Untitled

<html>
	<body>


<?PHP

$server = '72.14.188.135';
$username = 'catz';
$password = '12345';
$database = 'All_Your_Base_Are_Belong_to_ME';

$db = mysql_connect($server, $username, $password, true);
if(!$db){
  die('The grim reaper is going to come eat you'.mysql_error());
  }
mysql_select_db($database);


	echo '<style type="text/css">
	body{
	background-color:'.$_POST['color'].';
	}
	</style>';


if(isset($_POST['submit'])){
	$comment = strip_tags(mysql_real_escape_string($_POST['comment']), '<b><u><i><em>');
	$name = strip_tags(mysql_real_escape_string($_POST['name']), '<b><u><i><em>');
	if($name == ''){
		$name = 'Anonymous';
	}
	if($comment == ''){
		echo '<b> Enter a comment and/or your name </b><br />';
	}else{
		$sqlcomment = "INSERT INTO Guestbook (comment, name) VALUES ('$comment', '$name')";
		if(mysql_query($sqlcomment)){
			echo '<b> Commented! <br /></b>';
		}
	}
}

$sqlComDisp = "SELECT comment, name, timestamp FROM Guestbook";

$comQuery = mysql_query($sqlComDisp);
while($commentDisp = mysql_fetch_assoc($comQuery)){
	echo '"'.$commentDisp['comment'].'"','<br />';
	echo '&nbsp&nbsp&nbsp&nbsp&nbsp-', $commentDisp['name'], '<font size="2"> ('.date('F j, Y, g:i a',strtotime($commentDisp['timestamp'])).')</font>';

	echo '<br /><br />';
}


//mysql_fetch_assoc();
//mysql_real_escape_string();


?>

<form method="post" target="_self">
  Comment
  <br />
  <textarea name="comment" rows="5" cols="70"></textarea>
  <br />
  Name:
  <br /><input type="text" maxlength="30" size="30" name="name" />
  <br />
  <input type="submit" name="submit" value="Comment" />
  <br />
  <br /><br /><br /><br /><br />Choose a background color!:
   <br />
   <input type="text" maxlength="10" size="10" name="color" />
  <br />
  <input type="submit" name="colorSubmit" value="Change Color" />

 </form>

	</body>
</html>