In that case, you should work with the filesystem functions of PHP. The script depends, of course, on how you would like visitors to see these links and comments.

The basic script to write to a file is:

$fp = fopen("flatfile.txt","a");
fwrite($fp,"Hello World");
fclose($fp);

The basic script to read from a flat file is:

$fp = fopen("flatfile.txt","r");
while(!feof($fp)){
$buffer = fgets($fp,4000);
echo $buffer;
}
fclose($fp);

Never trust the users input.

Always filter user input to scripts with something like preg replace, ereg, strip_tags etc. Especially when that input is then contributing to a page for viewing by others. HTML tags etc might confuse+ the output you delivering.

I'm no expert but think this should filter for only letters and numbers.

$cleaninput = preg_replace('[^A-Za-z0-9]', '', $input);

dpb

You could also preserve the user's input with addslashes() and htmlspecialchars().

sorry the above should have been..

$cleaninput = preg_replace('/[^a-zA-Z]/','',$input);

dpb

Taking any user input, I always process it after I do the addslashes. Too many times have I started to debug something that wasn't broken, I was just using the wrong input HAHA.... putting that addslashes in there saved me alot of time since I found it... I would suggest using it for all user input...it also prevents someone from executing php maliciously from your "form"

Example:
Say you put a form up that takes some input and incorporates the output of that data in another php page. If someone input <? //doo something bad?> in the input, and you chose to use it the way it was... it could do whatever php is allowed to do on your system..... scary... hehe