Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>Add Update</title>
- </head>
- <form name="update" action="addupdate.php" method="post">
- Title
- <input type="text" name="title" />
- <br />
- Content
- <br />
- <textarea name="content" rows="10" cols="30">
- </textarea>
- <br />
- <input type="submit" value="Submit" />
- </form>
- <?php
- // mysql Variables //
- $mysql_localhost = "local_host";
- $mysql_username = "db_username";
- $mysql_database = "db_name";
- $mysql_password = "db_password";
- // Connects to mysql datatbase //
- mysql_connect("$mysql_localhost", "$mysql_username", "$mysql_password") or die(mysql_error());
- mysql_select_db("$mysql_database") or die(mysql_error());
- }
- // Function to sanitize values received from the form. Prevents SQL injection //
- function clean($str) {
- $str = @trim($str);
- if(get_magic_quotes_gpc()) {
- $str = stripslashes($str);
- }
- return mysql_real_escape_string($str);
- }
- // Cleans data and assignes to varaibles //
- $title = clean($_POST['title']);
- $content = clean($_POST['content']);
- //Inserts data into database
- mysql_query("INSERT INTO add_update
- (title, content) VALUES('$title', '$content'")
- or die(mysql_error());
- echo "You have succussfully updated your website!";
- ?>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement