FAIL]
"); } // get data that sent from form $topic=mysql_real_escape_string($_REQUEST['topic']); $answer=mysql_real_escape_string($_REQUEST['answer']); $user=mysql_real_escape_string($_REQUEST['user']); $datetime=date("d/m/y H:i:s"); //create date time if($user != $_SESSION["user_nickname"]) die("THIS IS NOT ALLOWED!"); if($topic != "") { if($answer=="0") { $sql = "SELECT `like` FROM forum_question WHERE id = '".$topic."'"; $result2 = mysql_query ($sql); $like=mysql_fetch_array ($result2); if($like[0] == "") $like[0] = 0; $sql="UPDATE forum_question SET `like`='".($like[0]+1)."' WHERE `id` = '".$topic."'"; mysql_query($sql); } else { $sql = "SELECT `a_like` FROM forum_answer WHERE `question_id` = '".$topic."' AND `a_id` = '".$answer."'"; $result2 = mysql_query ($sql); $like=mysql_fetch_array ($result2); if($like[0] == "") $like[0] = 0; $sql="UPDATE forum_answer SET `a_like`='".($like[0]+1)."' WHERE `question_id`= '".$topic."' AND `a_id` = '".$answer."'"; mysql_query($sql); } $sql="INSERT INTO $tbl_name(`question`, `answer`, `nickname`, `datetime`, `like`)VALUES('$topic', '$answer', '$user', '$datetime', 'like')"; //echo $sql; $result=mysql_query($sql); if($result) { header ("Location: ".$moduleurl."&uebergabe=1&uebergabe2=".$topic); } else { echo "ERROR"; } } else { header ("Location: ".$moduleurl."&uebergabe=1&uebergabe2=".$topic); } mysql_close(); ?>