create_cat.php

1. <?php
2. //create_cat.php
3. include 'connect.php';
4. include 'header.php';
5.  
6. if($_SERVER['REQUEST_METHOD'] != 'POST')
7. {
8.     //the form hasn't been posted yet, display it
9.     echo "<form method='post' action=''>
10.        Category name: <input type='text' name='cat_name' />
11.        Category description: <textarea name='cat_description' /></textarea>
12.        <input type='submit' value='Add category' />
13.     </form>";
14. }
15. else
16. {
17.     //the form has been posted, so save it
18.     $sql = "INSERT INTO categories (cat_name, cat_description) VALUES ('mysqli_real_escape_string($connected, $_POST['cat_name'])', 'mysqli_real_escape_string($connected, $_POST['cat_description'])')";
19.     $statement = $connected->prepare($sql);
20.     $statement->execute();
21.     $result = mysqli_query($connected, $sql);
22.     if(!$result)
23.     {
24.         //something went wrong, display the error
25.         echo 'Error' . mysqli_error($connected);
26.     }
27.     else
28.     {
29.         echo 'New category successfully added.';
30.     }
31. }
32. ?>