Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <html>
- <head>
- <title>Guest book</title>
- </head>
- <?php
- if(isset($_POST['author'])) {
- $author = htmlspecialchars($_POST['author']);
- $email = htmlspecialchars($_POST['email']);
- $message = htmlspecialchars($_POST['message']);
- if(isset($_POST['author']) && isset($_POST['email']) && isset($_POST['message']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== false) {
- try {
- $conn = new PDO('mysql:host=localhost;dbname=guestbook', 'root', '1234');
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $insert = "INSERT INTO messages (author, email, message) VALUES ('$author', '$email', '$message')";
- $conn->exec($insert);
- $select = "SELECT * FROM messages ORDER BY id";
- $num = 1;
- foreach ($conn->query($select, PDO::FETCH_ASSOC)->fetchAll() as $row) {
- echo $num++ . '<br>';
- echo $row['author'] . '<br>';
- echo '<a href="mailto:' . $row['email'] . '">' . $row['email'] . '</a>' . '<br>';
- echo $row['message'] . '<br>';
- echo '<a href="index.php?act=del&id=' . $row['id'] . '">Delete Message</a>' . '<hr>';
- $id = $_GET['id'];
- var_dump($_GET);
- var_dump($_POST);
- if($_GET['act'] == 'del' && is_numeric($_GET['id']) == true) {
- $delete = "DELETE FROM messages WHERE id='$id'";
- $conn->exec($delete);
- }
- else {
- echo 'Cannot delete ' . '<br>';
- }
- }
- }
- catch(PDOException $e) {
- echo $e->getMessage();
- }
- }
- else {
- echo 'Error while adding your message';
- }
- }
- ?>
- <form id="form" action="index.php" method="post">
- <span>Author: <input type="text" name="author" required></span>
- <span>Email: <input type="text" name="email" required></span>
- <span>Message: <input type="text" name="message" required></span>
- <input type="submit">
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
