Im having these problems, it used to work in my website for almost a year then suddenly this error occured..
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/alexsl/public_html/admin/system/functions.php on line 291
here's functions.php:
<?php
// Somery, a weblogging script by Robin de Graaf, copyright 2001-2006
// Somery is distributed under the Artistic License (see LICENSE.txt)
//
// ADMIN/SYSTEM/FUNCTIONS.PHP > 08-03-2006
// execute some stuff
extract($_POST);
extract($_GET);
mysql_connect($sqlhost, $sqluser, $sqlpass);
mysql_select_db($sqldb);
skinset();
loaduser();
$localver = "0.4.6";
// functions for the admin system, gathering data
function format_date($raw_date, $format="Y-m-d H:i:s",$tz) {
global $prefix, $settings;
ereg("(....)-(..)-(..) (..):(..):(..)",$raw_date,$reg);
return date($format, mktime($reg[4],$reg[5],$reg[6],$reg[2],$reg[3],$reg[1])+($tz*3600));
}
function whitelist($word) {
global $prefix;
if ($word) {
$result = mysql_query("SELECT * FROM ".$prefix."additionals WHERE calltitle = '$word'");
$total = mysql_num_rows($result);
if ($total == 0) {
return 0;
} else {
return 1;
}
} else {
return 0;
}
}
function skinset() {
global $prefix, $skindir;
$result = mysql_query("SELECT * FROM ".$prefix."settings");
while($row=mysql_fetch_object($result)) {
$skindir = $row->skindir;
}
$skindir = "skins/".$skindir;
return;
}
function loadsettings() {
global $prefix, $settings;
$result = mysql_query("SELECT * FROM ".$prefix."settings");
while($row=mysql_fetch_object($result)) {
$settings['setskin'] = $row->skindir;
$settings['startlevel'] = $row->startlevel;
$settings['gmt'] = $row->gmt;
$settings['dateformat'] = $row->dateformat;
$settings['timeformat'] = $row->timeformat;
$settings['startstatus'] = $row->startstatus;
$settings['registration'] = $row->registration;
$settings['comments'] = $row->comments;
$settings['noposts'] = $row->noposts;
$settings['archive'] = $row->archive;
$settings['more'] = $row->more;
$settings['nocomments'] = $row->nocomments;
}
return;
}
function loaduser($username="") {
global $userdata, $prefix;
if ($username) {
$result = mysql_query("SELECT * FROM ".$prefix."users WHERE username = '$username'");
while($row=mysql_fetch_object($result)) {
$userdata['username'] = $row->username;
$userdata['password'] = $row->password;
$userdata['level'] = $row->level;
}
}
return $userdata;
}
function loadprofile($username="",$profile) {
global $prefix;
if ($username && $profile) {
$result = mysql_query("SELECT $profile FROM ".$prefix."profile WHERE username = '$username'");
while($row=mysql_fetch_object($result)) {
$text = $row->$profile;
}
}
return $text;
}
// functions for the skin system
function menu() {
global $checkauth,$prefix,$userdata;
if ($checkauth) {
echo "<a href='index.php'>index</a> - ";
echo "<a href='profile.php'>profile</a> - ";
echo "<a href='notes.php'>notes</a> - ";
if ($userdata['level'] >= 1) echo "<a href='articles.php'>articles</a> - ";
echo "<a href='team.php'>team</a> - ";
if ($userdata['level'] >= 3) echo "<a href='additionals.php'>additionals</a> - ";
if ($userdata['level'] >= 3) echo "<a href='settings.php'>settings</a> - ";
if ($userdata['level'] >= 2) echo "<a href='categories.php'>categories</a> - ";
echo "<a href='login.php?a=logout'>logout</a> ";
} elseif (!$checkauth) {
$result = mysql_query("SELECT * FROM ".$prefix."settings");
while($row=mysql_fetch_object($result)) {
$settings['registration'] = $row->registration;
}
if ($settings['registration'] == 0) echo "you're not logged in";
if ($settings['registration'] == 1) echo "<a href='register.php'>register</a>";
}
}
// functions for formatting
function debbcode($text) {
$text = ereg_replace("\[b\]|\[/b\]|\[i\]|\[/i\]|\[u\]|\[/u\]|\[img\]|\[/img\]|\[quote\]|\[/quote\]|\[email\]|\[/email\]|\[url\]|\[/url\]","", $text);
return $text;
}
function bbcode($text,$type=0) {
$text = ereg_replace("\r\r", "</p><p>", $text);
$text = ereg_replace("\r\n\r\n", "</p><p>", $text);
$text = ereg_replace("\n\n", "</p><p>", $text);
$text = ereg_replace("\n", "<br />", $text);
$text = preg_replace("/\[quote\](.+?)\[\/quote\]/is", "<blockquote><b>Quote:</b><br />\\1</blockquote>", $text);
$text = preg_replace("/\[center\](.+?)\[\/center\]/is", "</p><center>\\1</center><p>", $text);
$text = preg_replace("/\[b\](.+?)\[\/b\]/is", "<b>\\1</b>", $text);
$text = preg_replace("/\[i\](.+?)\[\/i\]/is", "<i>\\1</i>", $text);
$text = preg_replace("/\[u\](.+?)\[\/u\]/is", "<u>\\1</u>", $text);
if ($type != 1) $text = preg_replace("/\[img\](.+?)\[\/img\]{1}/is", "<img src='\\1' border='0' alt=''>", $text);
$text = preg_replace("/\[email\](.+?)\[\/email\]{1}/is", "<a href='mailto:\\1'>\\1</a>", $text);
$text = preg_replace("/\[url=([^<]+?)\](.+?)\[\/url\]{1}/is", "<a href='\\1'>\\2</a>", $text);
$text = preg_replace("/\[url\](.+?)\[\/url\]{1}/is", "<a href='\\1'>\\1</a>", $text);
$text = preg_replace("/\[newurl=([^<]+?)\](.+?)\[\/newurl\]{1}/is", "<a href='\\1' target='_blank'>\\2</a>", $text);
$text = preg_replace("/\[newurl\](.+?)\[\/newurl\]{1}/is", "<a href='\\1' target='_blank'>\\1</a>", $text);
return $text;
}
function cleanstring($text) {
$text = ereg_replace("[\x27]","'",trim($text));
$text = ereg_replace("[\x22]",""",trim($text));
strip_tags($text);
$text = ereg_replace(">",">",$text);
$text = ereg_replace("<","<",$text);
$text = preg_replace("[\x5c\]","",$text);
return $text;
}
// functions for the output engine
function archive($output="%",$type="title",$dtype="d/m/Y") {
global $total,$arow,$prefix,$p,$settings,$PHP_SELF;
if ($settings['archive'] != "0") { $limit = " LIMIT ".$settings['archive']; }
$result = mysql_query("SELECT * FROM ".$prefix."articles WHERE status = '1' ORDER BY aid DESC$limit");
while($row=mysql_fetch_object($result)) {
if ($type == "date") $more = "<a href='".$PHP_SELF."?p=".$row->aid."&c=1'>".debbcode(date($dtype,strtotime($row->date)))."</a>";
if ($type == "title") $more = "<a href='".$PHP_SELF."?p=".$row->aid."&c=1'>".debbcode($row->title)."</a>";
if ($type == "td") $more = "<a href='".$PHP_SELF."?p=".$row->aid."&c=1'>".debbcode(date($dtype,strtotime($row->date)))." - ".strtolower(debbcode($row->title))."</a>";
$info=eregi_replace("\%",$more,$output);
echo $info;
}
if (!$result) echo "empty";
}
function exportadd($word,$type="body",$dtype="d/m/Y H:i") {
global $prefix, $settings;
$result = mysql_query("SELECT * FROM ".$prefix."additionals WHERE calltitle = '$word'");
while($row=mysql_fetch_object($result)) {
if ($type == "body") {
$body = cleanstring($row->body);
$body = bbcode($body);
echo $body;
} elseif ($type == "title") {
$body = cleanstring($row->title);
$body = bbcode($body);
echo $body;
} elseif ($type == "calltitle") {
$body = cleanstring($row->calltitle);
$body = bbcode($body);
echo $body;
} elseif ($type == "created") {
$body = format_date($row->created, $settings['dateformat']." ".$settings['timeformat'], $settings['gmt']);
echo $body;
} elseif ($type == "modified") {
$body = format_date($row->modified, $settings['dateformat']." ".$settings['timeformat'], $settings['gmt']);
echo $body;
}
}
}
function prevnext($next="newer posts",$divider=" - ",$previous="older posts") {
global $total,$arow,$prefix,$p,$settings,$PHP_SELF,$offset;
if (!$offset) { $offset = 0; }
$offsetnext = $offset - $settings['noposts'];
$offsetprev = $offset + $settings['noposts'];
if ($offsetnext < 0) {
$next = "no newer posts";
} else {
$next = "<a href='index.php?offset=$offsetnext'>$next</a>";
}
$resultz = mysql_query("SELECT * FROM ".$prefix."articles WHERE status = '1'");
$totalz = mysql_num_rows($resultz);
$change = $totalz - $settings['noposts'];
if ($offset >= $change) {
$prev = "no older posts";
} else {
$prev = "<a href='index.php?offset=$offsetprev'>$previous</a>";
}
echo $next.$divider.$prev;
}
function getauthor($item) {
global $settings, $row, $prefix;
$result2 = mysql_query("SELECT * FROM ".$prefix."profile WHERE username = '".$row->username."'");
while($row2=mysql_fetch_object($result2)) {
echo $row2->$item;
}
}
function getadate() {
global $row, $prefix, $settings;
echo format_date($row->datetime, $settings['dateformat'], $settings['gmt']);
}
function getatime() {
global $row, $prefix, $settings;
echo format_date($row->datetime, $settings['timeformat'], $settings['gmt']);
}
function permalink() {
global $settings, $row, $prefix, $PHP_SELF;
echo "<a href=\"$PHP_SELF?p=$row->aid&c=1\">$row->title</a>";
}
function body() {
global $settings, $row, $prefix, $p, $PHP_SELF;
$body = cleanstring($row->body);
$body = bbcode($body);
if (!$p) {
echo $body."</p>";
} elseif ($p && $row->show_body == 1) {
echo $body."</p>";
}
if ($row->more && !$p) {
echo "<p><a href=\"$PHP_SELF?p=$row->aid&c=1\">".$settings[more]."</a></p>";
} elseif ($row->more && $p) {
$more = cleanstring($row->more);
$more = bbcode($more);
echo "<p>".$more."</p>";
}
}
function commentlink ($none="no comment",$single="1 comment",$more="% comments") {
global $row, $prefix, $settings, $PHP_SELF;
if ($settings[comments] == 1 && $row->show_comments == 1) {
$count = mysql_query("SELECT * FROM ".$prefix."comments WHERE parentid = $row->aid");
$total = mysql_num_rows($count);
if ($total == 0) echo "<a href=\"$PHP_SELF?p=$row->aid&c=1#comments\">$none</a>";
if ($total == 1) echo "<a href=\"$PHP_SELF?p=$row->aid&c=1#comments\">$single</a>";
if ($total > 1) {
$t="$total";
$more=eregi_replace("\%",$t,$more);
echo "<a href=\"$PHP_SELF?p=$row->aid&c=1#comments\">$more</a>";
}
} else {
echo $settings[nocomments];
}
}
function getarticle($item) {
global $settings, $row, $prefix;
$result2 = mysql_query("SELECT * FROM ".$prefix."articles WHERE aid = '".$row->aid."'");
while($row2=mysql_fetch_object($result2)) {
echo $row2->$item;
}
}
function getcomment($item) {
global $settings, $c_row, $prefix, $dtr;
$result2 = mysql_query("SELECT * FROM ".$prefix."comments WHERE coid = '".$c_row->coid."'");
while($row2=mysql_fetch_object($result2)) {
if ($item == "date") {
echo format_date($row2->datetime, "d/m/Y", $settings['gmt']);
}
if ($item == "time") {
echo format_date($row2->datetime, "H:i", $settings['gmt']);
}
if ($item != "date" && $item != "time") echo $row2->$item;
}
}
function category () {
global $row, $prefix;
$result2 = mysql_query("SELECT * FROM ".$prefix."categories WHERE cid = '".$row->category."'");
while($row2=mysql_fetch_object($result2)) {
echo $row2->category;
}
}
function catlink () {
global $row, $PHP_SELF;
echo "$PHP_SELF?cat=$row->category";
}
function userlink () {
global $row, $PHP_SELF;
echo "$PHP_SELF?user=$row->username";
}
function comment() {
global $settings, $c_row, $prefix, $p;
$result2 = mysql_query("SELECT * FROM ".$prefix."comments WHERE coid = '".$c_row->coid."'");
while($row2=mysql_fetch_object($result2)) {
$comment = cleanstring($row2->comment);
$comment = bbcode($comment,1);
echo $comment;
}
}
?>
==============================================
AND HERE'S THE OTHER ONE...
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/alexsl/public_html/admin/articles.php on line 47
here's article.php:
<?php
// Somery, a weblogging script by Robin de Graaf, copyright 2001-2006
// Somery is distributed under the Artistic License (see LICENSE.txt)
//
// ADMIN/ARTICLES.PHP > 08-03-2006
$start = TRUE;
include("system/include.php");
if ($checkauth) {
loadsettings();
if ($userdata['level'] >= 1) {
if (!$action) {
?>
<a name='top'></a>
<strong>Add a new article - <a href="articles.php#active">Active articles</a>/<a href="articles.php#hidden">Hidden articles</a></strong><br />
<table><tr><td><form method="post" action="articles.php"><input type="hidden" name="action" value="post"></td></tr></table>
<table>
<tr><td width=175>Author</td><td><?php echo $user; ?></td></tr>
<tr><td width=175>Article title</td><td><input size=50 name='title' type='text'></td></tr>
<tr><td width=175>Post in category</td><td><select name='category'>
<?php
$query = "SELECT * FROM ".$prefix."categories ORDER BY cid";
$result = mysql_query($query);while($row=mysql_fetch_object($result)) {
echo "<option value='$row->cid'>$row->category";
} ?>
</select></td></tr>
<tr><td width=175 valign=top>Article body</td><td><textarea name='body' rows=12 cols=50></textarea></td></tr>
<tr><td width=175 valign=top>Article more</td><td><textarea name='more' rows=12 cols=50></textarea></td></tr>
<tr><td width=175>Show body after more</td><td><input type='checkbox' name='showbody' CHECKED></td></tr>
<tr><td width=175>Enable comments</td><td><input type='checkbox' name='comments' CHECKED></td></tr>
<?php
if ($settings[startstatus] == 1) $d = " CHECKED";
?>
<tr><td width=175>Article visible<br><br></td><td><input type='checkbox' name='status'<?php echo $d; ?>><br><br></td></tr>
<tr><td width=175>Save changes</td><td><input type='submit' value='proceed'></td></tr>
</table><br>
<?php
$result = mysql_query("SELECT * FROM ".$prefix."articles WHERE status = '1' ORDER BY aid DESC");
$total = mysql_num_rows($result);
echo "<a name='active'></a><table width=\"100%\"><tr><td colspan=\"2\"><b>Active articles (".$total.") - <a href='articles.php#top'>Back to top</a></b></td></tr>";
while($row=mysql_fetch_object($result)) {
$resultc = mysql_query("SELECT * FROM ".$prefix."comments WHERE parentid = '".$row->aid."'");
$totalc = mysql_num_rows($resultc);
echo "<tr><td>";
if ($user == $row->username || $userdata['level'] >= 3) {
echo "<a href='articles.php?action=edit&aid=$row->aid'>".debbcode($row->title)."</a>";
} else {
echo debbcode($row->title);
}
echo " by ".$row->username." (<a href='articles.php?action=comview&aid=$row->aid'>comments: ".$totalc."</a>)</td><td width=\"75\">";
getadate();
echo "</tr>";
}
if (!$total) echo "<tr><td width=100%>None</td></tr>";
echo "</table><br>";
$result = mysql_query("SELECT * FROM ".$prefix."articles WHERE status = '0' ORDER BY aid DESC");
$total = mysql_num_rows($result);
echo "<a name='hidden'></a><table><tr><td><b>Hidden articles (".$total.") - <a href='articles.php#top'>Back to top</a></b></td></tr>";
while($row=mysql_fetch_object($result)) {
$resultc = mysql_query("SELECT * FROM ".$prefix."comments WHERE parentid = '".$row->aid."'");
$totalc = mysql_num_rows($resultc);
echo "<tr><td width=100%><a href='articles.php?action=edit&aid=$row->aid'>".debbcode($row->title)."</a> by ".$row->username." (<a href='articles.php?action=comview&aid=$row->aid'>comments: ".$totalc."</a>)</td></tr>";
}
if (!$total) echo "<tr><td width=100%>None</td></tr>";
echo "</table>";
} elseif ($action == "post") {
$title = debbcode($title);
$title = cleanstring($title);
$body = cleanstring($body);
$more = cleanstring($more);
$body = addslashes($body);
$more = addslashes($more);
if ($showbody) { $showbody = 1; } else { $showbody = 0; }
if ($comments) { $comments = 1; } else { $comments = 0; }
if ($status) { $status = 1; } else { $status = 0; }
if (!$title && !$err) { echo $error[11]; $err = 1; }
if (!$body && !$err) { echo $error[12]; $err = 1; }
if (!$err) {
$result = mysql_query("INSERT INTO ".$prefix."articles (username,title,body,more,category,datetime,status,show_comments,show_body) VALUES ('".$userdata['username']."','$title','$body','$more','$category','".date("Y-m-d H:i:s")."','$status','$comments','$showbody')");
echo "Article posted, redirecting...<meta http-equiv=Refresh content=1;URL='articles.php'>";
}
} elseif ($action == "edit") {
$result = mysql_query("SELECT * FROM ".$prefix."articles WHERE aid = '$aid'");
while($row=mysql_fetch_object($result)) {
if ($user == $row->username || $userdata['level'] >= 3) {
if ($row->status) $status = " CHECKED";
if ($row->show_comments) $comments = " CHECKED";
if ($row->show_body) $showbody = " CHECKED";
?>
<b>Edit an article</b><br>
<table><tr><td><form method="post" action="articles.php"><input type="hidden" name="action" value="update"><input type="hidden" name="aid" value="<?php echo $aid;?>"></td></tr></table>
<table>
<tr><td width=175>Article title</td><td><input size=50 name='title' type='text' value='<?php echo $row->title;?>'></td></tr>
<tr><td width=175>Post in category</td><td><select name='category'>
<?php
$resultcat = mysql_query("SELECT * FROM ".$prefix."categories ORDER BY cid");while($rowc=mysql_fetch_object($resultcat)) {
if ($rowc->cid == $row->category) {
echo "<option value='$rowc->cid' SELECTED>$rowc->category";
} else {
echo "<option value='$rowc->cid'>$rowc->category";
}
} ?>
</select></td></tr>
<tr><td width=175 valign=top>Article body</td><td><textarea name='body' rows=9 cols=50><?php echo $row->body;?></textarea></td></tr>
<tr><td width=175 valign=top>Article more</td><td><textarea name='more' rows=9 cols=50><?php echo $row->more;?></textarea></td></tr>
<tr><td width=175>Show body when using more</td><td><input type='checkbox' name='showbody'<?php echo $showbody;?>></td></tr>
<tr><td width=175>Enable comments</td><td><input type='checkbox' name='comments'<?php echo $comments;?>></td></tr>
<tr><td width=175>Article visible after editing</td><td><input type='checkbox' name='status'<?php echo $status;?>></td></tr>
<tr><td width=175><br>Delete this post</td><td><br><input type='checkbox' name='delete'></td></tr>
<tr><td width=175>Save changes</td><td><input type='submit' value='proceed'></td></tr>
</table><br>
<?php
} else { echo "You're not allowed to do that"; }
}
} elseif ($action == "update") {
if ($delete) {
$result = mysql_query("DELETE FROM ".$prefix."articles WHERE aid = '$aid'");
$result = mysql_query("DELETE FROM ".$prefix."comments WHERE parentid = '$aid'");
echo "Article and comments deleted, redirecting...<meta http-equiv=Refresh content=1;URL='articles.php'>";
$err = 1;
} else {
$title = debbcode($title);
$title = cleanstring($title);
$body = cleanstring($body);
$more = cleanstring($more);
if ($showbody) { $showbody = 1; } else { $showbody = 0; }
if ($comments) { $comments = 1; } else { $comments = 0; }
if ($status) { $status = 1; } else { $status = 0; }
if (!$title && !$err) { echo $error[11]; $err = 1; }
if (!$body && !$err) { echo $error[12]; $err = 1; }
if (!$err) {
$result = mysql_query("UPDATE ".$prefix."articles SET
title='$title',
body='$body',
more='$more',
category='$category',
status='$status',
show_comments='$comments',
show_body='$showbody'
WHERE aid = '$aid'");
echo "Article updated, redirecting...<meta http-equiv=Refresh content=1;URL='articles.php'>";
}
}
} elseif ($action == "comview") {
$result = mysql_query("SELECT * FROM ".$prefix."comments WHERE parentid = '".$aid."'");
$total = mysql_num_rows($result);
echo "<b>view comments ($total)</b><br><br>";
$result = mysql_query("SELECT * FROM ".$prefix."comments WHERE parentid = '".$aid."' ORDER BY coid");
while($row=mysql_fetch_object($result)) {
echo "<b><a href='mailto:$row->email'>$row->author</a></b> - <a href='articles.php?action=comedit&coid=$row->coid'>edit</a> - ";
getadate();
echo " - ";
getatime();
echo "<br />$row->comment<br><br />";
}
echo "<table><tr><td><form method='post' action='articles.php'><input type='hidden' name='action' value='compost'><input type='hidden' name='aid' value='$aid'></td></tr></table>
<table>
<tr><td width=175 valign=top>Author</td><td><input size=30 name='author' type='text' value='".loadprofile($user,"nickname")."'></td></tr>
<tr><td width=175 valign=top>Author email</td><td><input size=30 name='email' type='text' value='".loadprofile($user,"email")."'></td></tr>
<tr><td width=175 valign=top>Author url</td><td><input size=30 name='url' type='text' value='".loadprofile($user,"url")."'></td></tr>
<tr><td width=175 valign=top>Author comment</td><td><textarea name='comment' rows=9 cols=29>$row->comment</textarea></td></tr>
<tr><td width=175>Save changes</td><td><input type='submit' value='proceed'></td></tr></table>";
} elseif ($action == "comedit") {
echo "<b>edit comment</b><br>";
$result = mysql_query("SELECT * FROM ".$prefix."comments WHERE coid = '".$coid."'");
echo "<table><tr><td><form method='post' action='articles.php'><input type='hidden' name='action' value='comupdate'><input type='hidden' name='coid' value='$coid'></td></tr></table>
<table>";
while($row=mysql_fetch_object($result)) {
echo "
<tr><td width=175 valign=top>Author</td><td><input size=30 name='author' type='text' value='$row->author'></td></tr>
<tr><td width=175 valign=top>Author email</td><td><input size=30 name='email' type='text' value='$row->email'></td></tr>
<tr><td width=175 valign=top>Author url</td><td><input size=30 name='url' type='text' value='$row->url'></td></tr>
<tr><td width=175 valign=top>Author comment</td><td><textarea name='comment' rows=9 cols=29>$row->comment</textarea></td></tr>
<tr><td width=175><br>Delete this post</td><td><br><input type='checkbox' name='delete'></td></tr>
<tr><td width=175>save changes</td><td><input type='submit' value='proceed'></td></tr>";
}
echo "</table>";
} elseif ($action == "comupdate") {
$result = mysql_query("SELECT * FROM ".$prefix."comments WHERE coid = '$coid'");
while($row=mysql_fetch_object($result)) {
$aid = $row->parentid;
}
if ($delete) {
$result = mysql_query("DELETE FROM ".$prefix."comments WHERE coid = '$coid'");
echo "Comment deleted, redirecting...<meta http-equiv=Refresh content=1;URL='articles.php?action=comview&aid=$aid'>";
$err = 1;
} else {
$author = debbcode($author);
$author = cleanstring($author);
$email = debbcode($email);
$email = cleanstring($email);
$url = debbcode($url);
$url = cleanstring($url);
$comment = cleanstring($comment);
if (!$author && !$err) { echo $error[15]; $err = 1; }
if (!$comment && !$err) { echo $error[16]; $err = 1; }
if (!$err) {
$result = mysql_query("UPDATE ".$prefix."comments SET
author='$author',
email='$email',
url='$url',
comment='$comment'
WHERE coid = '$coid'");
echo "Comment updated, redirecting...<meta http-equiv=Refresh content=1;URL='articles.php?action=comview&aid=$aid'>";
}
}
} elseif ($action == "compost") {
$author = debbcode($author);
$author = cleanstring($author);
$email = debbcode($email);
$email = cleanstring($email);
$url = debbcode($url);
$url = cleanstring($url);
$comment = cleanstring($comment);
if (!$author && !$err) { echo $error[15]; $err = 1; }
if (!$comment && !$err) { echo $error[16]; $err = 1; }
if (!$err) {
$result = mysql_query("INSERT INTO ".$prefix."comments (parentid,author,email,url,comment,datetime) VALUES ('$aid','$author','$email','$url','$comment','".date("Y-m-d H:i:s")."')");
echo "Comment posted, redirecting...<meta http-equiv=Refresh content=1;URL='articles.php?action=comview&aid=$aid'>";
}
}
} ?>
<?php }; $start = FALSE; include("system/include.php"); ?>
how do i solve these? please help.
thank you.