New web host, php form not working

I changed web hosting companies and now a php form that was working is no longer working. I haven’t been able to figure out what the problem is. The form is a simple text input form that adds the text to a database. Every time the user inserts text with a comma, an error occurs. Below is the code for the form. Any help is much appreciated.

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “”>
<html xmlns=“”>
<meta http-equiv=“Content-Type” content=“text/html; charset=utf-8” />
<link href=“style.css” rel=“stylesheet” type=“text/css” />

<?php require_once(‘inc/header.html’); ?>
<?php require_once(‘…/Connections/websitedatabase.php’); ?>

if (isset($_POST[‘note’])):

$note = $_POST[‘note’];
$name = $_POST[‘name’];
$id = $_POST[‘id’];
$sql = "UPDATE presidentnotes SET
if (@mysql_query($sql)) {
echo ‘<p>The note has been updated.</p>’;
} else {
echo ‘<p>Error updating note. Details: ’ .
mysql_error() . ‘</p>’;
$presidentnotes = @mysql_query(
"SELECT note, name FROM presidentnotes ");
if (!$presidentnotes) {
exit(’<p>Error fetching note details: ’ .
mysql_error() . ‘</p>’);
$presidentnotes = mysql_fetch_array($presidentnotes);
$note = $presidentnotes[‘note’];
$name = $presidentnotes[‘name’];

$note = mysql_real_escape_string($note);
$name = mysql_real_escape_string($name);

<form action=“<?php echo $_SERVER[‘PHP_SELF’]; ?>” method=“post”>
<h1>President’s Note on hompage - Edit5</h1>

<label>Note:<br />
<textarea name=“note” cols=“100” rows=“12”><?php echo $note; ?></textarea>
</label><br />
<label>Name:<br /> <input name=“name” type=“text” value=“<?php echo $name; ?>” size=“40” /></label><br />
<input type=“hidden” name=“id” value=“<?php echo $id; ?>” />
<input type=“submit” value=“SUBMIT” /></p>

<?php endif; ?>

<p> </p>

You might want to find out from your hosting company which version of PHP they are using. I notice you have a few mysql_ functions in your code which are deprecated in the current version of PHP, so your code needs to be updated to use the mysqli_ functions instead.

Does the error message say anything?

It’s a little early for me. Are my eyes deceiving me or is mricketts’ code escaping on output but not on input making the code subject to sql injection?