Firstly you need to Insert rather than update and use prepare statement for preventing SQL Injection Please find the code to do so

function insertComment($comment,$author,$post_id,$time){
  global $mysqli;
  $stmt = $mysqli->prepare("INSERT INTO comments(
    comments,
    author,
    timeposted,
    post_id
     )VALUES (
      ?,
      ?,
      ?,
      ?
    )");
    $stmt->bind_param("ssss",$comment,$author,$post_id,$time);
    $stmt->execute();
    $inserted_id = $mysqli->insert_id;
    return $instered_id;
 }

Firstly you need to Insert rather than update and use prepare statement for preventing SQL Injection Please find the code to do so

$comment = "This is Comment";
$author = "Nikita";
$post_id = 1;
$time = "12:00:00";

function insertComment($comment,$author,$post_id,$time){
  global $mysqli;
  $stmt = $mysqli->prepare("INSERT INTO comments(
    comments,
    author,
    timeposted,
    post_id
     )VALUES (
      ?,
      ?,
      ?,
      ?
    )");
    $stmt->bind_param("ssss",$comment,$author,$post_id,$time);
    $stmt->execute();
    $inserted_id = $mysqli->insert_id;
    return $instered_id;
 }
 $sql = insertComment($comment,$author,$post_id,$time);
 echo $sql;