Untitled

<?php
    $dbusername = 'SET_UP_YOUR_OWN';
    $dbpassword = 'SET_YOUR_OWN_PASSWORD';
    $database   = 'CREATE_YOUR_OWN';
    $dbhost     = '10.0.0.102';
    //
    $connection = mysqli_connect("$dbhost", "$dbusername", "$dbpassword", "$database");
    //
    if (mysqli_connect_errno())
    {
        echo "Failed to connect: " . mysqli_connect_error() . "\n";
    }
    else
    {
        if (!empty($_POST))
        {
            // The rawurldecode undoes the llEscapeURL, BUT, it's already done automatically.
            // However, we've also got the problem of single-quote-marks in a SQL statement.
            // In SQL, the single-quote-mark is escaped by duplicating it (i.e., it escapes itself).
            //
            //$time           = str_replace("'", "''", rawurldecode($_POST['time']));
            //$uuid           = str_replace("'", "''", rawurldecode($_POST['uuid']));
            //$username       = str_replace("'", "''", rawurldecode($_POST['username']));
            //$displayname    = str_replace("'", "''", rawurldecode($_POST['displayname']));
            //$distance       = str_replace("'", "''", rawurldecode($_POST['distance']));
            //$direction      = str_replace("'", "''", rawurldecode($_POST['direction']));
            //$height         = str_replace("'", "''", rawurldecode($_POST['height']));
            //
            $time           = str_replace("'", "''", $_POST['time']);
            $uuid           = str_replace("'", "''", $_POST['uuid']);
            $username       = str_replace("'", "''", $_POST['username']);
            $displayname    = str_replace("'", "''", $_POST['displayname']);
            $distance       = str_replace("'", "''", $_POST['distance']);
            $direction      = str_replace("'", "''", $_POST['direction']);
            $height         = str_replace("'", "''", $_POST['height']);
            //
            $sql =  "INSERT INTO `vislog` (`time`,  `uuid`,  `username`,  `displayname`,  `distance`,  `direction`,  `height`) VALUES ('$time', '$uuid', '$username', '$displayname', '$distance', '$direction', '$height')";
            //
            $result = mysqli_query($connection, $sql);
            //
            if ($result)
            {
                echo "Fields added.\n";
            }
            else
            {
                echo "Error, issue with adding.\n";
            }
        }
        else
        {
            echo "A POST was not received.\n";
        }
    }
    mysqli_close($connection);
?>