//include("../cfg/var.cfg");
require "../alex/partner_banner.php";
$n = str_replace('.html', '', $n);
$n = str_replace('.htm', '', $n);
/////////////////////////SQL Injection
$n=(int)$n;
/////////////////////////SQL Injection END
////////connect database
$host="localhost";
$db="football_profoot6";
$user="football_profoot";
$pass="gf56RDF12";
function connectdatabase($host,$db,$user, $pass) {
mysql_connect($host,$user,$pass);
mysql_select_db($db);
}
///////////////////////////
connectdatabase($host,$db,$user, $pass);
$sql='SELECT * FROM press WHERE num="'.$n.'"';
//echo mysql_errno().": ".mysql_error()."
";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$title_zag = strip_tags($row["zagolovok"]);
$shapka=file("../cgi-bin/shablon/top1");
$new_title = '
'; ?> echo ' |
'; $sql="SELECT * FROM comments WHERE news_type = 2 AND news_id = '$n' ORDER BY id DESC"; $result=mysql_query($sql); while($row=mysql_fetch_array($result)) { $user_name=$row["user_name"]; $message=$row["message"]; $date_mess=$row["date_mess"]; $country=$row["country"]; $message = str_replace("\n", " ", $message); echo "
$message
";
}
if($auth_comment[2]==1){
$login=$auth_comment[0];
$password=$auth_comment[1];
$check_box="checked";
}
echo'
Добавить свой комментарий
Регистрация Вы можете пользоваться своим логином, если Вы зарегистрированы в тотализаторе или викторине |
'; ?> '); // --> echo ' |