get a message like this.
Showing List of Threads
Great! So far. You've been able to add a thread into the database. Now we need to be able to show this thread. To do this we will be using mysql_query() again and also mysql_fetch_array().
On index.php underneath the end of the form (</form>) add a horizontal rule (<hr>) then add this PHP beneath it. I will explain it all with comments within the code.
<?php
// We are selecting everything from the threads section in the database and ordering them newest to oldest.
$sql = mysql_query("SELECT * FROM threads ORDER BY posted DESC");
// Now we are getting our results and making them an array
while($r = mysql_fetch_array($sql)) {
// Everything within the two curly brackets can read from the database using $r[]
// We need to convert the UNIX Timestamp entered into the database for when a thread...
// ... is posted into a readable date, using date().
$posted = date("jS M Y h:i",$r[posted]);
// Now we will show the available threads
echo "<h3><a href='msg.php?id=$r[id]'>$r[title]</a> ($r[replies])</h3><h4>Posted by $r[author] on $posted</h4>";
// End of Array
}
?>
If you have followed the tutorial correctly you should now see something like this.
Reading Threads
Basically everything on the index page is done now. All that's left now is reading a thread and replying to a thread.
This stage will teach you how to read the threads. Create a file called 'msg.php'
Connect to the database...
<?php
// Connecting to the database again
mysql_connect("localhost", "USERNAME", "PASSWORD");
mysql_select_db("DATABASE");
Add a link to the previous page, so you can go back to the index page.
// Here's a link that will allow you to go back to the index
echo "<a href='index.php'>Go Back...</a>";
Do a mysql_query to select the thread you're reading.
// This query selects the current thread using the $_GET value.
$sql = mysql_query("SELECT * FROM threads WHERE id = '$_GET[id]'");
Show the result from the thread query and show it with a horizontal rule beneath it.
// Now we are getting our results and making them an array
while($r = mysql_fetch_array($sql)) {
// Here is the thread title.
echo "<h2>$r[title]</h2>";
// Everything within the two curly brackets can read from the database using $r[]
// We need to convert the UNIX Timestamp entered into the database for when a thread...
// ... is posted into a readable date, using date().
$posted = date("jS M Y h:i",$r[posted]);
// Now this shows the thread with a horizontal rule after it.
echo "$r[message]<h4>Posted by $r[author] on $posted</h4><hr>";
// End of Array
}
Now to show the replies, using the $_GET query from the thread.
echo "<h3>Replies...</h3>";
// Here we will get it to show the replies
// This query selects the replies from the database where the thread ID matches the thread $_GET value.
$sql = mysql_query("SELECT * FROM replies WHERE thread = '$_GET[id]'");
// Now we are getting our results and making them an array
while($r = mysql_fetch_array($sql)) {
// Everything within the two curly brackets can read from the database using $r[]
// We need to convert the UNIX Timestamp entered into the database for when a thread...
// ... is posted into a readable date, using date().
$posted = date("jS M Y h:i",$r[posted]);
// Now this shows the thread with a horizontal rule after it.
echo "$r[message]<h4>Posted by $r[author] on $posted</h4><hr>";
// End of Array
}
?>
Now show the form to do the reply in.
<form action="newreply.php" method="POST">
Your Name: <input type="text" name="author">
<input type="hidden" value="<?php echo $_GET[id]; ?>" name="thread"><br>
Message:<br><textarea cols="60" rows="5" name="message"></textarea><br>
<input type="submit" value="Post Reply">
</form>
This will now allow you to do a reply to the thread. However if you test it you will get an Error 404 (cannot find the file), so now we'll need to make the 'newreply.php' file.
Inserting the Reply
Connect to the database again.
<?php
mysql_connect("localhost", "USERNAME", "PASSWORD");
mysql_select_db("DATABASE");
Get the current time as a UNIX Timestamp as a varible.
$time = time();
Insert the information sent from the form into the database.
mysql_query("INSERT INTO replies VALUES(NULL,'$_POST[thread]','$_POST[message]','$_POST[author]','$time')");
Now we will need to update the reply count in the threads database.
mysql_query("UPDATE threads SET replies = replies + 1 WHERE id = '$_POST[thread]'");
Now make a little 'reply posted' message with a link back to the thread.
echo "Reply Posted.<br><a href='msg.php?id=$_POST[thread]'>Return</a>";
?>
Give it a try and it should send a reply to the thread.
Finished
That's basically it. Obviously this is a quick and dirty method of doing a message board and it is open to so many bugs, hacks, XSS, etc.. but the code can be optimized to make it better.
What you should have learned...
- How to build a HTML form
- How to connect to a database
- How to read information from a database
- How to add new information into the database
Things to make it better?
- Why not try adding a registration section on it, that will allow visitors to sign up and post without having to enter their name each time.
- Add an post icons for each post, so posters can select various icons for each topic.
- Create an Admin Control Panel, for ease of use when you need to remove a reply or thread.
- Add more security to the board. (Search around about strip_slashes(), html_special_chars() and similar things)
- Use nl2br() to make each line down show as a new line down.
- Adapt on the methods used in this tutorial to make a discussion board / forum with different rooms and categories
The stuff you can do with this simple and basic script tutorial is endless.
Feedback
I'd love to hear your feedback. If you have any then please contact Dale Hay (that's me!) or leave a comment on this post. |
 |
 |
 |
 |
|
|
|
|
8th Aug 2008 19:54
Didn't your mother teach you to sanitize your database inputs? By Tim |
|
|
|
|
|
|
|
|
8th Aug 2008 21:13
The database stuff seems clean enough. Though I am altogether a messy coder, my Dad tells me all the time about it when I do my VB stuff. |
|
|
|
|
|
|
|
|
10th Aug 2008 13:22
Thanks. it is a very nice tutorial. but can you please go with the update & delete options? thanks. |
|
|
|
|
|
|
|
|
10th Aug 2008 13:47
Is it just me or are you not closing your database connection?  By |
|
|
|
|
|
|
|
|
10th Aug 2008 16:38
Abubaker Swedan - I will expand on this tutorial soon and make it so things can be updated and deleted. :)
*unknown* - I don't really see the point in closing the connection as the database link is closed automatically when the script finishes executing. |
|
|
|
|
|
|
|
|
12th Aug 2008 7:48
It is an excellent! for me, it is my first time I see inside php and database coding staff!, very easy and best logical explanation that everyone can understand. Thanks a lot... By Abdullahi |
|
|
|
|
|
|
|
|
17th Aug 2008 1:02
i'm killing time while waiting for laptop and reading some stuff, this is one of bestly provided db basics i've came across.
thank you m8 :D |
|
|
|
|
|
|
|
|
20th Aug 2008 2:00
Very nice basic tutorial, though I would stress the vulnerabilities of using this basic, unsanitized code on a live site.
By Reiss |
|
|
|
|
|
|
|
|
20th Aug 2008 4:29
Thank you Reiss, also yeah I have mentioned it within the tutorial about the fact it is open to so many bugs and stuff. Though using this as a skeleton and working out from it would be good for an offline (or hidden online) project. |
|
|
|
|
|
|
|
|
21st Aug 2008 18:00
Yeah for all you people out there, it's not required in MySql to ALWAYS close out your connection. However, it makes it a bit more secure when you do close it, and have to reopen a connection or something else... |
|
|
|
|
|
|
|
|
21st Aug 2008 18:55
The thing that would get me though is say if you had a site like MySpace where there are thousands of connections being made every minute, wouldn't closing and opening it cause a slight bit more server load? |
|
|
|
|
|
|
|
|
21st Aug 2008 19:23
is there a way round so we can use the forum system into a login system |
|
|
|
|
|
|
|
|
21st Aug 2008 19:38
Are you wanting to add a login system on this forum? Or you wanting to change this tutorial to a login system? |
|
|
|
|
|
|
|
|
21st Aug 2008 22:22
i want to add a login system to this forum |
|
|
|
|
|
|
|
|
22nd Aug 2008 16:18
i want to add a login system to this forum that im using |
|
|
|
|
|
|
|
|
23rd Aug 2008 0:05
I will write up a tutorial addon for this over the next couple of days. Keep checking back or subscribe to the RSS Feed.  |
|
|
|
|
|
|
|
|
23rd Aug 2008 3:09
Hello. I'm a very poor coder and new to PHP. I suprised myself by making it as far as, well, I posted this in another forum, I was wondering if you might be able to help:
I am trying to make a message board while viewing [URL="http://www.dalehay.com/comment/497/"]this thread[/URL]. Everything was going unexpectedly well untill I got to the part in the tutorial labeled "Showing List of Threads" and it said on the [URL="http://trymegraphics.com/mb/"]message board URL[/URL]:
[QUOTE]Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/trymegra/public_html/mb/index.php on line 20[/QUOTE]
I added that code the way they said, but that came up and I'm wondering, was I supost to modify something, add something in a mysql thing, what? >.< I don't understand why it isn't connecting 
*******************
If you are able to help me it would be MUCH appreciated. If you may, please contact me at rbj1994[at]yahoo[dot]ca (I typed it that way because I get enough spam as it is  ) I'm terribally sorry if you're too busy to help me, I'll look around more to see if I might be able to resolve this issue. And you're not a messy coder! My sites are just terribally coded, and it's really rather depressing  |
|
|
|
|
|
|
|
|
23rd Aug 2008 15:09
i want to use it with a login system |
|
|
|
|
|
|
|
|
23rd Aug 2008 15:34
SQL Injection here we come! By Remco |
|
|
|
|
|
|
|
|
24th Aug 2008 23:51
Rebecca - The code above should connect, as the mysql_fetch_array() is correctly made and I have also ran through the code in this tutorial before I made it live. The problem you're coming up with is probably to do with either your server's PHP version is out-of-date (out-of-date a lot!!) or you've not entered your correct settings.
Paultiscali - As I said earlier... I'm going to make another tutorial soon that allows this message board to be login-able.
Remco - Get a life and fuck off if you're going to "SQL Inject" the things that I teach others to do. I bet you're one of these people that just sit there... browse Pixel2Life and think "Ahhh, there's a new tutorial on here.. I'm going to go on the site because I know how to do this little "script kiddy" style crap on there because I have loads of MySpace friends to show it off too." - You're a wanker and you need to get a fucking life... yeah... get a life. Toss Pot. |
|
|
|
|
|
|
|
|
26th Aug 2008 6:28
Thank you so much. This is truly great code for a base of forum. I am allowed to make add-ons right? If so, I will add BBCode, Post Count, Signatures, etc.
Thanks!!! |
|
|
|
|
|
|
|
|
26th Aug 2008 17:11
Dan, you are allowed to make addons and if you wish you can also mention / post them on here if you want to allow other people to have them too.
I will be making a login system for it over the next few days too. :) |
|
|
|
|
|
|
|
|
31st Aug 2008 5:42
all i want to know is how to add the login system to the messageboard and if its ready yet and also can you answer my question on your forum please dale |
|
|
|
|
|
|
|
|
2nd Sep 2008 17:23
This is a nice straightforward basic system. There are two elements of BB's that I don't understand and would love to see discussed..
1. Threading. How the heck do you retrieve nested threads when you don't know how many levels you need to pull back? I've not been able to figure out the logic to do it.
2. Quoting. How do they grab a quote from someone else's post with a button? By James F |
|
|
|
|
|
|
|
|
4th Sep 2008 3:06
uh how do i make it where there is a minumal amount that must be typed so people dont just spam the post thread button |
|
|
|
|
|
|
|
|
17th Sep 2008 5:37
very good tutorial i made it compeletly true thanks By 3m masr |
|
|
|
|
|
|
|
|
18th Sep 2008 19:13
thanks for great tutorial. but
INSERT INTO threads VALUES('','$_POST[title]','$_POST[message]','$_POST[author]','0','$time')
code doesnt work with mysql 5 I solved this problem through mysql 4.1 By shelltox |
|
|
|
|
|
|
|
|
23rd Sep 2008 10:29
Do you know how to update the tutorial so that
INSERT INTO threads VALUES('','$_POST[title]','$_POST[message]','$_POST[author]','0','$time')
works for mysql 5?
By Richard |
|
|
|
|
|
|
|
|
23rd Sep 2008 12:47
I take it I don't use MySQL 5 as I have no problems with it, however there doesn't seem to be any solutions lingering around on the internet. Try these two edits then... as I think that may work.
Try replacing:
mysql_query("INSERT INTO threads VALUES('','$_POST[title]','$_POST[message]','$_POST[author]','0','$time')");
With:
mysql_query("INSERT INTO threads (`id`, `title`, `message`, `author`, `replies`, `posted`) VALUES('','$_POST[title]','$_POST[message]','$_POST[author]','0','$time')");
Also try replacing:
mysql_query("INSERT INTO replies VALUES('','$_POST[thread]','$_POST[message]','$_POST[author]','$time')");
With:
mysql_query("INSERT INTO replies (`id`, `thread`, `message`, `author`, `posted`) VALUES('','$_POST[thread]','$_POST[message]','$_POST[author]','$time')"); |
|
|
|
|
|
|
|
|
25th Sep 2008 22:38
I found the problem.
in mysql5 if you use
INSERT INTO threads VALUES('','$_POST[title]','$_POST[message]','$_POST[author]','0','$time')
it gives Incorrect integer value
use null instead of '' it works fine.
namely
INSERT INTO threads VALUES(null,'$_POST[title]','$_POST[message]','$_POST[author]','0','$time')
By shelltox |
|
|
|
|
|
|
|
|
25th Sep 2008 22:41
Ahhh, thank you for that shelltox. :) I'll update the tutorial with that correction now. :)
It should work fine using NULL with MySQL 4? |
|
|
|
|
|
|
|
|
29th Sep 2008 3:08
Hi, I think in replyform
<input type="hidden" value="" name="thread"><br>
value="" must be value="$_GET[id]"
and can you give us some security information about this mini board.
By shelltox |
|
|
|
|
|
|
|
|
29th Sep 2008 5:02
Oops... that ended up not parsing properly when I updated the tutorial a few days ago. I've sorted that out.
Also "security" ? In what sense? This tutorial is just for a bog standard forum, nothing special - unless I turned it into a full time project, with which I'd then take time to sort out the bugs and holes in it. To be honest any script kiddie could have fun playing with this board as the amount of problems with it - it's just not 100% practical for use on a commercial basis. |
|
|
|
|
|
|
|
|
20th Oct 2008 2:05
I use MySQL 5 and I have problems with replies Nummbers ()[The nummer is always 0]. Can you help me, please?
Could you send me a working Code for MySQL 5?
Thank you very much. By Alan |
|
|
|
|
|
|
|
|
20th Oct 2008 23:31
Could you send me please the correct Mini Message Board Code for MySQL 5? I'd really appreciate that.Thank you very much.
By Alan |
|
|
|
|
|
|
|
|
22nd Oct 2008 14:09
For those idiots that come posting about "escaping" queries, etc., why are you reading this tutorial if you know all that? It's good for a beginner, so no need to put beginners off with that rubbish. |
|
|
|
|
|
|
|
|
30th Oct 2008 19:41
i followed this tutorial and cant seem to get it working, the index page works fine but when you try to create a new thread i get this -
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'Sweet92_Izzy'@'localhost' (using password: YES) in /home/sweet92/public_html/private/newthread.php on line 8
Warning: mysql_select_db() [function.mysql-select-db]: Access denied for user 'sweet92'@'localhost' (using password: NO) in /home/sweet92/public_html/private/newthread.php on line 9
Warning: mysql_select_db() [function.mysql-select-db]: A link to the server could not be established in /home/sweet92/public_html/private/newthread.php on line 9
Warning: mysql_query() [function.mysql-query]: Access denied for user 'sweet92'@'localhost' (using password: NO) in /home/sweet92/public_html/private/newthread.php on line 12
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/sweet92/public_html/private/newthread.php on line 12
everything is right (username,password,database name)could someone please help me i dont whats wrong |
|
|
|
|
|
|
|
|
31st Oct 2008 0:03
By the looks of it, you've used two different usernames in the script. (Sweet92_Izzy and sweet92) |
|
|
|
|
|
|
|
|
4th Nov 2008 0:44
Could you send me please the correct Mini Message Board Code for MySQL 5? I'd really appreciate that.Thank you very much.
http://www.forum-ksa.com/vb
|
|
|
|
|
|
|
|
|
5th Nov 2008 22:34
I can't get mine to work. I don't have it under the index right now because I don't want to replace my current site. I saved it as index2.php and changed the appropriate code. I get a ton of warnings when I try and run it though:
Warning: mysql_connect() [function.mysql-connect]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/j/b/a/jbabrams2/html/index2.php on line 2
Warning: mysql_select_db() [function.mysql-select-db]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/j/b/a/jbabrams2/html/index2.php on line 3
Warning: mysql_select_db() [function.mysql-select-db]: A link to the server could not be established in /home/content/j/b/a/jbabrams2/html/index2.php on line 3
Warning: mysql_query() [function.mysql-query]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/j/b/a/jbabrams2/html/index2.php on line 17
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/content/j/b/a/jbabrams2/html/index2.php on line 17
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/j/b/a/jbabrams2/html/index2.php on line 20
Can someone help??? My email is abrams6@illinois.edu. you can go to www.jeremyabrams.com/index2.php to view the problem for yourselves.
Thanks> |
|
|
|
|
|
|
|
|
6th Nov 2008 1:21
Jeremy - the reason you're getting the "Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock'" error is something to do with your servers MySQL setup. Either you don't have MySQL setup on your website server (or if you do, then it's not setup correctly).
That's the only thing I can think of for that error (as I've had it plenty of times before). |
|
|
|
|
|
|
|
|
6th Nov 2008 2:00
Well I'm using godaddy hosting services so they did everything for me...that's strange I guess ill have to call them. |
|
|
|
|
|
|
|
|
11th Nov 2008 6:52
Around August 26th, I thanked you for your forum. Well I went and looked at the base and decided to expand.
Here is my result as of November 08:
http://cookyx.com/forum.php
(another web site I coded)
You're going to need to register in order to post and make topics, other than that, you can view topics.
What do you think Dale? :) |
|
|
|
|
|
|
