can anyone help me to check and correct the code??thanks in advance..
Code: Select all
<?php
require_once 'config.php' ;
require_once 'application.php' ;
$id = $_SESSION['id'];
$username = $_SESSION["username"];
$comment = $_POST["comment"];
if ($id = $_SESSION['id'])
{
$query = 'INSERT INTO comment set id = "' . mysql_real_escape_string($id) . '",
username = "' . mysql_real_escape_string($username) . '",
comment = "' . mysql_real_escape_string($comment) . '",date = "' . date('Y-m-d H:i:s') . '"';
$result = mysql_query($query);
else{
echo"<script>alert(\"Please register as member to comment\")</script>";
}
}
redirect("comment2.php");
?>