<?
    // set all needed variables to connect with MySQL database
    $user = "user_naam";
    $pass = "password";
    $host = "localhost";
    $dbdb = "database_naam";
    
    // connect to MySQL database
    if (!mysql_select_db($dbdb, mysql_connect($host, $user, $pass)))
    
        // give error message if the connection could not be established
        echo "Sorry, de database kan niet geopend worden.";
    
    // unset all variables
    unset($user);
    unset($pass);
    unset($host);
    unset($dbdb);

    $table = "tabel_naam";

    //-- insert reaction to database
    if ($_POST['at'] && ($_POST['door'] && $_POST['msg']))
    {
        $sql3 = "INSERT INTO " . $table . " (id, door, email, msg, at, tid, ip, fid) VALUES ('', '" . stripslashes($_POST['door']) . "', '" . stripslashes($_POST['email']) . "', '" . stripslashes($_POST['msg']) . "', '" . $_POST['at'] . "', '" . $_POST['id'] . "', '" . $_SERVER['$REMOTE_ADDR'] . "', '" . $fid . "')";
        $res3 = mysql_query($sql3);
        
        if ($res3)
        {
            if ($fid)
                $insert = "<p><span class=here>Bedankt voor het reageren!</span></p>";
            else
                $insert = "<p><span class=here>Bedankt voor het reageren $door!</span></p>";
        }
        else
        {
            $insert = "<p><span class=here>Sorry, je reactie is niet opgeslagen, probeer het opnieuw of neem contact met ons op.</span></p>";
        }
        $fid = "";
        $door = "";
        $email = "";
        $msg = "";
    }
    //-- not enough data
    elseif ($_POST['at'])
    {
            $insert = "<p><span class=kopje>Je bent je naam of bericht vergeten.</span></p>";
    }                
    
    //-- recieve reacties from database
    $sql2 = "SELECT * FROM " . $table . " WHERE tid = " . $id . " order by id";
    $res2 = mysql_query($sql2);
    
    echo "<BR><BR>&gt;&gt; <b>Reacties</b><P><BR><BR>";
    
    echo "<table width=\"94%\" border=\"1\" cellpadding=\"5\" cellspacing=\"0\" bordercolor=\"#597E90\">";
    echo "<tr>";
    echo "<td bgcolor=\"#496979\">";
    echo $insert;
    
    //-- show reactions
    if (mysql_num_rows($res2) >= 1)
    {
        while ($row2 = mysql_fetch_array($res2))
        {
            if ($row2[fid])
            {
                $fsql = "SELECT id, name FROM $table WHERE id = $row2[fid]";
                $fres = mysql_query($fsql);
                $frow = mysql_fetch_array($fres);
            }
            
            $row2['door'] = htmlentities($row2['door']);
            $row2['email'] = htmlentities($row2['email']);
            $row2['msg'] = htmlentities($row2['msg']);
            $row2['msg'] = nl2br($row2['msg']);
            
            if ($row2[email])
                echo "<b>Reactie door <a href=mailto:" . $row2['email'] . ">" . $row2['door'] . "</a> @ " . $row2['at'] . "</b> <span class=small><i>(" . $row2['ip'] . ")</i></span><br>";
            else
                echo "<b>Gepost door " . $row2['door'] . " @ " . $row2['at'] . "</b> <span class=small><i>(" . $row2['ip'] . ")</i></span><br>";
            echo "$row2[msg]<P>";
        }
    }
    else
    {
        echo "<b>Er zijn nog geen reacties.</b>";
    }
    
    echo "<hr>";
    
    echo "<p>";
    
    // door email at tid
    $at = date('d-m-Y');
    
    //echo "<center>";
    echo "<form method=post action=" . $_SERVER['PHP_SELF'] . ">";

    if ($_GET['id'])
        echo "<input type=hidden name=id value=\"" . $_GET['id'] . "\">";
    else
        echo "<input type=hidden name=id value=\"" . $_POST['id'] . "\">";

    echo "<input type=hidden name=at value=\"" . $at . "\">";
    
    echo "<b>Naam</b><br>";
    echo "<input type=text name=door value=\"" . htmlentities($_POST['door']) . "\" size=25><BR><BR>";
    
    echo "<b>Email</b><br>";
    echo "<input type=text name=email value=\"" . htmlentities($_POST['email']) . "\" size=25><BR><BR>";
    
    echo "<b>Reactie</b><br>";
    echo "<textarea name=msg cols=80 rows=6>" . htmlentities($_POST['msg']) . "</textarea><BR><BR>";
    
    echo "<input type=submit name=submit value=\"Reageren!\">";
    echo "</form>";
    //echo "</center>";
    echo "</p>";
    
    echo "<hr>";
    
    
    echo "<p>&nbsp;</p>";
        
    echo "</td>";
    echo "</tr>";
    echo "</table><P>";
?> 