' . htmlentities($post["uploadName"], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '
'; echo "
";
$sql = "SELECT * FROM comments WHERE uploadNo = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $uploadNo);
$stmt->execute();
$comments = $stmt->get_result();
while($comment = $comments->fetch_assoc()) {
echo '
";
echo '' . htmlentities($comment['commentText'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . ' - ' . htmlentities($comment['commentName'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '
'; } echo "