Skip to main content

Return to Answer

Post Timeline

added 368 characters in body
Source Link
dwolf
dwolf
  • 1
  • 2

This inserts nothingworked for me. Ddwolf (wtec.co)

// cleans all input variables at once
 $post = array_map("mysql_real_escape_string", $_POST);
<?php
// add data to db
require_once('../admin/connect.php');
$conn
$mysqli = new mysqli($servername, $username, $password, $dbname);
$sql
/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$post = $mysqli->real_escape_string($_POST['name']);
$title = $mysqli->real_escape_string($_POST['message']);


/* this query with escaped $post,$title will work */
if ($mysqli->query("INSERT INTOinto press (title, post) VALUES 
 ('$post', '$title')")) {
    printf('$_POST[name]'"%d Row inserted.\n",'$_POST[message]' $mysqli->affected_rows)";;
}

$conn$mysqli->query>close($sql);
$conn->close

//header("location:../admin"); 
?>

This inserts nothing for me. D

// cleans all input variables at once
 $post = array_map("mysql_real_escape_string", $_POST);

// add data to db
require_once('../admin/connect.php');
$conn = new mysqli($servername, $username, $password, $dbname);
$sql = "INSERT INTO press (title, post) VALUES 
 
('$_POST[name]','$_POST[message]')";

$conn->query($sql);
$conn->close();

This worked for me. dwolf (wtec.co)

<?php
// add data to db
require_once('../admin/connect.php');

$mysqli = new mysqli($servername, $username, $password, $dbname);

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$post = $mysqli->real_escape_string($_POST['name']);
$title = $mysqli->real_escape_string($_POST['message']);


/* this query with escaped $post,$title will work */
if ($mysqli->query("INSERT into press (title, post) VALUES ('$post', '$title')")) {
    printf("%d Row inserted.\n", $mysqli->affected_rows);
}

$mysqli->close();


//header("location:../admin"); 
?>
Source Link
dwolf
dwolf
  • 1
  • 2

This inserts nothing for me. D

// cleans all input variables at once
 $post = array_map("mysql_real_escape_string", $_POST);

// add data to db
require_once('../admin/connect.php');
$conn = new mysqli($servername, $username, $password, $dbname);
$sql = "INSERT INTO press (title, post) VALUES 

('$_POST[name]','$_POST[message]')";

$conn->query($sql);
$conn->close();