nedostatecna opravneni

"; include("footer.php"); die; } $viewingId=htmlspecialchars($_GET["id"]); header_remove(); $prefillName=""; $prefillContent=""; $prefillCredits=""; //if we are editing an already existing file, load its values if(! $viewingId == NULL) { // Prepare a select statement $sql = "SELECT credits, name, content FROM shanties WHERE id = ?"; if($stmt = mysqli_prepare($link, $sql)) { // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "s", $param_id); // Set parameters $param_id = $viewingId; // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)) { // Store result mysqli_stmt_store_result($stmt); // Check if entry exists, if yes then display if(mysqli_stmt_num_rows($stmt) == 1) { // Bind result variables mysqli_stmt_bind_result($stmt, $sqlPrefillCredits, $sqlPrefillName, $sqlPrefillContent); if(mysqli_stmt_fetch($stmt)) { $prefillCredits = $sqlPrefillCredits; $prefillName = $sqlPrefillName; $prefillContent = $sqlPrefillContent; } } else { // Article doesn't exist, display 404 http_response_code(404); header("location: /404.php"); die(); } } else { printf("Error: %s.\n", mysqli_stmt_error($stmt)); } // Close statement mysqli_stmt_close($stmt); } } // Processing form data when form is submitted if($_SERVER["REQUEST_METHOD"] == "POST") { // Prepare an insert statement if(! $_POST["viewingId"] == NULL) { $sql = "UPDATE shanties SET credits=?, name=?, content=? WHERE id = ".$_POST["viewingId"]; } else { $sql = "INSERT INTO shanties (credits, name, content) VALUES (?, ?, ?)"; } if($stmt = mysqli_prepare($link, $sql)) { // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "sss", $param_credits, $param_name, $param_content); // Set parameters $param_credits = $_POST["credits"]; $param_name = $_POST["name"]; $param_content = $_POST["content"]; // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)) { // Redirect to login page header("location: /index.php"); } else { // Close statement mysqli_stmt_close($stmt); } } } ?>

nedostatecna opravneni

NAPSAT PÍSNIČKU