moodblog/write/post.php

<?php
include("../templates/header.php");
include("../config.php");
require("../creds.php");

$go_back = "<br/><a class='button options' href='".$root."'>go back!</a>";
?>
<div class='window'>
	<div class='window-bar'>
		<span>post results</span>
	</div>
	<div class='window-content'>
<?php
if(isset($_POST['articlebody'])) {
	if($_POST['password'] == "yeppers") {
		$title = mysqli_real_escape_string($mysqli, $_POST['title']);
		$mood = mysqli_real_escape_string($mysqli, $_POST['mood']);
		$moodimage = mysqli_real_escape_string($mysqli, $_POST['moodimage']);
		$song = mysqli_real_escape_string($mysqli, $_POST['tunes']);
		$articlebody = mysqli_real_escape_string($mysqli, $_POST['articlebody']);

		$mysqli->query("INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES('".$title."', '".$mood."', '".$moodimage."', '".$song."', '".$articlebody."')");
		#$mysqli->query('INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES("title test", "mood", "what-a-night.png", "music", "styles!")');
		#$mysqli->query('INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES("'.$title.'", "'.$mood.'", "what-a-night.png", "music", "styles!")');

		echo "success".$go_back;
		header("Location: ".$root);
		exit();
	}
	echo "<p>".$_POST['password']."</p>";
	die("wrong password".$go_back);
}
die("no POST".$go_back);
?>
	</div>
</div>
<?php include("../templates/footer.php"); ?>
Add Files 2022-11-17 18:23:43 +00:00			`<?php`
			`include("../templates/header.php");`
			`include("../config.php");`
			`require("../creds.php");`

			`$go_back = "<br/><a class='button options' href='".$root."'>go back!</a>";`
			`?>`
			`<div class='window'>`
			`<div class='window-bar'>`
			`<span>post results</span>`
			`</div>`
			`<div class='window-content'>`
			`<?php`
			`if(isset($_POST['articlebody'])) {`
			`if($_POST['password'] == "yeppers") {`
			`$title = mysqli_real_escape_string($mysqli, $_POST['title']);`
			`$mood = mysqli_real_escape_string($mysqli, $_POST['mood']);`
			`$moodimage = mysqli_real_escape_string($mysqli, $_POST['moodimage']);`
			`$song = mysqli_real_escape_string($mysqli, $_POST['tunes']);`
			`$articlebody = mysqli_real_escape_string($mysqli, $_POST['articlebody']);`

			`$mysqli->query("INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES('".$title."', '".$mood."', '".$moodimage."', '".$song."', '".$articlebody."')");`
			`#$mysqli->query('INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES("title test", "mood", "what-a-night.png", "music", "styles!")');`
			`#$mysqli->query('INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES("'.$title.'", "'.$mood.'", "what-a-night.png", "music", "styles!")');`

			`echo "success".$go_back;`
			`header("Location: ".$root);`
			`exit();`
			`}`
			`echo "<p>".$_POST['password']."</p>";`
			`die("wrong password".$go_back);`
			`}`
			`die("no POST".$go_back);`
			`?>`
			`</div>`
			`</div>`
			`<?php include("../templates/footer.php"); ?>`