<?php session_start(); extract(@$_SESSION); include('mysql.php'); extract($_POST); require_once 'tools/HTMLPurifier.standalone.php'; if (@$editFlag != "1"){ $author = $userID; $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); $clean_html = $purifier->purify($userContent); $clean_html = mysqli_real_escape_string($link, $clean_html); $stmt = $link->prepare("INSERT INTO userContent (section, author, content) VALUES (?, ?, ?)"); $stmt->bind_param("iis", $section, $author, $clean_html); if ($stmt->execute() === TRUE) { } else { echo "Error: " . $sql . "<br>" . $link->error; } } ?>
You have javascript disabled. You will not be able to edit any code.