Okay, if you use this script, you can easily get sql-injections, because you don't use mysql_real_escape_string or some else protecting.
$sql="INSERT INTO any (1)VALUES('$_POST[comment]')";
These 3 lines is wrong. If this is gonna be right, you need either this:
$sql="INSERT INTO any (comment)VALUES('$_POST[comment]')";
or
$sql="INSERT INTO any (1)VALUES('$_POST[1]')";
And the best would be this:
$comment = myql_real_escape_string($_POST['comment']); // this prevents sql-injections$sql="INSERT INTO any (comment)VALUES('$comment')";
That might not the be error you get, but I'm just telling you :)I didn't actually read your first post.