Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
H
HCI-JJ-News
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
jonathan.poalses
HCI-JJ-News
Commits
52720f35
Commit
52720f35
authored
Jan 07, 2023
by
Jonathan Poalses
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Actually fixed the php bug
parent
010c0734
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
37 additions
and
31 deletions
+37
-31
clean.php
htdocs/assets/php/clean.php
+18
-15
cluttered.php
htdocs/assets/php/cluttered.php
+19
-16
thanks.html
htdocs/assets/thanks.html
+0
-0
No files found.
htdocs/assets/php/clean.php
View file @
52720f35
...
...
@@ -17,37 +17,40 @@ if ( $link === false ) {
if
(
isset
(
$_POST
[
"submit"
]
)
)
{
// Prepare a select statement
$sql
=
"INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
;
$sql
=
"INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
, ?
)"
;
if
(
$stmt
=
mysqli_prepare
(
$link
,
$sql
)
)
{
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param
(
$stmt
,
"iiiiiiiiiiiii
"
,
$Clean
,
$Story1
,
$Story2
,
$Story3
,
$Story4
,
$Story5
,
$Story6
,
$Story7
,
$Story8
,
$Story9
,
$Story10
,
$Story11
,
$Story12
);
mysqli_stmt_bind_param
(
$stmt
,
"iiiiiiiiiiiii
i"
,
$ID
,
$Clean
,
$Story1
,
$Story2
,
$Story3
,
$Story4
,
$Story5
,
$Story6
,
$Story7
,
$Story8
,
$Story9
,
$Story10
,
$Story11
,
$Story12
);
//Retrive all the data, making sure to trim and filter
$ID
=
0
;
$Clean
=
1
;
$Story1
=
filter_var
(
trim
(
$_POST
[
"
S
tory1"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story2
=
filter_var
(
trim
(
$_POST
[
"
S
tory2"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story3
=
filter_var
(
trim
(
$_POST
[
"
S
tory3"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story4
=
filter_var
(
trim
(
$_POST
[
"
S
tory4"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story5
=
filter_var
(
trim
(
$_POST
[
"
S
tory5"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story6
=
filter_var
(
trim
(
$_POST
[
"
S
tory6"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story7
=
filter_var
(
trim
(
$_POST
[
"
S
tory7"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story8
=
filter_var
(
trim
(
$_POST
[
"
S
tory8"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story9
=
filter_var
(
trim
(
$_POST
[
"
S
tory9"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story10
=
filter_var
(
trim
(
$_POST
[
"
S
tory10"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story11
=
filter_var
(
trim
(
$_POST
[
"
S
tory11"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story12
=
filter_var
(
trim
(
$_POST
[
"
S
tory12"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story1
=
filter_var
(
trim
(
$_POST
[
"
s
tory1"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story2
=
filter_var
(
trim
(
$_POST
[
"
s
tory2"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story3
=
filter_var
(
trim
(
$_POST
[
"
s
tory3"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story4
=
filter_var
(
trim
(
$_POST
[
"
s
tory4"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story5
=
filter_var
(
trim
(
$_POST
[
"
s
tory5"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story6
=
filter_var
(
trim
(
$_POST
[
"
s
tory6"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story7
=
filter_var
(
trim
(
$_POST
[
"
s
tory7"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story8
=
filter_var
(
trim
(
$_POST
[
"
s
tory8"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story9
=
filter_var
(
trim
(
$_POST
[
"
s
tory9"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story10
=
filter_var
(
trim
(
$_POST
[
"
s
tory10"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story11
=
filter_var
(
trim
(
$_POST
[
"
s
tory11"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story12
=
filter_var
(
trim
(
$_POST
[
"
s
tory12"
]
),
FILTER_SANITIZE_NUMBER_INT
);
// Attempt to execute the prepared statement
if
(
mysqli_stmt_execute
(
$stmt
)
)
{
// Redirect to main menu
header
(
"location: ../thanks.html"
);
header
(
"location: ../
../
thanks.html"
);
}
else
{
echo
"ERROR: Could not execute
$sql
. "
.
mysqli_error
(
$link
);
}
}
else
{
echo
"ERROR: Could not statement
$sql
. "
.
mysqli_error
(
$link
);
}
// Close statement
...
...
htdocs/assets/php/cluttered.php
View file @
52720f35
...
...
@@ -17,38 +17,41 @@ if ( $link === false ) {
if
(
isset
(
$_POST
[
"submit"
]
)
)
{
// Prepare a select statement
$sql
=
"INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
;
$sql
=
"INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
, ?
)"
;
if
(
$stmt
=
mysqli_prepare
(
$link
,
$sql
)
)
{
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param
(
$stmt
,
"iiiiiiiiiiiii
"
,
$Clean
,
$Story1
,
$Story2
,
$Story3
,
$Story4
,
$Story5
,
$Story6
,
$Story7
,
$Story8
,
$Story9
,
$Story10
,
$Story11
,
$Story12
);
mysqli_stmt_bind_param
(
$stmt
,
"iiiiiiiiiiiii
i"
,
$ID
,
$Clean
,
$Story1
,
$Story2
,
$Story3
,
$Story4
,
$Story5
,
$Story6
,
$Story7
,
$Story8
,
$Story9
,
$Story10
,
$Story11
,
$Story12
);
//Retrive all the data, making sure to trim and filter
$ID
=
0
;
$Clean
=
0
;
$Story1
=
filter_var
(
trim
(
$_POST
[
"
S
tory1"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story2
=
filter_var
(
trim
(
$_POST
[
"
S
tory2"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story3
=
filter_var
(
trim
(
$_POST
[
"
S
tory3"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story4
=
filter_var
(
trim
(
$_POST
[
"
S
tory4"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story5
=
filter_var
(
trim
(
$_POST
[
"
S
tory5"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story6
=
filter_var
(
trim
(
$_POST
[
"
S
tory6"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story7
=
filter_var
(
trim
(
$_POST
[
"
S
tory7"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story8
=
filter_var
(
trim
(
$_POST
[
"
S
tory8"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story9
=
filter_var
(
trim
(
$_POST
[
"
S
tory9"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story10
=
filter_var
(
trim
(
$_POST
[
"
S
tory10"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story11
=
filter_var
(
trim
(
$_POST
[
"
S
tory11"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story12
=
filter_var
(
trim
(
$_POST
[
"
S
tory12"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story1
=
filter_var
(
trim
(
$_POST
[
"
s
tory1"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story2
=
filter_var
(
trim
(
$_POST
[
"
s
tory2"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story3
=
filter_var
(
trim
(
$_POST
[
"
s
tory3"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story4
=
filter_var
(
trim
(
$_POST
[
"
s
tory4"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story5
=
filter_var
(
trim
(
$_POST
[
"
s
tory5"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story6
=
filter_var
(
trim
(
$_POST
[
"
s
tory6"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story7
=
filter_var
(
trim
(
$_POST
[
"
s
tory7"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story8
=
filter_var
(
trim
(
$_POST
[
"
s
tory8"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story9
=
filter_var
(
trim
(
$_POST
[
"
s
tory9"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story10
=
filter_var
(
trim
(
$_POST
[
"
s
tory10"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story11
=
filter_var
(
trim
(
$_POST
[
"
s
tory11"
]
),
FILTER_SANITIZE_NUMBER_INT
);
$Story12
=
filter_var
(
trim
(
$_POST
[
"
s
tory12"
]
),
FILTER_SANITIZE_NUMBER_INT
);
// Attempt to execute the prepared statement
if
(
mysqli_stmt_execute
(
$stmt
)
)
{
// Redirect to main menu
header
(
"location: ../thanks.html"
);
header
(
"location: ../
../
thanks.html"
);
}
else
{
echo
"ERROR: Could not execute
$sql
. "
.
mysqli_error
(
$link
);
}
}
}
else
{
echo
"ERROR: Could not statement
$sql
. "
.
mysqli_error
(
$link
);
}
// Close statement
mysqli_stmt_close
(
$stmt
);
...
...
htdocs/thanks.html
→
htdocs/
assets/
thanks.html
View file @
52720f35
File moved
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
