<?php session_start(); include('pdo.php'); $editFlag = $_POST['editFlag'] ?? false; $contentID = $_POST['id'] ?? false; $section = 1; require_once 'tools/HTMLPurifier.standalone.php'; $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); $clean_html = $purifier->purify($_POST['userContent']); if ($editFlag != "1"){ $stmt = $db->prepare("INSERT INTO userContent (section, author, content) VALUES (:section, :author, :content)"); $stmt->bindValue(':section', $section, PDO::PARAM_INT); $stmt->bindValue(':author', $_SESSION['userID'], PDO::PARAM_INT); $stmt->bindValue(':content', $clean_html, PDO::PARAM_STR); $stmt->execute(); } else { $stmt = $db->prepare("UPDATE userContent SET section=:section, author=:author, content=:content WHERE id=:contentID"); $stmt->bindValue(':section', $section, PDO::PARAM_INT); $stmt->bindValue(':author', $_SESSION['userID'], PDO::PARAM_INT); $stmt->bindValue(':content', $clean_html, PDO::PARAM_STR); $stmt->bindValue(':contentID', $contentID, PDO::PARAM_INT); $stmt->execute(); } ?>
You have javascript disabled. You will not be able to edit any code.