I just hacked the heck out of a comment script (one that lets people leave a comment on a certain page). I had to do it because it was made to work on static pages and my urls were .htaccess controlled.

In fixing it up I noticed a few other things that might be security issues, but I don't code in php much at all anymore (for like a year or more).

See anything I missed?

PHP Code:
<?php

// Settings:

// File in which the entries will be saved (requires CHMOD 666):
$comment_settings['comment_file'] = "comments.dat";

// Admin E-mail for notifications (optional):
$comment_settings['admin_email'] = "";

// Add new comments at the top or at the bottom?
$comment_settings['add_comments'] = "bottom";

// How many comments per page?
$comment_settings['comments_per_page'] = 10;

// Make links clickable:
$comment_settings['auto_link'] = true;

// Length limitations:
$comment_settings['text_maxlength'] = 500;
$comment_settings['word_maxlength'] = 50;

// If no name is entered:
$comment_settings['anonym'] = "Anonym";

// Time format:
$comment_settings['time_format'] = "%d.%m.%Y, %H:%M";

// Anker, where the comments are on your pages:
$comment_settings['anker'] = "#comments";

// replace wordwrap? (if no "<br />"):
$comment_settings['wordwrap'] = " - ";

// Language settings:
$comment_lang['language'] =           "en";
$comment_lang['title'] =              "Comments";
$comment_lang['email_title'] =        "E-mail to [name]";
$comment_lang['hp_title'] =           "Homepage: [homepage]";
$comment_lang['no_comments_yet'] =    "No comments yet.";
$comment_lang['comments_shown'] =     "[comments] of [comments_total] comments (part [part])";
$comment_lang['previous'] =           "Previous part";
$comment_lang['next'] =               "Next part";
$comment_lang['show_all'] =           "Show all comments";
$comment_lang['add_comment'] =        "Your comment:";
$comment_lang['name'] =               "Name:";
$comment_lang['email_hp'] =           "E-mail or homepage:";
$comment_lang['ok'] =                 "OK";
$comment_lang['no_comments'] =        "No comments";
$comment_lang['one_comment'] =        "1 comment";
$comment_lang['several_comments'] =   "[comments] comments";
$comment_lang['comment_link_title'] = "Read or write comments";
$comment_lang['email_subject'] =      "Comment to [comment_to]";
$comment_lang['email_text'] =         "Comment to [comment_to] by [name]:\n\n[comment]\n\n\nLink to the comment:\n[link]";
$comment_lang['error'] =              "Error:";
$comment_lang['err_text_too_long'] =  "the text is too long ([characters] characters - maximum is [characters_max] characters)";
$comment_lang['err_word_too_long'] =  "the word [word] is too long";

// End of settings

function comment_make_link($string)
 {
  
$string ' ' $string;
  
$string preg_replace("#(^|[\n ])([\w]+?://.*?[^ \"\n\r\t<]*)#is""\\1<a href=\"\\2\">\\2</a>"$string);
  
$string preg_replace("#(^|[\n ])((www|ftp)\.[\w\-]+\.[\w\-.\~]+(?:/[^ \"\t\n\r<]*)?)#is""\\1<a href=\"http://\\2\">\\2</a>"$string);
  
$string preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i""\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>"$string);
  
$string substr($string1);
  return 
$string;
 }

function 
count_comments($comment_id$text=0)
 {
  global 
$comment_settings$comment_lang;
  
$data file($comment_settings['comment_file']);
  
$comment_total_entries count($data);
  
// count entries:
  
$comment_count 0;
  for (
$i 0$i $comment_total_entries$i++)
  {
   
$parts explode("|"$data[$i]);
   if (
$parts[3] == $comment_id$comment_count++;
  }
  if (
$text == 0) return $comment_count;
  else
   {
    if (
$comment_count == 0$count_text $comment_lang['no_comments'];
    elseif (
$comment_count == 1$count_text $comment_lang['one_comment'];
    else 
$count_text str_replace("[comments]"$comment_count$comment_lang['several_comments']);
    return 
$count_text;
   }
 }

if (isset(
$_GET['comment_id'])) $comment_id $_GET['comment_id'];
if (isset(
$_POST['comment_id'])) $comment_id $_POST['comment_id'];
if (isset(
$_GET['comment_popup'])) $comment_popup $_GET['comment_popup'];
if (isset(
$_POST['comment_popup'])) $comment_popup $_POST['comment_popup'];

if (empty(
$comment_popup) && empty($comment_id) && empty($_GET['comment_popup_link'])) $comment_id = ($_SERVER['FULL_URL']);

if (isset(
$comment_id))
 {
  if (isset(
$_GET['comment_page'])) $comment_page $_GET['comment_page']; else $comment_page 1;

// if comment entered::
if (isset($_POST['comment_text']) && trim($_POST['comment_text']) != "")
  {
   
// check posted data:
   
unset($errors);
   if (
strlen($_POST['comment_text']) > $comment_settings['text_maxlength']) { $err_txt_too_lng str_replace("[characters]"strlen($_POST['comment_text']), $comment_lang['err_text_too_long']); $err_txt_too_lng str_replace("[characters_max]"$comment_settings['text_maxlength'], $err_txt_too_lng); $errors[] = $err_txt_too_lng; }
   
$text_arr str_replace("\n"" "$_POST['comment_text']);
   
$text_arr explode(" ",$text_arr); for ($i=0;$i<count($text_arr);$i++) { trim($text_arr[$i]); $laenge strlen($text_arr[$i]); if ($laenge $comment_settings['word_maxlength']) { $errors[] = str_replace("[word]""\"".htmlentities(stripslashes(substr($text_arr[$i],0,$comment_settings['word_maxlength'])))."...\""$comment_lang['err_word_too_long']); } }

   
// look if double:
   
$data file($comment_settings['comment_file']);
   
$row_count count($data);
   for (
$row 0$row $row_count$row++)
     {
      
$parts explode("|"$data[$row]);
      if (
$parts[3] == $_POST['comment_id'] && urldecode($parts[4]) == trim($_POST['name']) && trim(urldecode($parts[6])) == trim($_POST['comment_text'])) { $double_entry true; break; }
     }

   
// save if no errors:
   
if (empty($errors) && empty($double_entry))
    {
      
$comment_text urlencode(trim($_POST['comment_text']));
     
$name urlencode(trim($_POST['name']));
      
$email_hp trim($_POST['email_hp']);
      if (
substr($email_hp,0,7) == "http://"$email_hp substr($email_hp,7);
      
$email_hp urlencode(base64_encode($email_hp));

      
$uniqid uniqid("");
      if (
$comment_settings['add_comments'] == "top")
      {
       
$data file($comment_settings['comment_file']);
       
$c count($data);
       
$datei fopen($comment_settings['comment_file'], 'w+');
       
flock($datei2);
       
fwrite($datei$uniqid."|".time()."|".$_SERVER["REMOTE_ADDR"]."|".$_POST['comment_id']."|".$name."|".$email_hp."|".$comment_text."\n");
       for (
$i 0$i $c$i++) { fwrite($dateitrim($data[$i])."\n"); }
       
flock($datei3);
       
fclose($datei);
      }
      else
      {
       
$datei fopen($comment_settings['comment_file'], "a");
       
flock($datei2);
       
fwrite($datei$uniqid."|".time()."|".$_SERVER["REMOTE_ADDR"]."|".$_POST['comment_id']."|".$name."|".$email_hp."|".$comment_text."\n");
       
flock($datei3);
       
fclose($datei);
      }

     
// E-mail notification to admin:
     
if (isset($comment_settings['admin_email']) && $comment_settings['admin_email'] !="")
      {
       if (isset(
$comment_popup)) { $acid1="?comment_id=".$comment_id."&ampcomment_popup=true"$acid2="&comment_id=".$comment_id."&comment_popup=true"; } else { $acid1 ""$acid2 ""; }
       
$sender_name trim($_POST['name']);
       if (
$sender_name==""$sender_name $comment_settings['anonym'];
       if (
preg_match("/^[^@]+@.+\.\D{2,5}$/"base64_decode(urldecode($email_hp)))) $sender_email base64_decode(urldecode($email_hp)); else $sender_email "no@email.xx";
       
$comment_subject str_replace("[comment_to]"$_POST['comment_id'], $comment_lang['email_subject']);
       
$comment_email_text str_replace("[comment_to]",$_POST['comment_id'],$comment_lang['email_text']);
       
$comment_email_text str_replace("[name]",stripslashes($sender_name),$comment_email_text);
       
$comment_email_text str_replace("[comment]",stripslashes($_POST['comment_text']),$comment_email_text);
       
$emailbody str_replace("[link]",($_SERVER['FULL_URL']).$acid1.$comment_settings['anker'],$comment_email_text);
       
$header"From: ".stripslashes($sender_name)." <".stripslashes($sender_email).">\n";
       
$header .= "X-Mailer: PHP/" phpversion(). "\n";
       
$header .= "X-Sender-IP: ".$_SERVER["REMOTE_ADDR"]."\n";
       
$header .= "Content-Type: text/plain";
       @
mail($comment_settings['admin_email'], $comment_subject$emailbody$header);
      }
     }
   }

  
// count:
  
$data file($comment_settings['comment_file']);
  
$comment_total_entries count($data);
  
$comment_count count_comments($comment_id);

  
// Header for popup window:
  
if (isset($comment_popup))
   {
    
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $comment_lang['language']; ?>"><head><title><?php echo $comment_lang['title']; ?></title><meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /><style type="text/css"><!-- body { color: #000000; background: #ffffff; margin: 15px; padding: 0px; font-family: verdana, arial, sans-serif; font-size: 13px; } p { font-family: verdana, arial, sans-serif; font-size: 13px; line-height: 19px; } h1 { font-family: verdana, arial, sans-serif; font-size: 18px; font-weight: bold; } --></style></head><body><h1><?php echo $comment_lang['title']; ?></h1><?php
   
}

  
// show comments:
  
if (isset($_GET['show_comments'])) $show_comments $_GET['show_comments'];
  if (isset(
$_POST['show_comments'])) $show_comments $_POST['show_comments'];
  if (isset(
$show_comments) && isset($hide_comments)) unset($hide_comments);
  if (empty(
$hide_comments))
  {
  
$comment_k 0;
  
$comment_a 0;
  for (
$i 0$i $comment_total_entries$i++)
    {
     
$parts explode("|"$data[$i]);
     if (
$parts[3] == $comment_id)
      {
       
$comment_k++;
       if (
$parts[4] != ""$name htmlentities(stripslashes(urldecode($parts[4]))); else $name $comment_settings['anonym'];
       if (
$parts[5] != "")
        {
         
$email_hp htmlentities(stripslashes(base64_decode(urldecode($parts[5]))));
         if (
preg_match("/^[^@]+@.+\.\D{2,5}$/"$email_hp))
             {
              
$email_parts explode("@"$email_hp);
              
$email_name $email_parts[0];
              
$email_domain_tld $email_parts[1];
              
$domain_parts explode("."$email_domain_tld);
              
$email_domain "";
              for (
$x 0$x count($domain_parts)-1$x++)
               {
                
$email_domain .= $domain_parts[$x].".";
               }
              
$email_tld $domain_parts[$x];
              
$email_title str_replace("[name]",$name,$comment_lang['email_title']);
              
$name "<script type=\"text/javascript\">
              <!--
              document.write('<a href=\"mailto:');
              document.write('"
.$email_name."');
              document.write('@');
              document.write('"
.$email_domain."');
              document.write('"
.$email_tld."');
              document.write('\" title=\""
.$email_title."\">');
              //-->
              </script>"
.$name."<script type=\"text/javascript\">
              <!--
              document.write('</a>');
              //-->
              </script>"
;
             }
          else
          {
           
$hp_title str_replace("[homepage]",$email_hp,$comment_lang['hp_title']);
           if (isset(
$comment_popup)) $name '<a href="http://'.$email_hp.'" title="'.$hp_title.'" target="_blank">'.$name.'</a>';
           else 
$name '<a href="http://'.$email_hp.'" title="'.$hp_title.'">'.$name.'</a>';
          }
        }
       
$comment htmlentities(stripslashes(urldecode($parts[6])));
       if (isset(
$comment_settings['wordwrap']) && $comment_settings['wordwrap'] != ""$comment str_replace("\n"$comment_settings['wordwrap'], trim($comment));
       if (isset(
$comment_settings['auto_link']) && $comment_settings['auto_link']==true$comment comment_make_link($comment);
       
$zeit $parts[1];

       if (
$comment_settings['add_comments'] == "top")
        {
         if (
$comment_page=="show_all" || ($comment_k>($comment_page-1)*$comment_settings['comments_per_page'] && $comment_k<$comment_page*$comment_settings['comments_per_page']+1)) { ?><p style="margin:0px 0px 5px 0px;"><b><?php echo $name?>:</b>&nbsp;<?php echo $comment?><br /><span style="font-size: 10px; color: #808080;">(<?php echo strftime($comment_settings['time_format'], $parts[1]); ?>)</span></p><?php $comment_a++; }
        }
       else
        {
         if (
$comment_page=="show_all" || ($comment_k > ( ($comment_count-$comment_settings['comments_per_page']) - ( ($comment_page-1) * $comment_settings['comments_per_page'] ) ) && $comment_k < (($comment_count-$comment_settings['comments_per_page'])-(($comment_page-1)*$comment_settings['comments_per_page']))+($comment_settings['comments_per_page']+1))) { ?><p style="margin:0px 0px 5px 0px;"><b><?php echo $name?>:</b>&nbsp;<?php echo $comment?><br /><span style="font-size: 10px; color: #808080;">(<?php echo strftime($comment_settings['time_format'], $parts[1]); ?>)</span></p><?php $comment_a++; }
        }
      }
    }

 
$comments_shown str_replace("[comments]"$comment_a$comment_lang['comments_shown']);
 
$comments_shown str_replace("[comments_total]"$comment_count$comments_shown);
 
$comments_shown str_replace("[part]"$comment_page$comments_shown);
 if (
$comment_k == 0) echo "<p><i>".$comment_lang['no_comments_yet']."</i></p>";
 if (
$comment_settings['comments_per_page'] < $comment_count && $comment_page != "show_all") { ?><p style="margin:10px 0px 3px 0px; font-family: verdana, arial, sans-serif; font-size: 11px;"><?php echo $comments_shown?>&nbsp;<?php
 
if ($comment_settings['comments_per_page'] < $comment_count && $comment_page 1) { ?>[ <a href="<?php echo ($_SERVER['FULL_URL']); ?>?comment_id=<?php echo $comment_id?>&amp;comment_page=<?php echo $comment_page-1; if (isset($comment_popup)) echo "&amp;comment_popup=true"; if (isset($show_comments)) echo "&amp;show_comments=true"; echo $comment_settings['anker']; ?>" title="<?php echo $comment_lang['previous']; ?>">&laquo;</a> ] <?php }
 if (
$comment_settings['comments_per_page'] < $comment_count && $comment_page < (($comment_count/$comment_settings['comments_per_page']))) { ?>[ <a href="<?php echo ($_SERVER['FULL_URL']); ?>?comment_id=<?php echo $comment_id?>&amp;comment_page=<?php echo $comment_page+1; if (isset($comment_popup)) echo "&amp;comment_popup=true"; if (isset($show_comments)) echo "&amp;show_comments=true"; echo $comment_settings['anker']; ?>" title="<?php echo $comment_lang['next']; ?>">&raquo;</a> ] <?php }
 
?>
 [ <a href="<?php echo ($_SERVER['FULL_URL']); ?>?comment_id=<?php echo $comment_id?>&amp;comment_page=show_all<?php if (isset($comment_popup)) echo "&amp;comment_popup=true"; if (isset($show_comments)) echo "&amp;show_comments=true"; echo $comment_settings['anker']; ?>" title="<?php echo $comment_lang['show_all']; ?>">*</a> ]</p><?php }
 if(isset(
$errors))
  {
   
?><p style="color:red; font-weight:bold;"><?php echo $comment_lang['error']; ?></p><ul><?php foreach($errors as $f) { ?><li><?php echo $f?></li><?php ?></ul><?php
  
}
 
?>
 <form method="post" action="<?php echo ($_SERVER['FULL_URL']); ?>"><div>
 <?php if (isset($comment_popup)) { ?><input type="hidden" name="comment_popup" value="true" /><?php ?>
 <input type="hidden" name="comment_id" value="<?php echo $comment_id?>" />
 <input type="hidden" name="show_comments" value="true" />
 <table style="margin-top: 10px;" border="0" cellpadding="1" cellspacing="0">
  <tr>
   <td colspan="3">
   <b><?php echo $comment_lang['add_comment']; ?></b><br />
   <textarea style="width: 400px;" name="comment_text" cols="45" rows="4"><?php if (isset($errors) && isset($_POST['comment_text'])) echo htmlentities(stripslashes($_POST['comment_text'])); ?></textarea><br />
   </td>
  </tr>
  <tr>
   <td style="font-family: verdana, arial, sans-serif; font-size: 11px; vertical-align: bottom;"><?php echo $comment_lang['name']; ?><br /><input type="text" name="name" value="<?php if (isset($errors) && isset($_POST['name'])) echo htmlentities(stripslashes($_POST['name'])); else echo ""?>" size="23" maxlength="25" /></td>
   <td style="font-family: verdana, arial, sans-serif; font-size: 11px; vertical-align: bottom;"><?php echo $comment_lang['email_hp']; ?><br/><input type="text" name="email_hp" value="<?php if (isset($errors) && isset($_POST['email_hp'])) echo htmlentities(stripslashes($_POST['email_hp'])); else echo ""?>" size="23" maxlength="60" /></td>
   <td style="font-family: verdana, arial, sans-serif; font-size: 11px; vertical-align: bottom;"><input type="submit" value="  <?php echo $comment_lang['ok']; ?>  " /></td>
  </tr>
 </table>
 <?php echo $_SERVER['FULL_URL']; ?>
 </div></form>
 <?php // If you want to remove the Link please donate some Euros: http://www.mylittlehomepage.net/donation.html ?>
 <p style="font-size: 11px;">Script by <a href="http://www.mylittlehomepage.net/comment_script.html"<?php if (isset($comment_popup)) echo " target=\"_blank\""?>>Alex</a></p>
 <?php
 
}
 else
 {

  
?><p>[ <a href="<?php echo ($_SERVER['FULL_URL']); ?>?show_comments=true<?php echo $comment_settings['anker']; ?>" title="<?php echo $comment_lang['comment_link_title']; ?>"><?php echo count_comments($comment_id1); ?></a> ]</p>
  <?php
 
}
 
// Footer for popup window:
 
if (isset($comment_popup))
  {
   
?></body></html><?php
  
}
}
// JavaScript for popup window and link:
if (isset($_GET['comment_popup_link']))
 {
 
?>function comment(id)
 {
 var page = "<?php echo $_SERVER['FULL_URL']; ?>?comment_id=" + id + "&comment_popup=true";
 popwin = window.open(page,"","width=460,height=500,scrollbars,resizable")
 popwin.focus();
 }
 document.open();
 document.write("[ <a href=\"javascript:comment('<?php echo $_GET['comment_popup_link']; ?>')\" title=\"<?php echo $comment_lang['comment_link_title']; ?>\"><?php echo count_comments($_GET['comment_popup_link'], 1); ?></a> ]");
 document.close();
 <?php
 
}
?>