diff --git a/www-ssl/nonpublic/news_comments.php b/www-ssl/nonpublic/news_comments.php index d2c450ea..527c4d01 100755 --- a/www-ssl/nonpublic/news_comments.php +++ b/www-ssl/nonpublic/news_comments.php @@ -6,19 +6,22 @@ include ("./inc/db.php"); include ("./inc/funktion_user.php"); -if (IsSet($nid)) { +if( IsSet( $_GET["nid"])) +{ -if (IsSet($date) && IsSet($text)){ - - $ch_sql="INSERT INTO news_comments (Refid, Datum, Text, UID) VALUES ('$nid', '$date', '$text', '".$_SESSION[UID]."')"; +if( IsSet( $_GET["text"])) +{ + $ch_sql="INSERT INTO news_comments (Refid, Datum, Text, UID) VALUES ('". + $_GET["nid"]. "', '". date("Y-m-d H:i:s"). "', '". $_GET["text"]. "', '". $_SESSION["UID"]. "')"; $Erg = mysql_query($ch_sql, $con); - if ($Erg == 1) { echo "Eintrag wurde gespeichert

"; } + if ($Erg == 1) + echo "Eintrag wurde gespeichert

"; } -$SQL = "SELECT * FROM news_comments where Refid = $nid ORDER BY 'ID'"; +$SQL = "SELECT * FROM news_comments where Refid = ". $_GET["nid"]. " ORDER BY 'ID'"; $Erg = mysql_query($SQL, $con); - +echo mysql_error( $con); // anzahl zeilen $news_rows = mysql_num_rows($Erg); @@ -60,9 +63,8 @@ echo "";

Neuer Kommentar:

  -
-"> - + +"> @@ -76,12 +78,11 @@ echo "
Text:
";