diff --git a/results.php b/results.phpindex 28e78d7..a3d71a2 100644--- a/res

1. diff --git a/results.php b/results.php
2. index 28e78d7..a3d71a2 100644
3. --- a/results.php
4. +++ b/results.php
5. @@ -195,7 +195,6 @@ echo '<strong>ID</strong>: ' .$id.'<br></div>';
6.  <div class="box_inside">
7.  <form method="POST">
8.  <input type="hidden" name="sid" value="<?= htmlspecialchars(session_id(), ENT_QUOTES) ?>" />
9. -<table>
10.  <?php
11.  /**
12.   * Save comment?
13. @@ -234,12 +233,32 @@ if (isset($_SESSION['user'], $_POST['sid'], $_POST['text'])) {
14.  /**
15.   * Load comments and display them
16.   */
17. -$q = mysql_query("SELECT text, timestamp, setname, avatar FROM members_comments LEFT JOIN members ON members.id = commenter WHERE subject = {$name10['id']}");
18. -if (!$q) {
19. +$page = isset($_GET['page']) ? intval($_GET['page']) * 10: 0;
20. +
21. +$c = mysql_query("SELECT COUNT(*) AS count FROM members_comments WHERE subject = {$name10['id']}");
22. +if (!$c) {
23.    die(mysql_error());
24.  }
25. +$c = mysql_fetch_object($c);
26. +$c = floor($c->count / 10);
27. +$pagination = array();
28. +for ($i = 0; $i <= $c; $i++) {
29. +  $pagination[] = '<a href="/results.php?setname=' . urlencode($_GET['setname']) . '&page=' . $i . '">'. ($i+1) . '</a>';
30. +}
31. +$pagination = join($pagination, ' | ');
32.  
33. +$q = mysql_query("SELECT text, timestamp, UNIX_TIMESTAMP(timestamp) AS unixtime, setname, avatar FROM members_comments LEFT JOIN members ON members.id = commenter WHERE subject = {$name10['id']} ORDER BY timestamp DESC LIMIT $page, 10");
34. +if (!$q) {
35. +  die(mysql_error());
36. +}
37. +?>
38. +<center><?= $pagination ?></center>
39. +<table>
40. +<?php
41.  while ($row = mysql_fetch_assoc($q)) {
42. +  if ($row['unixtime'] > $_SESSION['last_comment_seen']) {
43. +    $_SESSION['last_comment_seen'] = $row['unixtime'];
44. +  }
45.  ?>
46.    <tr style="border-bottom: 1px solid black">
47.      <td><a href="results.php?setname=<?= urlencode($row['setname']) ?>"><?= htmlspecialchars($row['setname']) ?></a><br /><i><?= htmlspecialchars($row['timestamp']) ?></i><br /><img src="<?= htmlspecialchars($row['avatar']) ?>" /></td>
48. @@ -366,4 +385,4 @@ if (isset($_SESSION['user'])) {
49.  </div>
50.  
51.  </body>
52. -</html>
53. \ No newline at end of file
54. +</html>
55. diff --git a/validate.php b/validate.php
56. index f0a12af..3cae1b3 100644
57. --- a/validate.php
58. +++ b/validate.php
59. @@ -72,7 +72,7 @@ $ban = $name30[ban];
60.  
61.  if($ban == 0){
62.  
63. -$query = "Select password FROM members WHERE setname = '".$user."' AND activationcode IS NULL";
64. +$query = "Select id, password FROM members WHERE setname = '".mysql_real_escape_string($user)."' AND activationcode IS NULL";
65.  $result = mysql_query($query) or die(mysql_error());
66.  $name = mysql_fetch_array($result);
67.  $pass1 = $name[password];
68. @@ -82,6 +82,18 @@ $_SESSION['user'] = $user;     //creates the session variable $_SESSION['user']
69.  $_SESSION['pass'] = $pass;    //creates the session variable $_SESSION['pass']
70.  echo "<center>Congratulations " .$user. " You are successfully <a href='index.php'>logged in.</a></center>";
71.  echo "<br /><br />";
72. +
73. +// Check for new comments
74. +$last_comment_seen = intval($_SESSION['last_comment_seen']);
75. +$q = mysql_query("SELECT COUNT(*) AS count FROM members_comments WHERE subject = {$name['id']} AND UNIX_TIMESTAMP(timestamp) > $last_comment_seen");
76. +if (!$q) {
77. +  die(mysql_error());
78. +}
79. +$comments = mysql_fetch_object($q);
80. +if ($comments->count) {
81. +  print '<p><strong>New comments on your <a href="/results.php?setname=' . urlencode($_POST['user']) . '">profile page</a>: ' . $comments->count . '</strong></p>';
82. +}
83. +
84.  }
85.  
86.  else{
87. @@ -205,4 +217,4 @@ echo 'You are banned';
88.  </div>
89.  
90.  </body>
91. -</html>
92. \ No newline at end of file
93. +</html>