-
Notifications
You must be signed in to change notification settings - Fork 0
/
bundle_audio_validation.php
49 lines (43 loc) · 1.4 KB
/
bundle_audio_validation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<?php
session_start();
?>
<?php
require_once("includes/db_con.php");
require_once("functions/ep_function.php");
if (isset($_POST['submit']))
{
//escape variables for security reasons
$bundle_name = $mysqli->real_escape_string($_POST['bundle_name']);
$description = $mysqli->real_escape_string($_POST['description']);
$genre = $mysqli->real_escape_string( $_POST['genre']);
$producer = $mysqli->real_escape_string($_POST['producer']);
$price = $mysqli->real_escape_string($_POST['price']);
$discount = $mysqli->real_escape_string($_POST['discount']);
$discount_placement = $mysqli->real_escape_string($_POST['discount_placement']);
$release_date = $mysqli->real_escape_string($_POST['release_date']);
$copy = $mysqli->real_escape_string($_POST['copyright']);
//bundle name, genre and price must be given are required
if(isset($bundle_name) && isset($genre) && isset($price))
{
$query ='CALL bundle_add("'.
$bundle_name . '","' .
$description . '","' .
$genre . '","' .
$producer . '","' .
$price . '","' .
$discount . '","' .
$discount_placement . '","' .
$release_date . '","' .
$copy . '"' .
')';
$result = $mysqli->query($query);
if ($mysqli->error)
{
printf("Errormessage: %s\n", $mysqli->error);
}
else
{
}
}
}
?>