Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $action = $_REQUEST["action"];
- $target = $_REQUEST["target"];
- $srctitle = $_POST["srctitle"];
- $title = $_POST["article_title"];
- $cat = $_POST["article_cat"];
- $content = $_POST["article_content"];
- // Set database server access variables:
- $host = "localhost";
- $user = "root";
- $pass = "root";
- $db = "logansarchive";
- // Open connection
- $dbh = new PDO('mysql:host='.$host.';dbname='.$db, $user, $pass);
- $date = date('Y-m-d H:i:s');
- switch ($action) {
- case "Edit":
- $query = $dbh->prepare("UPDATE Articles ".
- "SET ArticleTitle = :title, Category = :cat, ArticleDate = :date, ArticleContent = :content ".
- "WHERE ArticleTitle = :srctitle");
- $query->bindParam(':title', $title);
- $query->bindParam(':cat', $cat);
- $query->bindParam(':date', $date);
- $query->bindParam(':content', $content);
- $query->bindParam(':srctitle', $srctitle);
- $query->execute();
- break;
- case "New":
- $query = $dbh->prepare("INSERT INTO Articles(Category, ArticleDate, ArticleTitle, ArticleContent) ".
- "VALUES(:cat, :date, :title, :content)");
- $query->bindParam(':cat', $cat);
- $query->bindParam(':date', $date);
- $query->bindParam(':title', $title);
- $query->bindParam(':content', $content);
- $query->execute();
- break;
- case "Delete":
- if ($target != "") {
- $query = $dbh->prepare("UPDATE Articles ".
- "SET DeletedYN = :del ".
- "WHERE ArticleTitle = :title");
- $query->bindValue(':del', "Yes");
- $query->bindParam(':title', $target);
- $query->execute();
- }
- else {
- header("Location: index.php?result=failed");
- }
- break;
- }
- header("Location: index.php?result=success");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement