< if( $_POST ) { $con = mysql_connect("localhost","inmoti6_myuser","mypassword"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("inmoti6_mysite", $con); $users_name = $_POST['name']; $users_email = $_POST['email']; $users_website = $_POST['website']; $users_comment = $_POST['comment']; $users_name = mysql_real_escape_string($users_name); $users_email = mysql_real_escape_string($users_email); $users_website = mysql_real_escape_string($users_website); $users_comment = mysql_real_escape_string($users_comment); $articleid = $_GET['id']; if( ! is_numeric($articleid) ) die('invalid article id'); $query = " INSERT INTO `inmoti6_mysite`.`comments` (`id`, `name`, `email`, `website`, `comment`, `timestamp`, `articleid`) VALUES (NULL, '$users_name', '$users_email', '$users_website', '$users_comment', CURRENT_TIMESTAMP, '$articleid');"; mysql_query($query); echo "

Thank you for your Comment!

"; mysql_close($con); } ?>