Forums are great communication tools for the exchange of ideas, for people teaching others about a specific area of interest, or even for just general social communication. The fact that they are usually so specialized helps get them high up in search results as well as contributing considerably to bodies of knowledge. True, there's a lot of misinformation and putdowns, but this invariably occurs when people communicate. One must learn to take what one learns with a grain of salt.

An Internet forum, also know as a message board, is an online discussion website where people can converse, argue, inform, teach, or bitch in the form of posted messages. Chat rooms deliver messages in real-time but with forums, getting new messages requires the page to be reloaded (F5). And depending on the forum set-up, a posted message might need to be approved by a moderator before it shows up on the forum. Forums call a single conversation a thread. A forum is hierarchical in structure. From highest to lowest: forum, subforum, topic, thread, and reply. Depending on the forum set-up, users can be anonymous or have to register. Users have to login to post messages. Usually you don't have to login to read the existing messages.

Content Management System: Forums

• forum: home page
• forum: search
• forum: login
• forum: topic and replies viewing page
• forum: add topic to database
• forum: add reply to database
• forum: edit topic in database
• forum: create topic in database
• forum: delete topic in database
• forum: delete reply in database
• forum: delete user account in members table

The forum home page on this website has the complete list of topics and each topic is a link to the forum topic and replies viewing page, whose script code can be found below. Depending on which topic was clicked, its corresponding id will be sent via query string (along with the username) to the forum topic and replies viewing page and only this topic and its replies will be visible on this viewing page. For other topics, you must return to the forum home page from a Return to Forum link on the forum topic and replies viewing page.

On to the PHP code. As usual, we start with config.php, since without it, the MySQL-based forum would not be viable. You cannot relate to a db without knowing the magic words. Next, the security of the page is dealt with by ensuring the page visitor has a username that's in the database. Note that the various pages on our forum app use both forms and URL query strings to transfer data between pages, so both POST and GET are checked for username, and if neither works, the visitor is sent to the login script. Not only is the db checked for a valid username, the username is checked to make sure it has only 6 to 20 letters, numbers or underscore in it and no other characters—otherwise, it's off to the login script. If a hacker has put something nasty in the query string, he'll end up at the login script. All our forum app scripts have this same username checker at the top of the PHP section—except for the login script.

Next comes the forum tables. This script creates them if they do not exist. We'll need a topic table, forum_question, with fields: id, topic (which is the title), detail (which is the main content), name, email, datetime, view (which is the number of views of the page), and reply (which is the number of replies to the page). We'll also need a replies table, forum_answer, with fields: id, question_id, a_id, a_name, a_email, a_answer (which is the main content of the reply), and a_datetime.

The forum_question table now gets its records grabbed (sorted with the highest numbered id, therefore newest, displayed first, and the lowest numbered record last). Then the headings for the display table are put on the screen: ID, Topic, Views, Replies, and Date/Time. Then the PHP while command loops through the MySQL query results filling the display table with record rows, using the functions htmlentities() and stripslashes() for security. Note the code used to turn the Topic field data from the db table into a link: <a href="cms-view-topic.php?id=<? echo htmlentities(stripslashes($rows['id']), ENT_QUOTES); ?>&username=<? echo stripslashes($U); ?>"><? echo htmlentities(stripslashes($rows['topic']), ENT_QUOTES); ?></a>. The code is a bit vague and confusing until you notice that it's using 3 blocks of PHP code inside it. The first 2 are values within a URL query string so the link can send them with the user to the viewing page for topics and replies so that page will know what to display. The third is merely the topic field value for the current record in the while loop. It's nice of the browsers to let a single link have 2 different languages and 3 inserted blocks of PHP code be a legitimate link. It makes us developers'/webmasters' jobs easier!

At the bottom of the Forum page's Topic display box are 3 links. One, Create New Topic, allows you to go to the topic creating script, and another, Search Forum, allows you to go to the forum searching script and another, Delete Account, allows you to delete your account, your username, your topics and their replies in one fell swoop. Your username is sent in a URL query string, to any of these forum app pages as you can see below, so that you'll be allowed in.

Download the files: cms-forum.zip

SAVE THIS PAGE AS: cms-forum.php

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Forum—Content Management System (CMS)</TITLE>
<meta name="description" content="Forum—Content Management System (CMS)">
<meta name="keywords" content="forums,forum,Content Management System,Content Management System Articles,php,CMS,javascript, dhtml, DHTML">
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left;background-color:#ddd}
p, li {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
td {font:normal 13px Verdana;text-align:center;background-color:#ccc}
.topic {text-align:left;background-color:#fff}
.center {text-align:center;}
</style>
</head>
<body>
<?php
include_once"config.php";

$U=$_POST['username'];if (!isset($U)){$U=$_GET['username'];}
if (isset($U)&&preg_match("/[A-Za-z0-9_]{6,20}$/",$U)){$check_user_data = mysql_query("SELECT * FROM members WHERE username='$U'") or die(mysql_error());if(mysql_num_rows($check_user_data)==0){unset($U);}}else{unset($U);}
if (!isset($U)){echo '<script language="javascript">alert("Please login.");window.location="login.php"; </script>';}

$sql = "CREATE TABLE IF NOT EXISTS forum_question (
id int(4) NOT NULL auto_increment,
topic varchar(255) NOT NULL default '',
detail text NOT NULL,
name varchar(65) NOT NULL default '',
email varchar(65) NOT NULL default '',
datetime varchar(25) NOT NULL default '',
topics_username varchar(20) NOT NULL,
view int(4) NOT NULL default '0',
reply int(4) NOT NULL default '0',
PRIMARY KEY (id)
) ENGINE=MyISAM AUTO_INCREMENT=1";

mysql_query($sql);

$sql = "CREATE TABLE IF NOT EXISTS forum_answer (
id int(4) NOT NULL auto_increment,
question_id int(4) NOT NULL default '0',
a_id int(4) NOT NULL default '0',
a_name varchar(65) NOT NULL default '',
a_email varchar(65) NOT NULL default '',
a_answer text NOT NULL,
a_datetime varchar(25) NOT NULL default '',
PRIMARY KEY (id)
) ENGINE=MyISAM AUTO_INCREMENT=1";

mysql_query($sql);

$tbl_name="forum_question";

$sql="SELECT id,topic,view,reply,datetime FROM $tbl_name ORDER BY id DESC";
$result=mysql_query($sql);
?>
<center><div><h2>My Forum</h2></div></center>
<table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCC">
<tr>
<td width="6%"><B>#</B></td>
<td width="64%"><B>Topic</B></td>
<td width="8%"><B>Views</B></td>
<td width="6%"><B>Replies</B></td>
<td width="16%"><B>Date/Time</B></td>
</tr>

<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td><? echo htmlentities(stripslashes($rows['id']), ENT_QUOTES); ?></td>
<td class='topic'><a href="cms-view-topic.php?id=<? echo htmlentities(stripslashes($rows['id']), ENT_QUOTES); ?>&username=<? echo stripslashes($U); ?>"><? echo htmlentities(stripslashes($rows['topic']), ENT_QUOTES); ?></a><BR></td>
<td><? echo htmlentities(stripslashes($rows['view']), ENT_QUOTES); ?></td>
<td><? echo htmlentities(stripslashes($rows['reply']), ENT_QUOTES); ?></td>
<td><? echo htmlentities(stripslashes($rows['datetime']), ENT_QUOTES); ?></td>
</tr>

<?php
}
mysql_close();
?>
<tr>
<td class='center' colspan="5"><a href="cms-create-topic.php?username=<? echo stripslashes($U); ?>";><B>Create New Topic</B></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="cms-search-forum.php?username=<? echo stripslashes($U); ?>";><B>Search Forum</B></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="cms-delete-account.php?username=<? echo stripslashes($U); ?>";><B>Delete Account</B></a></td>
</tr>
</table>
</body>
</html>