<?php session_start(); include('mysql.php'); $editFlag = $_POST['editFlag'] ?? false; $section = 1; require_once 'tools/HTMLPurifier.standalone.php'; $stmt = $link->prepare("INSERT INTO userContent (section, author, content) VALUES (?, ?, ?)"); if ($editFlag != "1"){ $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); $clean_html = $purifier->purify($_POST['userContent']); $stmt->bind_param("iis", $section, $_SESSION['userID'], $clean_html); if ($stmt->execute() === TRUE) { echo '<center>Your content was added.</center>'; } else { echo "Error: " . $sql . "<br>" . $link->error; } } else { $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); $clean_html = $purifier->purify($_POST['userContent']); $stmt->bind_param("iis", $section, $_SESSION['userID'], $clean_html); if ($stmt->execute() === TRUE) { } else { echo "Error: " . $sql . "<br>" . $link->error; } } ?>
You have javascript disabled. You will not be able to edit any code.