Commit 52720f35 authored by Jonathan Poalses's avatar Jonathan Poalses

Actually fixed the php bug

parent 010c0734
...@@ -17,37 +17,40 @@ if ( $link === false ) { ...@@ -17,37 +17,40 @@ if ( $link === false ) {
if (isset( $_POST[ "submit" ] ) ) { if (isset( $_POST[ "submit" ] ) ) {
// Prepare a select statement // Prepare a select statement
$sql = "INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; $sql = "INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if ( $stmt = mysqli_prepare( $link, $sql ) ) { if ( $stmt = mysqli_prepare( $link, $sql ) ) {
// Bind variables to the prepared statement as parameters // Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param( $stmt, "iiiiiiiiiiiii", $Clean, $Story1, $Story2, $Story3, $Story4, $Story5, $Story6, $Story7, $Story8, $Story9, $Story10, $Story11, $Story12 ); mysqli_stmt_bind_param( $stmt, "iiiiiiiiiiiiii", $ID, $Clean, $Story1, $Story2, $Story3, $Story4, $Story5, $Story6, $Story7, $Story8, $Story9, $Story10, $Story11, $Story12 );
//Retrive all the data, making sure to trim and filter //Retrive all the data, making sure to trim and filter
$ID = 0;
$Clean = 1; $Clean = 1;
$Story1 = filter_var( trim( $_POST[ "Story1" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story1 = filter_var( trim( $_POST[ "story1" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story2 = filter_var( trim( $_POST[ "Story2" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story2 = filter_var( trim( $_POST[ "story2" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story3 = filter_var( trim( $_POST[ "Story3" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story3 = filter_var( trim( $_POST[ "story3" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story4 = filter_var( trim( $_POST[ "Story4" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story4 = filter_var( trim( $_POST[ "story4" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story5 = filter_var( trim( $_POST[ "Story5" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story5 = filter_var( trim( $_POST[ "story5" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story6 = filter_var( trim( $_POST[ "Story6" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story6 = filter_var( trim( $_POST[ "story6" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story7 = filter_var( trim( $_POST[ "Story7" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story7 = filter_var( trim( $_POST[ "story7" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story8 = filter_var( trim( $_POST[ "Story8" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story8 = filter_var( trim( $_POST[ "story8" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story9 = filter_var( trim( $_POST[ "Story9" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story9 = filter_var( trim( $_POST[ "story9" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story10 = filter_var( trim( $_POST[ "Story10" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story10 = filter_var( trim( $_POST[ "story10" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story11 = filter_var( trim( $_POST[ "Story11" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story11 = filter_var( trim( $_POST[ "story11" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story12 = filter_var( trim( $_POST[ "Story12" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story12 = filter_var( trim( $_POST[ "story12" ] ), FILTER_SANITIZE_NUMBER_INT );
// Attempt to execute the prepared statement // Attempt to execute the prepared statement
if ( mysqli_stmt_execute( $stmt ) ) { if ( mysqli_stmt_execute( $stmt ) ) {
// Redirect to main menu // Redirect to main menu
header("location: ../thanks.html"); header("location: ../../thanks.html");
} else { } else {
echo "ERROR: Could not execute $sql. " . mysqli_error( $link ); echo "ERROR: Could not execute $sql. " . mysqli_error( $link );
} }
} else {
echo "ERROR: Could not statement $sql. " . mysqli_error( $link );
} }
// Close statement // Close statement
......
...@@ -17,37 +17,40 @@ if ( $link === false ) { ...@@ -17,37 +17,40 @@ if ( $link === false ) {
if (isset( $_POST[ "submit" ] ) ) { if (isset( $_POST[ "submit" ] ) ) {
// Prepare a select statement // Prepare a select statement
$sql = "INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; $sql = "INSERT INTO HCI VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if ( $stmt = mysqli_prepare( $link, $sql ) ) { if ( $stmt = mysqli_prepare( $link, $sql ) ) {
// Bind variables to the prepared statement as parameters // Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param( $stmt, "iiiiiiiiiiiii", $Clean, $Story1, $Story2, $Story3, $Story4, $Story5, $Story6, $Story7, $Story8, $Story9, $Story10, $Story11, $Story12 ); mysqli_stmt_bind_param( $stmt, "iiiiiiiiiiiiii", $ID, $Clean, $Story1, $Story2, $Story3, $Story4, $Story5, $Story6, $Story7, $Story8, $Story9, $Story10, $Story11, $Story12 );
//Retrive all the data, making sure to trim and filter //Retrive all the data, making sure to trim and filter
$ID = 0;
$Clean = 0; $Clean = 0;
$Story1 = filter_var( trim( $_POST[ "Story1" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story1 = filter_var( trim( $_POST[ "story1" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story2 = filter_var( trim( $_POST[ "Story2" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story2 = filter_var( trim( $_POST[ "story2" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story3 = filter_var( trim( $_POST[ "Story3" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story3 = filter_var( trim( $_POST[ "story3" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story4 = filter_var( trim( $_POST[ "Story4" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story4 = filter_var( trim( $_POST[ "story4" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story5 = filter_var( trim( $_POST[ "Story5" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story5 = filter_var( trim( $_POST[ "story5" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story6 = filter_var( trim( $_POST[ "Story6" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story6 = filter_var( trim( $_POST[ "story6" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story7 = filter_var( trim( $_POST[ "Story7" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story7 = filter_var( trim( $_POST[ "story7" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story8 = filter_var( trim( $_POST[ "Story8" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story8 = filter_var( trim( $_POST[ "story8" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story9 = filter_var( trim( $_POST[ "Story9" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story9 = filter_var( trim( $_POST[ "story9" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story10 = filter_var( trim( $_POST[ "Story10" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story10 = filter_var( trim( $_POST[ "story10" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story11 = filter_var( trim( $_POST[ "Story11" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story11 = filter_var( trim( $_POST[ "story11" ] ), FILTER_SANITIZE_NUMBER_INT );
$Story12 = filter_var( trim( $_POST[ "Story12" ] ), FILTER_SANITIZE_NUMBER_INT ); $Story12 = filter_var( trim( $_POST[ "story12" ] ), FILTER_SANITIZE_NUMBER_INT );
// Attempt to execute the prepared statement // Attempt to execute the prepared statement
if ( mysqli_stmt_execute( $stmt ) ) { if ( mysqli_stmt_execute( $stmt ) ) {
// Redirect to main menu // Redirect to main menu
header("location: ../thanks.html"); header("location: ../../thanks.html");
} else { } else {
echo "ERROR: Could not execute $sql. " . mysqli_error( $link ); echo "ERROR: Could not execute $sql. " . mysqli_error( $link );
} }
} else {
echo "ERROR: Could not statement $sql. " . mysqli_error( $link );
} }
// Close statement // Close statement
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment