I have an input form with a prepaired statement that should input into sql and print the input but all I get is a blank page with the input php address. Have i missed something?
<?php
session_start();
include("dbconfig.php");
$errorvar = "";
if (isset($_POST['submit'])) {
if (empty($_POST['Title']) || empty($_POST["Date"]) || empty($_POST["Country"]) || empty($_POST["bloguser"]) || empty($_POST["Blogentry"])) {
$errorvar = "You dun gooffed";
echo $errorvar;
} else {
//defining and injection protecting data
$title = mysqli_real_escape_string($conn, $_POST['Title']);
$date = mysqli_real_escape_string($conn, $_POST['Date']);
$country = mysqli_real_escape_string($conn, $_POST['Country']);
$bloguser = mysqli_real_escape_string($conn, $_POST['bloguser']);
$blogentry = mysqli_real_escape_string($conn, $_POST['Blogentry']);
$stmt = $conn->prepare("INSERT INTO blogs (BlogName,blogDate,country,bloguser,Blogdata) VALUES ('$title','$date','$country','$bloguser','$blogentry')");
$stmt->bind_param("sssss", $title, $date, $country, $bloguser, $blogentry);
$stmt->execute();
echo "New records created successfully";
printf("%d Row inserted.\n", $stmt->affected_rows);
$stmt->close();
$conn->close();
header("location:index.php");
}
}
?>
Aucun commentaire:
Enregistrer un commentaire