Show sourcecode
The following files exists in this folder. Click to view.
add-article.php
aside.php
blokket-default.php
data/
initiate.php
remove-article.php
show-all-articles.php
show-article.php
update-article.php
update-article_backup.php
add-article.php
1 lines ASCII Unix (LF)
<?php
$db = new PDO("sqlite:incl/blokket2/data/ads");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING); // Display errors, but continue script.
$path = "incl/blokket/data";
$added = null;
$listitems = null;
if(isset($_POST['doAdd']))
{
if(isset($_POST['article-name']))
{
$title = strip_tags($_POST['article-name'], "<p><strong><emphasis><i><b>");
$stmt = $db->prepare("INSERT INTO Ads (title) VALUES (?)");
$stmt->bindParam(1, $title, PDO::PARAM_STR);
$stmt->execute();
$added = true;
}
}
?>
<h1>Add article</h1>
<fieldset>
<form>
<p><label for="article-selection">Available articles:</label><br>
<select id="article-selection" size=4 name="article-list">
<?php
$stmt = $db->prepare('SELECT * FROM Ads;');
$stmt->execute();
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as $row)
{
$listitems .= "<option value='" . $row['title'] . "'>" . $row['title'] . "</option>";
}
echo $listitems;
?>
</select>
</p>
</form>
<form method="post">
<p><input type="text" name="article-name"><br>
<p><input type="submit" name="doAdd" value="Add article"></p>
</form>
<?php
if(isset($added))
{
if ($added == true)
echo "<p class='success'>The article was added.</p>";
else if ($added == false)
echo "<p class='error'>The article was not added. " . $message . "</p>";
}
?>
</fieldset>