beenull/wiby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add files via upload

Browse source
This commit is contained in:
wibyweb 2022-08-10 02:21:13 -04:00 committed by GitHub
parent 5e5aa51984
commit 82be92a4ce
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
html/insert/insert.php
View file

@ -41,39 +41,39 @@
exit();
}
// $url = mysqli_real_escape_string($link, $_POST['url']);
$url = str_replace("\'", "\'\'", $_POST['url']);
$url = str_replace("\"", "\"\"", $url);
// $title = mysqli_real_escape_string($link, $_POST['title']);
$title = str_replace("\'", "\'\'", $_POST['title']);
$title = str_replace("\"", "\"\"", $title);
// $tags = mysqli_real_escape_string($link, $_POST['tags']);
$tags = str_replace("\'", "\'\'", $_POST['tags']);
$tags = str_replace("\"", "\"\"", $tags);
// $description = mysqli_real_escape_string($link, $_POST['description']);
$description = str_replace("\'", "\'\'", $_POST['description']);
$description = str_replace("\"", "\"\"", $description);
// $body = mysqli_real_escape_string($link, $_POST['body']);
$body = str_replace("\'", "\'\'", $_POST['body']);
$body = str_replace("\"", "\"\"", $body);
// $http = mysqli_real_escape_string($link, $_POST['http']);
$http = str_replace("\'", "\'\'", $_POST['http']);
$http = str_replace("\"", "\"\"", $http);
// $surprise = mysqli_real_escape_string($link, $_POST['surprise']);
$surprise = str_replace("\'", "\'\'", $_POST['surprise']);
$surprise = str_replace("\"", "\"\"", $surprise);
// $worksafe = mysqli_real_escape_string($link, $_POST['worksafe']);
$worksafe = str_replace("\'", "\'\'", $_POST['worksafe']);
$worksafe = str_replace("\"", "\"\"", $worksafe);
// $enable = mysqli_real_escape_string($link, $_POST['enable']);
$enable = str_replace("\'", "\'\'", $_POST['enable']);
$enable = str_replace("\"", "\"\"", $enable);
// $updatable = mysqli_real_escape_string($link, $_POST['updatable']);
$updatable = str_replace("\'", "\'\'", $_POST['updatable']);
$updatable = str_replace("\"", "\"\"", $updatable);
$url = mysqli_real_escape_string($link, $_POST['url']);
// $url = str_replace("\'", "\'\'", $_POST['url']);
// $url = str_replace("\"", "\"\"", $url);
$title = mysqli_real_escape_string($link, $_POST['title']);
// $title = str_replace("\'", "\'\'", $_POST['title']);
// $title = str_replace("\"", "\"\"", $title);
$tags = mysqli_real_escape_string($link, $_POST['tags']);
// $tags = str_replace("\'", "\'\'", $_POST['tags']);
// $tags = str_replace("\"", "\"\"", $tags);
$description = mysqli_real_escape_string($link, $_POST['description']);
// $description = str_replace("\'", "\'\'", $_POST['description']);
// $description = str_replace("\"", "\"\"", $description);
$body = mysqli_real_escape_string($link, $_POST['body']);
// $body = str_replace("\'", "\'\'", $_POST['body']);
// $body = str_replace("\"", "\"\"", $body);
$http = mysqli_real_escape_string($link, $_POST['http']);
// $http = str_replace("\'", "\'\'", $_POST['http']);
// $http = str_replace("\"", "\"\"", $http);
$surprise = mysqli_real_escape_string($link, $_POST['surprise']);
// $surprise = str_replace("\'", "\'\'", $_POST['surprise']);
// $surprise = str_replace("\"", "\"\"", $surprise);
$worksafe = mysqli_real_escape_string($link, $_POST['worksafe']);
// $worksafe = str_replace("\'", "\'\'", $_POST['worksafe']);
// $worksafe = str_replace("\"", "\"\"", $worksafe);
$enable = mysqli_real_escape_string($link, $_POST['enable']);
// $enable = str_replace("\'", "\'\'", $_POST['enable']);
// $enable = str_replace("\"", "\"\"", $enable);
$updatable = mysqli_real_escape_string($link, $_POST['updatable']);
// $updatable = str_replace("\'", "\'\'", $_POST['updatable']);
// $updatable = str_replace("\"", "\"\"", $updatable);
$sql = 'INSERT INTO windex (url,title,tags,description,body,http,surprise,worksafe,enable,updatable,approver)
VALUES ("'.$url.'","'.$title.'","'.$tags.'","'.$description.'","'.$body.'","'.$http.'","'.$surprise.'","'.$worksafe.'","'.$enable.'","'.$updatable.'","'.$_SESSION["user"].'")';
$sql = "INSERT INTO windex (url,title,tags,description,body,http,surprise,worksafe,enable,updatable,approver)
VALUES ('".$url."','".$title."','".$tags."','".$description."','".$body."','".$http."','".$surprise."','".$worksafe."','".$enable."','".$updatable."','".$_SESSION["user"]."')";
if (!mysqli_query($link, $sql))