Postingan lainnya
Warning: mysqli::real_escape_string(): Couldn't fetch mysqli GIMANA ya ini?
<!-- Contact Section -->
<section id="contact">
<div class="container">
<h2 class="text-center">Input GuestBook</h2>
<hr class="star-primary">
<div class="row">
<div class="col-lg-8 mx-auto">
<!-- To configure the contact form email address, go to mail/contact_me.php and update the email address in the PHP file on line 19. -->
<!-- The form should work on most web servers, but if the form is not working you may need to configure your web server differently. -->
<form name="sentMessage" id="contactForm" novalidate>
<div class="control-group">
<div class="form-group floating-label-form-group controls">
<label>Name</label>
<input class="form-control" id="name" type="text" placeholder="Name" required data-validation-required-message="Please enter your name.">
<p class="help-block text-danger"></p>
</div>
</div>
<div class="control-group">
<div class="form-group floating-label-form-group controls">
<label>Email Address</label>
<input class="form-control" id="email" type="email" placeholder="Email Address" required data-validation-required-message="Please enter your email address.">
<p class="help-block text-danger"></p>
</div>
</div>
<div class="control-group">
<div class="form-group floating-label-form-group controls">
<label>Phone Number</label>
<input class="form-control" id="phone" type="number" placeholder="Phone Number" required data-validation-required-message="Please enter your phone number.">
<p class="help-block text-danger"></p>
</div>
</div>
<div class="control-group">
<div class="form-group floating-label-form-group controls">
<label>Message</label>
<textarea class="form-control" id="message" rows="5" placeholder="Message" required data-validation-required-message="Please enter a message."></textarea>
<p class="help-block text-danger"></p>
</div>
</div>
<br>
<div id="success"></div>
<div class="form-group">
<button type="submit" class="btn btn-success btn-lg" id="sendMessageButton">Send</button>
</div>
</form>
</div>
</div>
</div>
</section>
<?php
$name = $koneksi->real_escape_string($_POST['name']);
$email = $koneksi->real_escape_string($_POST['email']);
$phone = $koneksi->real_escape_string($_POST['phone']);
$message = $koneksi->real_escape_string($_POST['message']);
//jika di klik tombol kirim pesan menjalankan script di bawah ini
if($_POST['sendMessageButton']){
$input = $koneksi->query("INSERT INTO guestbook(name,email,phone,message) VALUES('$name','$email','$phone','$message')") or die($koneksi->error);
if($input){
echo '<div class="alert alert-success">Pesan anda berhasil di simpan!</div>';
}else{
echo '<div class="alert alert-warning">Gagal menyimpan pesan!</div>';
}
}
?>
<div class="container" style="margin-top: 50px">
<h1>Data Buku Tamu!</h1>
<hr />
<?php
//menampilkan data buku tamu
$res = $koneksi->query("SELECT * FROM guestbook") or die($koneksi->error);
if($res->num_rows){
while($row = $res->fetch_assoc()){
echo '
<table class="table table-condensed table-striped">
<tr>
<th width="150">NAMA LENGKAP</th>
<th width="10">:</th>
<td>'.$row['name'].'</td>
</tr>
<tr>
<th>EMAIL</th>
<th>:</th>
<td>'.$row['email'].'</td>
</tr>
<tr>
<th>PHONE</th>
<th>:</th>
<td>'.$row['phone'].'</td>
</tr>
<tr>
<th>MESSAGE</th>
<th>:</th>
<td>'.$row['message'].'</td>
</tr>
</table>
';
}
}else{
echo 'Belum ada data buku tamu';
}
?>
</div>
0
1 Jawaban:
function antiinjection($data){ include 'config.php'; $filter_sql = mysqli_real_escape_string($connect,stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter_sql;
}
$nama= antiinjection($_POST['nama']);
abis itu baru query kan bro
0