Comment are shown on all websites

hi, sorry for my English…
I have two files that manage comments. I have then on another Forum to come…
My problems when someone writes a comment, it is shown in all pages, when I want it only shown in the file where the comment was writing.

<?php


class ClassProveContakt3  {

	private $dbHost = 'xxxxxxx'; # Host der Datenbank
	private $dbName = 'xxxxxxxxxx';      # Name der Datenbank
	private $dbUser = 'xxxxxxxxxxx';      # Name der User
	private $dbPass = 'xxxxxxxxxxx';      # Passwort

	private $Name;
	private $Email; 
        private $Message;
	private $PostOK;
	private $DateTime;
	private $items;
	private $dbh;
       private $ok;

	function __construct() {

		
		 $this -> DateTime = date('m/d/Y h:i:s a');  
		 $this -> items = ['Name', 'Email', 'Message']; 
		 $flag = true;
      
        if(isset($_POST['Name']) || isset($_POST['Email']) || isset($_POST['Message'])) {
         
           foreach ( $this -> items as $key ) {  
			if ( empty ( $_POST[$key] ) )  {
				$flag = false;    
			} else {    
				#trigger_error('Codepoint __construct:1  ' . $key . ': ' . $_POST[$key]);
				$this -> $key = trim( filter_var( $_POST[$key], FILTER_SANITIZE_STRING ) ); 
				$this -> $key = trim( $_POST[$key] ); 
		 	}    
           }
		}
		#trigger_error('Codepoint __construct:2  TRUE');   
        $this -> PostOK = $flag;
        #trigger_error('Codepoint __construct:3 ' . $this -> PostOk ); 
       
	}

    public function getConnection() {
          // Establish connection with MYSQL Server
          try {
             $this -> dbh =  new PDO( 'mysql:host=' . $this -> dbHost  . ';dbname=' . $this -> dbName, $this -> dbUser, $this -> dbPass );
          } catch ( PDOException $pe ) {
             trigger_error ("Cannot connect to database: " . $pe -> getMessage() , E_USER_ERROR );
          }
      }

	private function reportPDOError( $message, $sql ) {
         $info = $this -> dbh -> errorInfo();

         echo "<div style='color:red'><b>Error in SQL Access: $message</b>";
         echo "<br>SQL-Statement: $sql";
         echo "<br>PDO SQLSTATE: $info[0]";
         echo "<br>MySQL error code: $info[1]";
         echo "<br>MySQL error message: $info[2]</div>";
	}
    
    private function unsetFormdata() {
		foreach ( $this -> items as $key ) { 
			unset( $_POST[$key] );
		}
	}
      

    function ShowForm()  {
?>
<!-- <form  method="POST" action="https://home.fastix.org/phpinfo.php">-->
<form  method="POST" class="post_color">
	<label for="name"><b>Name * </b></label>
	<input type="text" id="name" name="Name" value="<?=@htmlentities( $_POST['Name'] );?>"><br><br>
	<label for="email"><b>E-mail * </b></label>
	<input type="email" id="email" name="Email" value="<?=@htmlentities( $_POST['Email'] );?>"><br>
	<br><br>
	<label><b> Message * </b><br>
		<textarea cols="45" rows="6" id="text" name="Message"><?=@htmlspecialchars( $_POST['Message'] );?></textarea>      
	</label>
	<br><br>
	<input  type="submit" name="post" value="POST COMMENT" id="comment">

</form>
<?php
    }
    
    
    function TestPostData() {
	 	
	 if(isset($_POST['Name']) || isset($_POST['Email']) || isset($_POST['Message'])) {	
		if ( $this -> PostOK ) {
			$this -> writeCommentToDatabase();
		} else {
			echo '<div class="msg">*** Please enter all required fields ***</div><br><br>';  
		}
	 }
	     
	} 

	function writeCommentToDatabase() {
	// Establish connection with MYSQL Server
	
		if ( ! $this -> dbh ) {
			$this -> getConnection();
		}
           
		//Prepare Query of SQL
		$statement = $this -> dbh -> prepare("INSERT INTO commentar(name, email, message, datetime) VALUES (:name, :email, :message, :date)");
		if ( ! $statement ) {
			trigger_error( 'prepare failed: SQLSTATE=' . $this -> dbh -> errorCode() . ', Error Info=' . print_r( $this -> dbh -> errorInfo(), true ), E_USER_ERROR ) ;
		} else {
			$ok = $statement -> bindValue( ':name',    $this -> Name,         PDO::PARAM_STR )
			   && $statement -> bindValue( ':email',   $this -> Email,        PDO::PARAM_STR )
			   && $statement -> bindValue( ':message', $this -> Message,      PDO::PARAM_STR )
			   && $statement -> bindValue( ':date',    date("Y-m-d H:i:s"), PDO::PARAM_STR );
			  if ( ! $ok )  {
				echo "<br><br>bindValue failed: SQLSTATE=" . $this -> dbh -> errorCode() . ", Error Info=" . print_r( $dbh -> errorInfo(), true ) . "</p>";
			}
		}
		if ( $ok ) {
			$ok = $statement -> execute();
		} 
		
		if ( $ok === false  ) {
                  trigger_error( 'execute failed: SQLSTATE=' . $this -> dbh -> errorCode() . ', Error Info=' . print_r($this -> dbh -> errorInfo(), true),  E_USER_ERROR );
		} else {
			#echo '<div class="msg">Data Inserted successfully!</div>';
			$this ->  unsetFormdata();
			return $ok;
		}
    }    

    function getMessages()
    {
		if ( ! $this -> dbh ) {
			$this -> getConnection();
		}

        $sql = "SELECT id, name, email, message, datetime FROM commentar ORDER BY datetime DESC";
        $statement = $this -> dbh -> query( $sql );

        if ( ! $statement ) {
            $this -> reportPDOError('SQL-Error:', $sql );
            return false;
        }

        $result = $statement -> fetchAll( PDO::FETCH_ASSOC );

        if ( false === $result ) {
            $this->reportPDOError( "fetchAll(ASSOC) failed", $sql );
        }
        foreach ($result as $message) {
?>

   
   <p><strong>From: </strong> <?=htmlspecialchars( $message['name'] ) ?>  <strong>at: </strong> <?=htmlspecialchars( $message['datetime'] ); ?></p>
   <p><?=htmlspecialchars( $message['message'] ); ?></p><hr>
  

<?php
		}    
    }
}

$Newobject = new ClassProveContakt3();
$Newobject -> TestPostData();

$Newobject -> ShowForm();
$Newobject -> getMessages();

I asked on another forum, and a person tell me this;

  1. Your data table needs another column for the page.
  2. When creating the comment, the information for which page this comment intended must also be transmitted.
  3. When querying, the page should include in a WHERE clause.

The First, I had did,

The Second and Third, I don know…

Can Please someone help me, Thanks!

1 Like