3v4l.org

run code in 300+ PHP versions simultaneously
<?php session_start(); // some sort of user authorization should go here. if (isset($_POST['userContent'])) { // see https://gist.github.com/adrian-enspired/2e03b01fcfff54151864 require 'pdo.php'; require_once 'tools/HTMLPurifier.standalone.php'; $purifier = new HTMLPurifier(HTMLPurifier_Config::createDefault()); $data = [ 'section' => $section, 'author' => $_SESSION['userId'], 'content' => $purifier->purify($_POST['userContent']) ]; if (isset($_POST['id'])) { $data['contentID'] = $_POST['id']; // i'd question why you're updating the author. is it potentially being changed? same goes for $section. $stmt = $db->prepare("UPDATE userContent SET section=:section, author=:author, content=:content WHERE id=:contentID"); $stmt->execute($data); } else { $stmt = $db->prepare("INSERT INTO userContent (section, author, content) VALUES (:section, :author, :content)"); $stmt->execute($data); } }

preferences:
43.42 ms | 402 KiB | 5 Q