Home › Forums › Back End › Try out my first PHP web app! › Reply To: Try out my first PHP web app!
August 25, 2014 at 7:49 am
#180495
__
Participant
// first, use placeholders in your SQL
$sql = "INSERT INTO forum ( post,post_title,post_date,posted_by ) VALUES ( ?,?,?,? )";
// prepare a statement from your sql
$stmt = mysqli_prepare( $con,$sql );
// bind parameters to your placeholders (make sure they're in the correct order)
mysqli_stmt_bind_param(
$stmt,
'ssss',
$_POST['posting'],
$_POST['title'],
$_SESSION['currentUser'],
date( 'M-d-y' )
);
// execute the statement
$success = mysqli_stmt_execute( $stmt );
if( $success ){ /* it worked */ }
else{ /* there was an error */ }