<html><head> <title>Add Update</title></head> <form name="update" act

1.  <html>
2. <head>
3.     <title>Add Update</title>
4. </head>
5.  
6.     <form name="update" action="addupdate.php" method="post">
7.         Title
8.         <input type="text" name="title" />
9.         <br />
10.         Content
11.         <br />
12.         <textarea name="content" rows="10" cols="30">
13.         </textarea>
14.         <br />
15.         <input type="submit" value="Submit" />
16.     </form>
17.    
18.     <?php
19.    
20.     // mysql Variables //
21.         $mysql_localhost = "local_host";
22.         $mysql_username = "db_username";
23.         $mysql_database = "db_name";
24.         $mysql_password = "db_password";
25.    
26.     // Connects to mysql datatbase //
27.         mysql_connect("$mysql_localhost", "$mysql_username", "$mysql_password") or die(mysql_error());
28.         mysql_select_db("$mysql_database") or die(mysql_error());
29.     }
30.    
31.     // Function to sanitize values received from the form. Prevents SQL injection //
32.         function clean($str) {
33.             $str = @trim($str);
34.             if(get_magic_quotes_gpc()) {
35.                 $str = stripslashes($str);
36.             }
37.             return mysql_real_escape_string($str);
38.         }
39.                
40.     // Cleans data and assignes to varaibles //    
41.         $title = clean($_POST['title']);
42.         $content = clean($_POST['content']);
43.  
44.     //Inserts data into database
45.         mysql_query("INSERT INTO add_update
46.         (title, content) VALUES('$title', '$content'")
47.         or die(mysql_error());
48.         echo "You have succussfully updated your website!";
49.    
50.     ?>
51.    
52.  
53. </html>