<?php error_reporting(0); require 'connect.php'; require 'security.php'; $records = array(); if(!empty($_POST)) { if(isset($_POST['first_name'], $_POST['bio'])) { $first_name = trim($_POST['first_name']); $bio = trim($_POST['bio']); if(!empty($first_name) && !empty($bio)) $insert = $db->prepare("INSERT INTO blacklist (first_name, bio, created) VALUES (?, ?, NOW())"); $insert->bind_param('ss', $first_name, $bio); if($insert->execute()) { header('Location: 6.php'); die(); } } } if($results = $db->query("SELECT * FROM blacklist")) { if($results->num_rows) { while($row = $results->fetch_object()) { $records[] = $row; } $results->free(); } } ?> <!DOCTYPE html> <html> <head> <title>Ip Blacklisting</title> </head> <body> <h3>Blacklist</h3> <?php if(!count($records)) { echo 'No recods'; }else{ ?> <table width="558"> <thread> <tr> <th>Ip</th> <th>Reason</th> <th>Time</th> <th>Id</th> </tr> </thread> <tbody> <?php foreach($records as $r) { ?> <tr> <td><?php echo escape($r->first_name);?></td> <td><?php echo escape($r->bio);?></td> <td><?php echo escape($r->created);?></td> <td><?php echo escape($r->id);?></td> </tr> <?php } ?> </tbody> </table> <?php } ?> <hr> <form action="" method="POST"> <div class="field"> <label for="first_name">Reason</label> <input type="text" name="first_name" autocomplete="off"> </div> <div class="field"> <label for="bio">Ip   </label> <input type="text" name="bio" autocomplete="off"> </div> <input type="submit" value="Insert"> </form> <?php echo ($first_name); echo ($bio); ?> </body> </html>