c3lf-system-3/action.php

<?php
/**
 * Created by PhpStorm.
 * User: jedi
 * Date: 12/27/18
 * Time: 6:52 AM
 */

include "backend.php";

function hasval($var){
    return isset($var) && !empty($var);
}

switch($_GET["action"]) {
    case "insert":
        if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])) {
            /* Prepared statement, stage 1: prepare */
            if (!($stmt = $mysqli->prepare("INSERT INTO items(was, wann, wo) VALUES (?, ?, ?)"))) {
                echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
            }
            if (!$stmt->bind_param("sss", $_POST["was"], $_POST["wann"], $_POST["wo"])) {
                echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
            }
            if (!$stmt->execute()) {
                echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
            }
        }

        break;
    case "lost":
        if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) {
            /* Prepared statement, stage 1: prepare */
            if (!($stmt = $mysqli->prepare("INSERT INTO lost(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) {
                echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
            }
            if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) {
                echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
            }
            if (!$stmt->execute()) {
                echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
            }
        }
        break;
    case "tinder":
        if (hasval($_POST["lost"]) && hasval($_POST["found"])) {
            /* Prepared statement, stage 1: prepare */
            if (!($stmt = $mysqli->prepare("INSERT INTO matches(l_id, f_id) VALUES (?, ?)"))) {
                echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
            }
            if (!$stmt->bind_param("ii", $_POST["lost"], $_POST["found"])) {
                echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
            }
            if (!$stmt->execute()) {
                echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
            }
        }
        break;
}
header('Location: '.$_SERVER['HTTP_REFERER']);

?>
TAG 0 2018-12-27 07:27:47 +00:00			`<?php`
			`/**`
			`* Created by PhpStorm.`
			`* User: jedi`
			`* Date: 12/27/18`
			`* Time: 6:52 AM`
			`*/`

			`include "backend.php";`

			`function hasval($var){`
			`return isset($var) && !empty($var);`
			`}`

			`switch($_GET["action"]) {`
			`case "insert":`
			`if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])) {`
			`/* Prepared statement, stage 1: prepare */`
			`if (!($stmt = $mysqli->prepare("INSERT INTO items(was, wann, wo) VALUES (?, ?, ?)"))) {`
			`echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;`
			`}`
			`if (!$stmt->bind_param("sss", $_POST["was"], $_POST["wann"], $_POST["wo"])) {`
			`echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;`
			`}`
			`if (!$stmt->execute()) {`
			`echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;`
			`}`
			`}`

			`break;`
			`case "lost":`
			`if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) {`
			`/* Prepared statement, stage 1: prepare */`
			`if (!($stmt = $mysqli->prepare("INSERT INTO lost(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) {`
			`echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;`
			`}`
			`if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) {`
			`echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;`
			`}`
			`if (!$stmt->execute()) {`
			`echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;`
			`}`
			`}`
			`break;`
minor improvements 2018-12-27 18:51:29 +00:00			`case "tinder":`
			`if (hasval($_POST["lost"]) && hasval($_POST["found"])) {`
			`/* Prepared statement, stage 1: prepare */`
			`if (!($stmt = $mysqli->prepare("INSERT INTO matches(l_id, f_id) VALUES (?, ?)"))) {`
			`echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;`
			`}`
			`if (!$stmt->bind_param("ii", $_POST["lost"], $_POST["found"])) {`
			`echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;`
			`}`
			`if (!$stmt->execute()) {`
			`echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;`
			`}`
			`}`
			`break;`
TAG 0 2018-12-27 07:27:47 +00:00			`}`
			`header('Location: '.$_SERVER['HTTP_REFERER']);`

			`?>`