c3lf-system-3/action.php

<?php
/**
 * Created by PhpStorm.
 * User: jedi
 * Date: 12/27/18
 * Time: 6:52 AM
 */

include "backend.php";

function hasval($var){
    return isset($var) && !empty($var);
}

switch($_GET["action"]) {
    case "insert":
        if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])) {
            /* Prepared statement, stage 1: prepare */
            if (!($stmt = $mysqli->prepare("INSERT INTO items(was, wann, wo) VALUES (?, ?, ?)"))) {
                echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
            }
            if (!$stmt->bind_param("sss", $_POST["was"], $_POST["wann"], $_POST["wo"])) {
                echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
            }
            if (!$stmt->execute()) {
                echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
            }
        }

        break;
    case "lost":
        if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) {
            /* Prepared statement, stage 1: prepare */
            if (!($stmt = $mysqli->prepare("INSERT INTO lost(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) {
                echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
            }
            if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) {
                echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
            }
            if (!$stmt->execute()) {
                echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
            }
        }
        break;
    case "tinder":
        if (hasval($_POST["lost"]) && hasval($_POST["found"])) {
            /* Prepared statement, stage 1: prepare */
            if (!($stmt = $mysqli->prepare("INSERT INTO matches(l_id, f_id) VALUES (?, ?)"))) {
                echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
            }
            if (!$stmt->bind_param("ii", $_POST["lost"], $_POST["found"])) {
                echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
            }
            if (!$stmt->execute()) {
                echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
            }
        }
        break;
}
header('Location: '.$_SERVER['HTTP_REFERER']);

?>