View difference between Paste ID: <a href="/rTB39p8m">rTB39p8m</a> and <a href="/CwL18my3">CwL18my3</a>

<!DOCTYPE html>
1		<!DOCTYPE html>
2		<html>
3		<head>
4		<title>Guest book</title>
5		</head>
6		<?php
7
8		if(isset($_POST['author'])) {
9		$author = htmlspecialchars($_POST['author']);
10		$email = htmlspecialchars($_POST['email']);
11		$message = htmlspecialchars($_POST['message']);
12		if(isset($_POST['author']) && isset($_POST['email']) && isset($_POST['message']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== false) {
13		try {
14		$conn = new PDO('mysql:host=localhost;dbname=guestbook', 'root', '1234');
15		$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
16		$insert = "INSERT INTO messages (author, email, message) VALUES ('$author', '$email', '$message')";
17		$conn->exec($insert);
18		$select = "SELECT * FROM messages ORDER BY id";
19		$num = 1;
20		foreach ($conn->query($select, PDO::FETCH_ASSOC)->fetchAll() as $row) {
21		echo $num++ . '<br>';
22		echo $row['author'] . '<br>';
23		echo '<a href="mailto:' . $row['email'] . '">' . $row['email'] . '</a>' . '<br>';
24		echo $row['message'] . '<br>';
25		echo '<a href="index.php?act=del&id=' . $row['id'] . '">Delete Message</a>' . '<hr>';
26		$id = $_GET['id'];
27
28
29		}
30		}
31		catch(PDOException $e) {
32		echo $e->getMessage();
33		}
34	-	else {
34	+
35		else {
36		echo 'Error while adding your message';
37		}
38		}
39
40		var_dump($_GET);
41		var_dump($_POST);
42		if($_GET['act'] == 'del' && is_numeric($_GET['id']) == true) {
43		$delete = "DELETE FROM messages WHERE id='$id'";
44		$conn->exec($delete);
45
46		} else {
47		echo 'Cannot delete ' . '<br>';
48		}
49		?>
50		<form id="form" action="index.php" method="post">
51		<span>Author: <input type="text" name="author" required></span>
52		<span>Email: <input type="text" name="email" required></span>
53		<span>Message: <input type="text" name="message" required></span>
54		<input type="submit">
55		</form>
56		</body>
57		</html>