Code: Select all
<?php
session_start();
if(!isset($_SESSION['adminctrl'])){
header('Location: admin.php'); die('<a href="admin.php">Login first!</a>');
}
$access = mysql_connect("*******", "*******", "*******") or die(mysql_error());
mysql_select_db('Support', $access) or die(mysql_error());
$error = array();
if(isset($_POST['message'])) {
$result = @mysql_query('SELECT message FROM `message` WHERE message = \''.mysql_real_escape_string($_POST['message']).'\'');
if($row = @mysql_fetch_row($result)) {
array_push($error, 'already in the Database. Please write a another.');
}
$header = ($_POST['header']);
$message = ($_POST['message']);
@mysql_query("INSERT INTO `message` (header, message) VALUES ($header, $message)");
if(!$error) {
echo"Update was successful.";
}
}
?>
<form method="post" action="update_notif.php">
Header:<br/>
<input type="text" name="header" />
<br/>Message<br/>
<textarea rows="8" name="message" cols="30">
</textarea>
<br/>
<input type="submit" name="submit" value="Update!" />
</form>