I want to put a comment/quotes page on my teams site, and let people submit their own, but I don't know anything about php or any other database. Can some one help me?

There are a few options. One is to use a free shoutbox type program. Another is to use php and log all of the comments to a text file. The last option is to use php and save it all to a database. The last will be the hardest to code but could allow for more features to be added. If i have any free tome today i will write you some sample code.

CHeck out these links. http://www.project-angel.com/index.php?pa=tutorials&cat=PHP&id=13 and http://www.project-angel.com/index.php?pa=tutorials&cat=PHP&id=14 . Hopefully that will get you started. If you need any help just ask.

There are a few options. One is to use a free shoutbox type program. Another is to use php and log all of the comments to a text file. The last option is to use php and save it all to a database. The last will be the hardest to code but could allow for more features to be added. If i have any free tome today i will write you some sample code.

I actually think that writing it to use a database (MySQL for example) would be easier than using the text file. That's just what I'd do, though. Either that or use XML..

I actually think that writing it to use a database (MySQL for example) would be easier than using the text file. That's just what I'd do, though. Either that or use XML..

With a text file there would be no need for a MySQL database (not sure if he has one). Plus, he wouldnt need to know SQL or and knowledge of XML. WIth XML you have to parse all of it. With a text file he could just log everything as a line of text.

Could some one give me the code for the text file option.

Just to confirm what you want, you want a box that holds the posts of the shoutbox, under that you want a spot for people to input a nickname and message. Will that work for you? Also, do you know what version of php your webserver is running?

Here is the server info:

http://www.khsfirst.com/serverinfo.gif

And I would want it to look like this
http://www.khsfirst.com/insert.html for the submiting page, and http://www.khsfirst.com/Quotes.html for the pageit would show up on.

ya know, it would be a ton easier to just use a database.
if you have PHPmyAdmin, then use it.

mysqlServer = mysql_pconnect("server","username","password") //server is typically "127.0.0.1"
mysql_select_db("siteData", mysqlServer);

$getNews = mysql_query("SELECT * FROM `news` ORDER BY `id` DESC");
$rowGetNews = mysql_fetch_assoc($getNews);
$numRowsGetNews = mysql_num_rows($getNews);

do {
echo $rowGetNews['body'];
} while($rowGetNews = mysql_fetch_assoc($getNews));

im assuming that you have a database, schema name "siteData", with a table called "news".
columns should be AT LEAST:
id INTEGER AUTO_INCREMENT, title VARCHAR(35), body TEXT


adding news to the DB is a different story.

Ya what is PHPmyAdmin? And how do I Use it?

Ya what is PHPmyAdmin? And how do I Use it?

phpMyAdmin is a php based MySQL admin tool. If you have CPanel then it is included, else you have to set it up.

The databases can be created without phpMyAdmin. I can write up some code for inputing data and createing the tables if you want me to. Also, can you find out if your webserver supports PHP and if so what version. If you cant find it, please post a link to the people who provide your hosting.

EDIT: I wrote this up quickly so its not that great but it will work.



Database Layout

Database --> "siteData"
Table --> "news"
columns --> id INTEGER AUTO_INCREMENT, title VARCHAR(35), body TEXT


=================================

// Code for printing out all of the news

// Connecting, selecting database
$link = mysql_connect ("server","username","password") or die ('I cannot connect to the database because: ' . mysql_error());//Open up the specific database
mysql_select_db ("siteData");


$query = ""SELECT * FROM `news` ORDER BY `id` DESC"";
$result = mysql_query($query) or die('Query failed: ' . mysql_error());


echo "<table>\n";
echo "\t<tr>\n";
echo "\t\t<td>Name</td>\n";
echo "\t\t<td>Post</td>\n";
echo "\t</tr>\n";


while ($line = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo "\t<tr>\n";
foreach ($line as $col_value)
{
echo "\t\t<td>$col_value</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";


=================================

// Code for adding news to the db

Add Post

<FORM ACTION="<?=$PHP_SELF?>" METHOD="POST" NAME="newsentry" type="text">

Name:

<BR>

<INPUT TYPE="text" SIZE="50" NAME="name" type="text">

<BR>

Post:

<BR>

<INPUT TYPE="text" SIZE="50" NAME="post" type="text">

<BR>


<INPUT TYPE="submit" NAME="submit" VALUE="Submit">
<BR>


</FORM>

<?

if($HTTP_POST_VARS['submit'])
{

if(!$HTTP_POST_VARS['name'])
{
echo "You must enter a name";
exit;
}
if(!$HTTP_POST_VARS['post'])
{
echo "You must enter a post";
exit;
}


$query = "INSERT INTO news VALUES ('', '$HTTP_POST_VARS['name']', '$HTTP_POST_VARS['post']')";
$result = mysql_query($query);
}

?>

phpMyAdmin is a php based MySQL admin tool. If you have CPanel then it is included, else you have to set it up.

The databases can be created without phpMyAdmin. I can write up some code for inputing data and createing the tables if you want me to. Also, can you find out if your webserver supports PHP and if so what version. If you cant find it, please post a link to the people who provide your hosting.

EDIT: I wrote this up quickly so its not that great but it will work.



Database Layout

Database --> "siteData"
Table --> "news"
columns --> id INTEGER AUTO_INCREMENT, title VARCHAR(35), body TEXT


=================================

// Code for printing out all of the news

// Connecting, selecting database
$link = mysql_connect ("server","username","password") or die ('I cannot connect to the database because: ' . mysql_error());//Open up the specific database
mysql_select_db ("siteData");


$query = ""SELECT * FROM `news` ORDER BY `id` DESC"";
$result = mysql_query($query) or die('Query failed: ' . mysql_error());


echo "<table>\n";
echo "\t<tr>\n";
echo "\t\t<td>Name</td>\n";
echo "\t\t<td>Post</td>\n";
echo "\t</tr>\n";


while ($line = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo "\t<tr>\n";
foreach ($line as $col_value)
{
echo "\t\t<td>$col_value</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";


=================================

// Code for adding news to the db

Add Post

<FORM ACTION="<?=$PHP_SELF?>" METHOD="POST" NAME="newsentry" type="text">

Name:

<BR>

<INPUT TYPE="text" SIZE="50" NAME="name" type="text">

<BR>

Post:

<BR>

<INPUT TYPE="text" SIZE="50" NAME="post" type="text">

<BR>


<INPUT TYPE="submit" NAME="submit" VALUE="Submit">
<BR>


</FORM>

<?

if($HTTP_POST_VARS['submit'])
{

if(!$HTTP_POST_VARS['name'])
{
echo "You must enter a name";
exit;
}
if(!$HTTP_POST_VARS['post'])
{
echo "You must enter a post";
exit;
}


$query = "INSERT INTO news VALUES ('', '$HTTP_POST_VARS['name']', '$HTTP_POST_VARS['post']')";
$result = mysql_query($query);
}

?>


Ah, so you are going to go with the MySQL option. Honestly, to me that seems much more easier than using a text file..

Oh by the way (correct me if I am wrong), I see a SQL injection vulnerability in your code. It's not as if it'll probably ever cause any real problems, it's just that it exists.

$query = "INSERT INTO news VALUES ('', '$HTTP_POST_VARS['name']', '$HTTP_POST_VARS['post']')";

Plain text posted is being inserted into the query. So, in theory, someone could submit something that could potentially alter the query. My advice would be to look into using the mysql_escape_string() or the mysql_real_escape_string() function.

Plain text posted is being inserted into the query. So, in theory, someone could submit something that could potentially alter the query. My advice would be to look into using the mysql_escape_string() or the mysql_real_escape_string() function.

Or, he could just make sure that no one but an administrator can get to that page. Dont execute the query if you arent logged in!


if ($_SESSION['UserClass'] == 'Admin') { }
or something like that. but if you do that, you would need to setup a login system.
I used to have a bunch of tutorials that i made about how to do this stuff.

Or, he could just make sure that no one but an administrator can get to that page. Dont execute the query if you arent logged in!

Well, sure.. but that still doesn't solve the SQL injection vulnerability. I think he wants just anyone to be able to submit, anyway.

Well, sure.. but that still doesn't solve the SQL injection vulnerability. I think he wants just anyone to be able to submit, anyway.
oh yeah, i didnt think of that.


$postName = get_magic_quotes_gpc() ? addslashes($_POST['name']) : $_POST['name'];
$postPost = get_magic_quotes_gpc() ? addslashes($_POST['post']) : $_POST['post'];
sprintf("INSERT INTO `news` VALUES ('', '%s', '%s')");

Yea, definatly fix that. I didnt really thing about security as i dont even know if he has PHP or if he is even going to use the code. If he is then with all SQL statements YOU MUST CHECK FOR INJECTION VULNERABILITIES. Its not cool. There are lots of features and fixes the code could use, i mean i wrote it quickly during class.

Yea, definatly fix that. I didnt really thing about security as i dont even know if he has PHP or if he is even going to use the code. If he is then with all SQL statements YOU MUST CHECK FOR INJECTION VULNERABILITIES. Its not cool. There are lots of features and fixes the code could use, i mean i wrote it quickly during class.

Yes, that is very important. There's always going to be that one person who wastes their time trying to find an exploit like that, and then use it to do real damage.

By the way.. you're not the only one who likes to write things quickly during class. In history class I once wrote a simple math game (I was bored, don't ask).. although it didn't turn out all that great.

http://www.khsfirst.com/cpanel.gif

I looked at your webhost and they have PHP. Make a file called "junk.php" and in it write

<?
phpinfo();
?>

and then see what version of PHP you are running. Also, if you post the code to the pages you want this added to we can added the code to the page for you.

its version 4.3.4 heres the link (http://www.khsfirst.com/junk.php)

Ok, thank you. If you have any questions setting it up just ask.

Databases: 0/0
Well, it looks like the MySQL option is out then, so it's back to using some sort of text file (could be plain text, XML, INI, whatever).

I'll see if maybe I can write some code up for this later today.

On the WebRyders website is shows that all hosting plans come with a database. I wonder why you dont have any.

Maybe because its old and we probably got it for free.

Ok, if i were you i would see if you could get databases becuase they can be used for so much. If not, then use a text file.

When it comes to this (text file) I have no clue what to do.

Basicly i would say this. Write each post to a line in the file. Use a "|" between the users name, email, post, post number, etc (whatever info you need saved). Then just read in each line, expode the string by "|". And then echo is out. Ill post some code shortly.

Well here's a simplistic example (I have tested it for about 45 seconds, it seems to work). It takes the quote submitted and writes HTML to a text file, and then on the quote view page all it does is read that text file and output all of the HTML in it.

I would also like to add that I haven't really put in any error handling yet for the most part (I've only been working on this for about 10 minutes).

Anyway, here it is.

insert.php - This allows the user to enter their quote.

<?php
//*************************************************
// insert.php - Allows a user to insert a quote.
//*************************************************

@$name = $_POST["name"]; // Get Name posted
@$team = $_POST["team"]; // Get Team Number posted
@$quote = $_POST["quote"]; // Get quote posted
@$submit = $_POST["submit"]; // Used to check if form is being submitted
/* NOTE:
The @ characters are here to supress undefined error messages,
just in case the server has those turned on, like my dev/testing
server does..
*/

if ($submit == "Submit") // If the form is being submitted..
{
if (empty($name) || empty($team) || empty($quote)) // Make sure all fields are filled in
{
echo "<span style=\"color: red\">Error: Please fill in all of the fields.</span><br />";
showForm();
}
else
{
$hfile = fopen("quotes.dat", "r+") or die("Could not open file"); // Open data file

// Compile text to be written
$write = "<p>Quote- \"" . $quote . "<br />" .
"</p><div align=\"right\">" . $name . "<br />" .
$team . "</div></p><hr />";

fwrite($hfile, $write); // Write the text
fclose($hfile); // Close the file

// Notify the user that thier quote has been submitted
echo "Thanks, your quote has been submitted.";

}
}
else
showForm();

/***************************
Shows the input form
****************************/
function showForm()
{
?>
<blockquote>
<form name="form1" method="post" action="insert.php">
<p align="left">
Name/Screen Name:<br />
<input name="name" type="text" />
<br />
Team Number: <br />
<input name="team" type="text" />
<br />
<br />
Quote:<br />
<textarea name="quote" rows="4" cols="75"></textarea>
<br />
<br />
<input type="submit" name="submit" value="Submit">
</p>
</form>
</blockquote>
<?php
}
?>


quotes.php - This displays all of the quotes that are saved.

<?php
//*************************************************
// quotes.php - Displays user submitted quotes.
//*************************************************

$hfile = fopen("quotes.dat", "r") or die("Could not open file"); // Open the data file for reading
$contents = fread($hfile, filesize("quotes.dat")); // Read the entire contents of the file
fclose($hfile); // Close the file

echo $contents; // Output file contents;
?>


Save this in files called insert.php and quotes.php. Then outside everything within the <?php and ?> tags, enter in all of the HTML for your site's header and footer. You must then create a file called quotes.dat in the same directory as insert.php and quotes.php. Make sure to CHMOD it to allow writing to it.

If you need any more help with this, don't hesitate to ask.

This code isnt very portable. Say they do a site resign all the posts would have to be manually redone becuase you saved all html and not just the pure data. I think that my way is more portable. Ill scrap together some code soon.

This code isnt very portable. Say they do a site resign all the posts would have to be manually redone becuase you saved all html and not just the pure data. I think that my way is more portable. Ill scrap together some code soon.Then you edit the page so it uses a really basic syntax, and calls some classes from a seperate CSS file.

Then you edit the page so it uses a really basic syntax, and calls some classes from a seperate CSS file.

He asked for a php driven shoutbox and i think he (and any who feels like using the code) should be able to do whatever with it. Not be forced to use CSS. Anyways, heres some quick code.


<html>
<head>
</head>
<body>
<?
if($HTTP_POST_VARS['submit'])
{

if(!$HTTP_POST_VARS['name'])
{
echo "You must enter a name";
exit;
}
if(!$HTTP_POST_VARS['post'])
{
echo "You must enter a post";
exit;
}
if(!$HTTP_POST_VARS['team'])
{
echo "You must enter a team";
exit;
}
if(strstr($HTTP_POST_VARS['name'],"|"))
{
echo "Name cannot contain the pipe symbol - |";
exit;
}
if(strstr($HTTP_POST_VARS['team'],"|"))
{
echo "Team cannot contain the pipe symbol - |";
exit;
}
if(strstr($HTTP_POST_VARS['post'],"|"))
{
echo "Post cannot contain the pipe symbol - |";
exit;
}


$fp = fopen('data.txt','a');
if(!$fp)
{
echo "Error opening file!";
exit;
}
$line = $HTTP_POST_VARS['name'] . "|" . $HTTP_POST_VARS['team'] . "|" . $HTTP_POST_VARS['post'];
$line = str_replace("\r\n","<BR>",$line);
$line .= "\r\n";
fwrite($fp, $line);
if(!fclose($fp))
{
echo "Error closing file!";
exit;
}
}
?>


<FORM ACTION="<?=$PHP_SELF?>" METHOD="POST" NAME="register" type="text">

<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#859FA7" width="500"
align="center" height="200" bgcolor="#F2F2F2">
<td width="100%" align="center">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
Register
<br>
<br>
<tr>
<table border="0" cellpadding="0" cellspacing="2" width="95%">
<tr><td bgcolor="#FFFFFF">Name:</td><td bgcolor="#FFFFFF"><input type="text" name="name"></td></tr>
<tr><td bgcolor="#FFFFFF">Team:</td><td bgcolor="#FFFFFF"><input type="text" name="team"></td></tr>
<tr><td bgcolor="#FFFFFF">Post:</td><td bgcolor="#FFFFFF"><input type="text" name="post"></td></tr>
<tr><td></td><td><input type="submit" name="submit" value="Post"></td></tr>
</table>
</td>
</tr>
</table>
</form>

</body>
</html>




<?
$data = file('data.txt');
foreach($data as $stuff)
{
$parts = explode("|", $stuff);
echo "Name: " . $parts[0] . "<br>\n";
echo "Team: " . $parts[1] . "<br>\n";
echo "Post: " . $parts[2] . "<br>\n" . "<br>\n";
}
?>

This code isnt very portable. Say they do a site resign all the posts would have to be manually redone becuase you saved all html and not just the pure data. I think that my way is more portable. Ill scrap together some code soon.

I agree with you (for the most part, because the posts could actually be redone by writing a program to modify the file, or just change them to be CSS dependent as Adam recommended). However I have been having a hard time trying to come up with a good way to store the data in a text file. Using a character like "|" as a delimiter could work, but what if the user wants to enter a "|" into their message?

I think XML would be a good storage method.

Example:

<quotes>
<entry>
<name>Matt</name>
<team>228</team>
<quote>Some random quote..</quote>
</entry>
</quotes>


The problem with this of course is that it would be a pain to parse out, at least as far as I know, because I have no experience with using PHP and XML together. I should go and check my books and see if they have anything about it. If not, there's always Google)

Another option, I suppose, would be to use an INI-style storage method... though that could become problematic when new line characters are entered.
This reminds me that in my previous code I failed to handle those by replacing them with <br /> .. along with doing a bunch of other cleaning that I would normally do, like check for JavaScript and deal with HTML entities. And that's where this whole thing can get much more complicated than it would normally need to be - security, user formatting features, ensuring HTML validation, etc..

This is what happens after using a database server like MySQL all the time. I'm having such a hard time trying to figure out a good, reliable storage method besides just dumping HTML into a file.

Using XML would definatly open up more options but it means the data has to be parsed and i have only ever done a little XML and PHP together. As for the problem with using the "|" charcter there is a simple solution. The PHP explode function uses a string, just pick something nobody will ever uses suck as "a2ufjf94u". It might not look pretty in you data file but it will do the trick.

Using XML would definatly open up more options but it means the data has to be parsed and i have only ever done a little XML and PHP together. As for the problem with using the "|" charcter there is a simple solution. The PHP explode function uses a string, just pick something nobody will ever uses suck as "a2ufjf94u". It might not look pretty in you data file but it will do the trick.

http://keithdevens.com/software/phpxml

Looks like using XML could actually work, but I haven't tried using this yet. If I'm not doing anything tommorow (and possibly later tonight) I think I may want to play around with that.

Yay for learning (kind of) how to do new things.

The code from the last page works at http://www.khsfirst.com/insert.php , but it only records one message.

and theres some extra stuufffffff at the bottom

The code from the last page works at http://www.khsfirst.com/insert.php , but it only records one message.

Oops..

On this line in insert.php:
$hfile = fopen("quotes.dat", "r+")
Change the "r+" to be "a"

I also noticed that there looks to be some RTF stuff in there.. did you create this file with Wordpad? You can probably just delete it, the script will recreate the file when a quote is submitted.

As much as I don't want to admit it.. I actually did a pretty sloppy job on this. I will work on improving it sometime during this weekend.

Might want to fix this http://www.khsfirst.com/quotes.php. Its looks like a mess. Also, the .dat is still being overwritten.

where do i put quotes(" ") in the code so that they will show up around the quote on quotes.php?

and can i have a href in the part where it says "thanks, your quote has been submited", or have it automaticly rediect to the quotes.php page?

where do i put quotes(" ") in the code so that they will show up around the quote on quotes.php?
In input.php before it writes the quote to the file, add in &quot; before and after $quote like this:
$write = "the HTML that is already there &quot;" . $quote . "&quot; the other HTML that is already there";

and can i have a href in the part where it says "thanks, your quote has been submited", or have it automaticly rediect to the quotes.php page?
In input.php, replace the line that says echo "Thanks.. blah blah" with this:

?>
<script type="text/javascript">
<!--
window.location = "quotes.php";
//-->
</script>
Thanks, your quote has been submitted. <br />
<a href="quotes.php">Please click here if you are not redirected.</a>
<?php

Every time a ( ' ) is used, like in I'm theres a slash to.

Every time a ( ' ) is used, like in I'm theres a slash to.
Ah.. ok in quotes.php try changing this line echo $contents; to this: echo stripslashes($contents);

yup that code worked, only two questions is there any way of limiting the words, not the amount, but like not allowing "$@#$@#$@#$@#" to be posted?

And, is there any way to send me an email that says there was a post?

woooooooooo, like what happened when i used a swear in the last post.

yup that code worked, only two questions is there any way of limiting the words, not the amount, but like not allowing "$@#$@#$@#$@#" to be posted?

And, is there any way to send me an email that says there was a post?

The most straight forward way to censor words posted that I can think of right now is to use the str_ireplace() function before writing the text to the file.

Here's an example of that (this should be in insert.php, before the fwrite() function call, but after the initial assignment of $write):

$write = str_ireplace("badword1", "[beep]", $write);
$write = str_ireplace("badword2", "[beep]", $write);
// .. etc

What this does is replace every instance of "badword1" and "badword2" with "[beep]"

As for sending an email notification, add this in insert.php (right before the echo "Thanks.." line would be a good spot)

mail("you@email.com", "New Quote", "A new quote has been posted.");

does the [beep] or whatever have to be in the brakets?

<blockquote><p> &quot; " . $quote . " &quot; <br />" . "</p><div align=\"right\">" . $name . "<br />" . $teamname . "<br /> Team " . $teamnumber . "</div></p><hr></blockquote>";

//I tried to put it here and it didnt work

fwrite($hfile, $write); // Write the text
fclose($hfile); // Close the file

<blockquote><p> &quot; " . $quote . " &quot; <br />" . "</p><div align=\"right\">" . $name . "<br />" . $teamname . "<br /> Team " . $teamnumber . "</div></p><hr></blockquote>";



fwrite($hfile, $write); // Write the text
fclose($hfile); // Close the file

?>

// the email thing didn't work either

mail("general975@gmail.com", "New Quote", "A new quote has been posted <h ref="http://www.khsfirst.com/quotes.php">CLICK HERE TO SEE IT</a>.");


<script type="text/javascript">
<!--
window.location = "quotes.php";
//-->
</script>

Thanks, your quote has been submitted. <br />
<a href="quotes.php">Please click here if you are not redirected.</a>

<blockquote><p> &quot; " . $quote . " &quot; <br />" . "</p><div align=\"right\">" . $name . "<br />" . $teamname . "<br /> Team " . $teamnumber . "</div></p><hr></blockquote>";



fwrite($hfile, $write); // Write the text
fclose($hfile); // Close the file

?>

// the email thing didn't work either

mail("general975@gmail.com", "New Quote", "A new quote has been posted <h ref="http://www.khsfirst.com/quotes.php">CLICK HERE TO SEE IT</a>.");


<script type="text/javascript">
<!--
window.location = "quotes.php";
//-->
</script>

Thanks, your quote has been submitted. <br />
<a href="quotes.php">Please click here if you are not redirected.</a>

The call to the mail function has to be done before the closing PHP tag ?>. Put it after fclose($hfile).

The call to the mail function has to be done before the closing PHP tag ?>. Put it after fclose($hfile).

ok that works, but what a bout the profanity one?

jk I SOLVED THE PROBLEM HECK YES!

but another question on the mailto, do i put . $quote . if i want to have to quote be in the eamil?

but another question on the mailto, do i put . $quote . if i want to have to quote be in the eamil?

Yes, that works in the same way as above it with the assignment of $write.

Example:
mail("you@email.com", "Quote Submission", "A new quote has been submitted:\r\n\r\n\"" . $quote . "\"");

really i just did it with mail("general975@gmail.com", "New Quote", "A new quote has been posted.
$quote, $name, $teamname, $teamnumber ");

Yes, that works in the same way as above it with the assignment of $write.

Example:
mail("you@email.com", "Quote Submission", "A new quote has been submitted:\r\n\r\n\"" . $quote . "\"");


whats the \r\n\r\n?

whats the \r\n\r\n?

The \r\n\r\n is two line feeds, meaning it would skip a line before showing the quote.

mail("general975@gmail.com", "New Quote", "A new quote has been posted.
$quote, $name, $teamname, $teamnumber <a href="http://www.khsfirst.com/quotes.php">click here to go to the page</a>"); can i do that ^^

really i just did it with mail("general975@gmail.com", "New Quote", "A new quote has been posted.
$quote, $name, $teamname, $teamnumber ");

Yeah, that works too. I just like to explicitly concatenate my strings. (Try saying that 3x fast..)

EDIT: Forgot to mention, the quotes inside of the string literal need to be escaped by preceding them with a \.

"<a href=\"http://www.khsfirst.com/quotes.php\">click here to go to the page</a>"

Yeah, that works too. I just like to explicitly concatenate my strings. (Try saying that 3x fast..)

i don't even understand what you said

i don't even understand what you said

Concatenation is the joining (or addition) or two or more strings of text. In PHP the string concatenation operator is "."

In most programming languages, when you want to add in the value of variable within a string of text, it must be concatenated with it, and not just within a string literal (everything inside the quotation marks) in order to be recognized. PHP picks up on the usage of variables inside of literals though, but I still like to use the concatenation operator. It's just a preference thing, really.

Thank you, all of you for all of your help!

sry got another question, Will this work?( all of the second ones are the code ex. <-- &#33--> is " ! ")

$write = str_replace("!", "!", $write);
$write = str_replace("$", "$", $write);
$write = str_replace("&", "&", $write);
$write = str_replace("'", "'", $write);
$write = str_replace("(", "(", $write);
$write = str_replace(")", ")", $write);
$write = str_replace(",", ",", $write);
$write = str_replace(";", ";", $write);
$write = str_replace("?", "?", $write);
$write = str_replace("^", "^", $write);

And will two words work in a str_replac()

sry got another question, Will this work?( all of the second ones are the code ex. <-- &#33--> is " ! ")

$write = str_replace("!", "!", $write);
$write = str_replace("$", "$", $write);
$write = str_replace("&", "&", $write);
$write = str_replace("'", "'", $write);
$write = str_replace("(", "(", $write);
$write = str_replace(")", ")", $write);
$write = str_replace(",", ",", $write);
$write = str_replace(";", ";", $write);
$write = str_replace("?", "?", $write);
$write = str_replace("^", "^", $write);

And will two words work in a str_replac()
Use arrays instead of a ton of str_replace calls.

Example:
$bad_words = array('guy', 'dog', 'cat');
$good_words = array('male', 'canine', 'feline');
$write = str_replace($good_words, $bad_words, $write);

sry got another question, Will this work?( all of the second ones are the code ex. <-- &#33--> is " ! ")


If you're looking to handle HTML entities, I would just use the htmlentities() (http://www.php.net/htmlentities) function, rather then hard-coding every entity that you want to have replaced.

$write = htmlentities($write, ENT_QUOTES);

oh shoooooooooooot, all the str_replace s are case sensitive!!!!!!!!!!!!!!!!!!

oh shoooooooooooot, all the str_replace s are case sensitive!!!!!!!!!!!!!!!!!!
Use str_ireplace (http://www.php.net/str_ireplace)
Same thing as str_replace, but case insensitive.

Use str_ireplace (http://www.php.net/str_ireplace)
Same thing as str_replace, but case insensitive.

it dosent work in my version

ok so it works great, but now theres like 25 quotes. I want to make a second page so you dont have to scroll forever to get to the bottom. Do i have to make a new database or can i use the same one?