DANGER 919 SYSTEM_ERROR: Missing Data to continue.'; exit; } if ($reqname_raw === '') { echo '

Please add your name to place a request.

'; exit; } // Sanitize for DB $reqsongID = (int)$songid; $reqname = mysqli_real_escape_string($db_conx, $reqname_raw); $rmessage = mysqli_real_escape_string($db_conx, strip_tags($rmessage_raw)); // behoud basis tekst $rmessage_out = nl2br(htmlspecialchars($rmessage_raw, ENT_QUOTES, 'UTF-8')); // Prepare & insert (gebruik eenvoudige escaping) $sqlinsertreq = "INSERT INTO `requests` (`songID`,`username`,`userIP`,`message`,`requested`) VALUES ('{$reqsongID}','{$reqname}','".mysqli_real_escape_string($db_conx,$reqip)."','{$rmessage}', NOW())"; $resultreq = mysqli_query($db_conx, $sqlinsertreq); if ($resultreq) { // Haal artist/title $sqlselect = mysqli_query($db_conx, "SELECT `artist`,`title` FROM `songs` WHERE `ID`='{$reqsongID}' LIMIT 1"); $artist = $title = ''; if ($sqlselect && mysqli_num_rows($sqlselect) > 0) { $row = mysqli_fetch_assoc($sqlselect); $artist = stripslashes($row['artist']); $title = stripslashes($row['title']); } echo '

Request Successful

You\'ve requested '.htmlspecialchars($title).' by '.htmlspecialchars($artist).' to be played.
Thank you '.htmlspecialchars($reqname).'!
'.$rmessage_out.'

'; } else { echo '

ALERT: SORRY!
Something went wrong: '.mysqli_error($db_conx).'

'; } ?>