Napisalem skrypt dodawania komentarzy, i zapisu go, ale mam problem, skrypt zle dodaje ! spojrzcie na kod :
Kod
<?php
include'config.php';
$baza = mysql_connect($sql_host, $sql_user, $sql_password);
mysql_select_db($sql_user);
mysql_query("SET NAMES 'utf8'");
$query = mysql_query("SELECT * from artykuly");
echo '<table>';
echo '<tr class=nius>';
echo '<TD width=30>ajdi</TD>';
echo '<td width=150>Tajtel</td>';
echo '<td width=100>autor</td>';
echo '<td>dejt</td></TR></tr>';
while($row = mysql_fetch_array($query))
{
echo '<tr>';
echo '<TD width=30>'.$row['id'].'</TD>';
echo '<td width=200><a href=index.php?id=3&news='.$row['id'].'>'.$row['tytul'].'</a></td>';
echo '<td width=100>'.$row['autor'].'</td>';
echo '<td>'.$row['data'].'</td></TR></tr>';
echo '</tr>';
}
echo '</table>';
echo '<div align=left><hr></div>';
$news = htmlspecialchars(stripslashes(trim($_GET["news"])), ENT_QUOTES);
if(ereg('union', $news) or ereg('select', $news) or ereg('and', $news))
{
include('hack.php');
}
if($news != 0)
{
mysql_query("SET NAMES 'utf8'");
$query = mysql_query("SELECT tresc,tytul from artykuly where id=$news");
$row1 = mysql_fetch_array($query);
echo '<center class=nius>'.$row1['tytul'].'</center>';
echo '<br><br>';
echo $row1['tresc'];
echo '<br><br><br><hr>';
mysql_query("SET NAMES 'utf8'");
$query = mysql_query("SELECT * from komentarze where ktory_news=$news");
$ip = $_SERVER['REMOTE_ADDR'];
$news = $_GET['news'];
$data = date('d.m.Y');
echo $ip.$news.$data;
echo '<table><TR><TD><b>Komciaq</b><br><br>';
echo '<form method=POST action=komentarze.php>
<strong>Nik</strong><br><input type=text name=nick_kom><br>
<strong>gg or k</strong><br><input type=text name=gg><br>
<strong>tresciq</strong><br><textarea name=tresc coll=1 rows="10"></textarea>
<input type=hidden name=ip value='.$ip.'/>
<input type=hidden name=ktory value='.$news.'/>
<input type=hidden name=data value='.$data.'/>
<br><input type=submit value=dodaj komenteq>
</form>';
while($row = mysql_fetch_array($query))
{
echo '<tr><TD><b>'.$row['nick_kom'].'</b></TD></tr>
<tr><TD>'.$row['data_kom'].'</TD></tr>
<tr><TD>'.$row['ip'].' & '.$row['gg'].'</TD></tr>
<tr><TD>'.$row['tresc'].'</TD></tr><br><hr>';
}
echo '</TD></TR></table>';
}
mysql_close();
?>
include'config.php';
$baza = mysql_connect($sql_host, $sql_user, $sql_password);
mysql_select_db($sql_user);
mysql_query("SET NAMES 'utf8'");
$query = mysql_query("SELECT * from artykuly");
echo '<table>';
echo '<tr class=nius>';
echo '<TD width=30>ajdi</TD>';
echo '<td width=150>Tajtel</td>';
echo '<td width=100>autor</td>';
echo '<td>dejt</td></TR></tr>';
while($row = mysql_fetch_array($query))
{
echo '<tr>';
echo '<TD width=30>'.$row['id'].'</TD>';
echo '<td width=200><a href=index.php?id=3&news='.$row['id'].'>'.$row['tytul'].'</a></td>';
echo '<td width=100>'.$row['autor'].'</td>';
echo '<td>'.$row['data'].'</td></TR></tr>';
echo '</tr>';
}
echo '</table>';
echo '<div align=left><hr></div>';
$news = htmlspecialchars(stripslashes(trim($_GET["news"])), ENT_QUOTES);
if(ereg('union', $news) or ereg('select', $news) or ereg('and', $news))
{
include('hack.php');
}
if($news != 0)
{
mysql_query("SET NAMES 'utf8'");
$query = mysql_query("SELECT tresc,tytul from artykuly where id=$news");
$row1 = mysql_fetch_array($query);
echo '<center class=nius>'.$row1['tytul'].'</center>';
echo '<br><br>';
echo $row1['tresc'];
echo '<br><br><br><hr>';
mysql_query("SET NAMES 'utf8'");
$query = mysql_query("SELECT * from komentarze where ktory_news=$news");
$ip = $_SERVER['REMOTE_ADDR'];
$news = $_GET['news'];
$data = date('d.m.Y');
echo $ip.$news.$data;
echo '<table><TR><TD><b>Komciaq</b><br><br>';
echo '<form method=POST action=komentarze.php>
<strong>Nik</strong><br><input type=text name=nick_kom><br>
<strong>gg or k</strong><br><input type=text name=gg><br>
<strong>tresciq</strong><br><textarea name=tresc coll=1 rows="10"></textarea>
<input type=hidden name=ip value='.$ip.'/>
<input type=hidden name=ktory value='.$news.'/>
<input type=hidden name=data value='.$data.'/>
<br><input type=submit value=dodaj komenteq>
</form>';
while($row = mysql_fetch_array($query))
{
echo '<tr><TD><b>'.$row['nick_kom'].'</b></TD></tr>
<tr><TD>'.$row['data_kom'].'</TD></tr>
<tr><TD>'.$row['ip'].' & '.$row['gg'].'</TD></tr>
<tr><TD>'.$row['tresc'].'</TD></tr><br><hr>';
}
echo '</TD></TR></table>';
}
mysql_close();
?>
a to plik komentarze.php (ktory zapisuje wszystko w baze
Kod
<?php
if($_POST['nick_kom'] != '' and $_POST['gg'] != '' and $_POST['tresc'] != '')
{
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
if(preg_match('/^[0-9]{4,10}$/D', $_POST['gg']))
{
$nick = $_POST['nick_kom'];
$gg = $_POST['gg'];
$tresc = $_POST['tresc'];
$ktory = $_POST['ktory'];
$ip = $_POST['ip'];
$data = $_POST['data'];
if(strlen($tresc)<300 && strlen($nick)<50 && strlen($gg)<10)
{
include'config.php';
$baza = mysql_connect($sql_host, $sql_user, $sql_password);
mysql_select_db($sql_user);
$query = mysql_query("INSERT INTO komentarze (
id ,
ip ,
data_kom ,
nick_kom ,
gg ,
tresc ,
ktory_news
)
VALUES (
NULL , '$ip', '$data', '$nick', '$gg', '$tresc', '$ktory'
)");echo $nick.$gg.$tresc.$ktory.$ip.$data;
header("Location http://mijagi.xt.pl");
}
else
{
echo 'za dlugi nik (max 50), gg(max 10) lub tresc(max300) :((((';
}
}
else
{
echo 'zly nr gg :(';
}
}
else
{
echo 'nie czituj <img src="style_emoticons/<#EMO_DIR#>/haha.gif" style="vertical-align:middle" emoid="xD" border="0" alt="haha.gif" />D';
}
}
else { echo 'cos zostawiles puste;dddd'; }
?>
if($_POST['nick_kom'] != '' and $_POST['gg'] != '' and $_POST['tresc'] != '')
{
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
if(preg_match('/^[0-9]{4,10}$/D', $_POST['gg']))
{
$nick = $_POST['nick_kom'];
$gg = $_POST['gg'];
$tresc = $_POST['tresc'];
$ktory = $_POST['ktory'];
$ip = $_POST['ip'];
$data = $_POST['data'];
if(strlen($tresc)<300 && strlen($nick)<50 && strlen($gg)<10)
{
include'config.php';
$baza = mysql_connect($sql_host, $sql_user, $sql_password);
mysql_select_db($sql_user);
$query = mysql_query("INSERT INTO komentarze (
id ,
ip ,
data_kom ,
nick_kom ,
gg ,
tresc ,
ktory_news
)
VALUES (
NULL , '$ip', '$data', '$nick', '$gg', '$tresc', '$ktory'
)");echo $nick.$gg.$tresc.$ktory.$ip.$data;
header("Location http://mijagi.xt.pl");
}
else
{
echo 'za dlugi nik (max 50), gg(max 10) lub tresc(max300) :((((';
}
}
else
{
echo 'zly nr gg :(';
}
}
else
{
echo 'nie czituj <img src="style_emoticons/<#EMO_DIR#>/haha.gif" style="vertical-align:middle" emoid="xD" border="0" alt="haha.gif" />D';
}
}
else { echo 'cos zostawiles puste;dddd'; }
?>
a tu macie rozryz bazy i jak ten skrypt dodaje zmienne :
id - dodaje dobrze
ip - dodaje date czyli : 16.09.2008/
data_kom - 0000-00-00 00:00:00
nick_kom - dodaje dobrze
tresc_kom - dodaje dobrze
gg - dodaje dobrze
ktory_news - dodaje zawsze 0, a w skrypcie jest przekazana zmienna
Co jest w tym nie tak?
