</div>
</div>
</div>
<hr class="my12 outline-none baw0 bb bc-powder-2">
<div class="grid fw-nowrap fc-black-600">
<div class="grid--cell mr8">
<svg aria-hidden="true" class="svg-icon iconLightbulb" width="18" height="18" viewbox="0 0 18 18"><path d="M9.5.5a.5.5 0 0 0-1 0v.25a.5.5 0 0 0 1 0V.5zm5.6 2.1a.5.5 0 0 0-.7-.7l-.25.25a.5.5 0 0 0 .7.7l.25-.25zM1 7.5c0-.28.22-.5.5-.5H2a.5.5 0 0 1 0 1h-.5a.5.5 0 0 1-.5-.5zm14.5 0c0-.28.22-.5.5-.5h.5a.5.5 0 0 1 0 1H16a.5.5 0 0 1-.5-.5zM2.9 1.9c.2-.2.5-.2.7 0l.25.25a.5.5 0 1 1-.7.7L2.9 2.6a.5.5 0 0 1 0-.7z" fill-opacity=".4"></path><path opacity=".4" d="M7 16h4v1a1 1 0 0 1-1 1H8a1 1 0 0 1-1-1v-1z" fill="#3F3F3F"></path><path d="M15 8a6 6 0 0 1-3.5 5.46V14a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1v-.54A6 6 0 1 1 15 8zm-4.15-3.85a.5.5 0 0 0-.7.7l2 2a.5.5 0 0 0 .7-.7l-2-2z" fill="#FFC166"></path></svg>
</div>
<div class="grid--cell lh-md">
<p class="mb0">
<b>Want to improve this question?</b> <a href="/posts/33266725/edit">Update the question</a> so it's <a href="/help/on-topic">on-topic</a> for Stack Overflow.
</p>
<p class="mb0 mt6">Closed <span title="2015-10-22 00:37:35Z" class="relativetime">4 years ago</span>.</p>
</div>
</div>
</aside>
I am asking for help on two things. So basically I have made a messaging website for my friends and I but I have came across two things:
My messaging website tells you what time the message was sent, but at the minute each time you hit refresh the time changes to the current time
At the minute you have to refresh to view a new message so I was wondering how I would make this automatic, I've heard of Ajax but I didn't understand how it works so you would need to explain it to me
Here's the code:
<?php
$username = "";
$password = "";
$server = "";
$database = "";
mysql_connect($server, $username, $password);
@mysql_select_db($database) or die("Unable to select database");
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<meta charset="UTF-8"/>
<title>b!ip</title>
</head>
<body bgcolor="#0000FF">
<?php
date_default_timezone_set('Europe/London');
$searchQuery = "SELECT * FROM messages";
$searchResults = mysql_query($searchQuery);
$firstnameData = mysql_result($searchResults, 0, 'forename');
$lastnameData = mysql_result($searchResults, 0, 'surname');
$messageData = mysql_result($searchResults, 0, 'message');
$datetimeData = mysql_result($searchResults, 0, 'datetime');
if(isset($_POST["submit"]))
{
$firstname = $_POST["forename"];
$surname = $_POST["surname"];
$message = $_POST["message"];
$datetime = date('Y-m-d H:i:s');
mysql_query("UPDATE messages SET `forename` = '$firstname' WHERE `id` = '1'");
mysql_query("UPDATE messages SET `surname` = '$surname' WHERE `id` = '1'");
mysql_query("UPDATE messages SET `message` = '$message' WHERE `id` = '1'");
mysql_query("UPDATE messages SET `datetime` = '$datetime' WHERE `id` = '1'");
}
// date_default_timezone_set('Europe/London');
// echo date('Y-m-d H:i:s');
?>
<center>
<table cellpadding="0" cellspacing="0" width="100%" height="50">
<!-- MSCellFormattingTableID="12" -->
<tr>
<td height="50" width="100%">
<!-- MSCellFormattingType="content" -->
<p align="center"><font face="Comic Sans MS" color="#FFFFFF">
<span style="font-size: 60pt">b!ip</span></font></td>
</tr>
</table>
</center>
<table cellpadding="50" cellspacing="0" width="100%" height="50%">
<tr>
<td height="50" width="100%">
<form action="#" method="POST">
<center><p><font color="#FFFFFF">First name: <input type="text" name="forename"/>
Last name: <input type="text" name="surname"/>
Message: <input type="text" name="message"/>
<input type="submit" value="Send" name="submit"/></font></p></center>
</form>
</td>
</td>
</table>
<table cellpadding="50" cellspacing="0" width="100%" height="50%">
<tr>
<td height="50" width="100%">
<center><h1><font color="#FFFFFF" face="Comic Sans MS"><?php echo "$messageData <strong>by $firstnameData $lastnameData at $datetimeData</strong>"; ?></font></h1></center>
</td>
</td>
</table>
</body>
</html>
</div>
You should probably switch to PDO or MySQLi as MySQL is depreciated and will be removed in the future. Pressing on, a future error you will encounter is that you can't use quotes (also vulnerable to SQL injection) this is because you are not doing anything to prevent this. To fix this, assure that anything from $_POST or $_GET is wrapped with mysql_real_escape_string
Addressing your time issue, you can use the MySQL function now()
Addressing your AJAX issue, you can learn from this convenient YouTube tutorial playlist : https://www.youtube.com/watch?v=tp3Gw-oWs2k&list=PL6gx4Cwl9DGDiJSXfsJTASx9eMq_HlenQ
After patching everything mentioned you code should look something like this:
if(isset($_POST["submit"]))
{
$firstname = mysql_real_escape_string($_POST["forename"]);
$surname = mysql_real_escape_string($_POST["surname"]);
$message = mysql_real_escape_string($_POST["message"]);
mysql_query(
"UPDATE messages SET
`forename` = '$firstname',
`surname` = '$surname',
`message` = '$message',
`datetime` = now()
WHERE `id` = '1'"
);
}
Something to take note of is that I left id = '1' as is because I'm not familiar with your DB; regardless it appears that you're only changing the values of one message.
Hope this helps!