<?php//This script is to INSERT data into the db //This system will only hav

1. <?php
2. //This script is to INSERT data into the db
3.  //This system will only have one user - so why have usernames and stuff stored in a database? That would be pointless!
4.  //Here, we are getting the username and password from the login form.
5.  
6. $user=$_POST["username"];
7.  
8. $password=$_POST["pass"];
9. //K,so, Shizmeister, we need to check that the username is correct
10. if ($username="editor") {
11.     if ($password="changethispass"){
12.     //And now the password
13.         include 'connect_to_mysql.php';
14.         //getting the data:    
15.             $body=$_POST["body"]; //using the POST method!
16.             $title=$_POST["title"];
17.             $header=$_POST["head"];
18.             $pid=$_POST["title"];
19.             preg_replace(' ', '-', $pid);
20.             mysql_real_escape_string($pid);
21.             mysql_real_escape_string($title);
22.             mysql_real_escape_string($head);
23.             mysql_real_escape_string($body);           
24.         //Inserting the data
25.             mysql_query("INSERT INTO cms_content (body, title, head, pid) VALUES ($body, $title, $head, $pid)");
26.         //Now close the connection! QUICK! BEFORE THE THIEVES GET INZ LULZ!
27.         mysql_close($conn);
28.     }
29. }
30. ?>