diff --git a/assets/script.js b/assets/script.js index 71ba896..9418ade 100644 --- a/assets/script.js +++ b/assets/script.js @@ -184,8 +184,8 @@ async function submitarticle(){ let articleBodyElement = document.getElementById("articlebodyinput"); await doAction("/newsarticle", { action: "addNewsArticle", - title: articleTitleElement, - body: articleBodyElement + title: articleTitleElement.value, + body: articleBodyElement.value }); } diff --git a/lib/newsarticle.php b/lib/newsarticle.php index 6e96d04..d021504 100644 --- a/lib/newsarticle.php +++ b/lib/newsarticle.php @@ -26,7 +26,7 @@ function addNewsArticle($title="Nazov", $body="Obsah") :array $output = ["Status" => "Fail"]; // Default Status is "Fail" if (isLoggedIn()) { $query = $mysqli->prepare("INSERT INTO NewsArticles (WrittenBy, Title, Body, FileList) VALUES (?, ?, ?, ?);"); - $query->bind_params("issi", $_SESSION["id"], htmlspecialchars($title), htmlspecialchars($body), 0); + $query->bind_param("issi", $_SESSION["id"], htmlspecialchars($title), htmlspecialchars($body), 0); $query->execute(); if ($query->affected_rows > 0) { $output["Status"] = "Success";