I would use mysql to store the path of news saved with tinymce, but from the code post news save in folder and not insert into DB, the strange thing is i don't get any errors from mysql. here is my code, thanks and sorry form my bad english :D
<?php
/*
Configuration file
for write_post.php
*/
include ('config_db.php');
$query = "INSERT into news (path,count) values ('$qry', '1')";
$qry = NULL;
$cat= $_POST['cat'] . "/";
$newsTitel = isset($_POST['title']) ? $_POST['title'] : 'Untitled';
$submitDate = date('Y-m-d g:i:s A');
$newsContent = isset($_POST['newstext']) ? $_POST['newstext'] : 'No content';
$qry = $cat.$_POST['title'].".txt";
//$filename = date('YmdHis');
$filename = $newsTitel;
$f = fopen($cat . $filename.".txt","w+");
fwrite($f,$newsTitel."\n");
fwrite($f,$submitDate."\n");
fwrite($f,$newsContent."\n");
fclose($f);
//$post = $cat . $filename . ".txt";
if($mysqli->query($query)){
echo "<br/>";
echo "News inserita con successo!";
}else{
echo "<br/>";
echo "Errore\n" . $mysqli->error;
}
echo "<br/>";
// Try to echo $variable to check if is correct, and is ok but don't go into db
echo $qry;
?>
You are preparing the variable $query before preparing $qry. So try the following:
However, please note that you are neither using sprintf() with mysql_real_escape_string() not using mysqli variable replacement which are strongly recommended to avert database injection.
<?php
/*
Configuration file
for write_post.php
*/
include ('config_db.php');
$qry = NULL;
$cat= $_POST['cat'] . "/";
$newsTitel = isset($_POST['title']) ? $_POST['title'] : 'Untitled';
$submitDate = date('Y-m-d g:i:s A');
$newsContent = isset($_POST['newstext']) ? $_POST['newstext'] : 'No content';
$qry = $cat.$_POST['title'].".txt";
//$filename = date('YmdHis');
$filename = $newsTitel;
$f = fopen($cat . $filename.".txt","w+");
fwrite($f,$newsTitel."\n");
fwrite($f,$submitDate."\n");
fwrite($f,$newsContent."\n");
fclose($f);
//$post = $cat . $filename . ".txt";
// preparing query here
$query = "INSERT into news (path,count) values ('$qry', '1')";
if($mysqli->query($query)){
echo "<br/>";
echo "News inserita con successo!";
}else{
echo "<br/>";
echo "Errore\n" . $mysqli->error;
}
echo "<br/>";
// Try to echo $variable to check if is correct, and is ok but don't go into db
echo $qry;
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.