'blogg_comments', )); list($blogRecords, $blogMetaData) = getRecords(array( 'tableName' => 'blog', 'where' => whereRecordNumberInUrl(1), 'limit' => '1', )); $blogRecord = @$blogRecords[0]; // get first record // show error message if no matching record is found if (!$blogRecord) { print "Record not found!"; exit; } // submit form if (@$_REQUEST['submit']) { // error checking $errorsAndAlerts = ""; if (!@$_REQUEST['title']) { $errorsAndAlerts .= "Please specify your name!
\n"; } if (!@$_REQUEST['content']) { $errorsAndAlerts .= "Please write a comment!
\n"; } if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email!
\n"; } else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com)
\n"; } // turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) // add record if (!@$errorsAndAlerts) { mysql_query("INSERT INTO `{$TABLE_PREFIX}blogg_comments` SET title = '".mysql_real_escape_string( $_REQUEST['title'] )."', content = '".mysql_real_escape_string( $_REQUEST['content'] )."', email = '".mysql_real_escape_string( $_REQUEST['email'] )."', publish = '0', ref_table = '', ref_num = '".mysql_real_escape_string( $_REQUEST['ref_num'] )."', createdDate = NOW(), updatedDate = NOW(), createdByUserNum = '0', updatedByUserNum = '0'") or die("MySQL Error Creating Record:
\n". htmlspecialchars(mysql_error()) . "\n"); $recordNum = mysql_insert_id(); // display thanks message and clear form $errorsAndAlerts = "Thanks, we've added that record!"; $_REQUEST = array(); } } ?> Nuts and Bolts Demonstration

Add a comment

Comments

|

Name
Email
Content	<?php echo htmlspecialchars(@$_REQUEST['content']) ?>