<?php
$sql_host = "localhost"; /*
$sql_login = "fedora_main"; You have to change
$sql_psswd = "<my password>"; these variables...
$sql_base = "fedora_comments"; */
$sql_table = "tbl_comments";
$id = addslashes($_GET["id"]);
$id = htmlentities($id);
$nickname = addslashes($_POST["nickname"]);
// Remember that we use post method
$nickname = htmlentities($nickname);
$comment = addslashes($_POST["comment"]);
$comment = htmlentities($comment);
$host = $_SERVER["REMOTE_ADDR"];
$date = date("Y-m-d");
$time = date("H:i");
if ($nickname && $comment && $id)
{ $db = mysql_connect($sql_host, $sql_login, $sql_psswd);
mysql_select_db($sql_base, $db);
$sql = "INSERT INTO $sql_table(id, Number, Comment, Information, RemoteIP) VALUES('', '$id', '$comment', '$nickname ($date @ $time)', '$host')";
mysql_query($sql) or die("MySQL Error");
mysql_close();
echo "<script>window.location = 'comments.php?id=".$id."</script>";
}
?>
<?php
$dbh=mysql_connect ("localhost", "fedora_main", "titanic") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("fedora_comments");
mysql_select_db("fedora_main, fedora_comments");
$sql = "SELECT * FROM tbl_comments WHERE Number = '$id' ORDER BY id Desc";
$req = mysql_query($sql) or die("<font size=\"1\" face=\"Verdana\" color=\"#FF0000\">Sorry, a MySQL error occurred!");
$res = mysql_numrows($req);
if($res == 0) { echo "<center><font size=\"2\" face=\"Verdana\"><i>No comment.</i></center>"; }
while($data = mysql_fetch_array($req))
{ echo "<table width=\"350\" border=\"0\" align=\"center\" cellpadding=\"1\" cellspacing=\"0\">
<tr><td bgcolor=\"#000000\">
<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" bgcolor=\"#434343\">
<tr><td><font size=\"1\" face=\"Verdana\">Comment from ".stripslashes($data['Information'])." :<br>
<i>".stripslashes($data['Comment'])."</i>
</td></tr></table></td></tr></table><br>\n";
}
mysql_close();
?>
<form name="addcomment" method="post">
<table width="350" border="0" cellpadding="3" cellspacing="0">
<tr>
<td width="150">Name:</td>
<td><input name="nickname" type="text" size="30"></td>
</tr>
<tr>
<td>Comment:</td>
<td><input name="comment" type="text" size="30" height="25"></td>
</tr>
<tr>
<td></td>
<td><input name="reset" type="reset" value="Clear">
<input name="post" type="submit" value="Submit"></td>
</tr>
</table>
</form>