diff --git a/input_ddd_scoreboard.php b/input_ddd_scoreboard.php
index 7ff917d..b9a5f5b 100755
--- a/input_ddd_scoreboard.php
+++ b/input_ddd_scoreboard.php
@@ -1,6 +1,6 @@
" . $score . "
" . $mode . "
";
echo "Bosses: " . $bossNames . "
";
-// Insert the data into the database
-$sql = "INSERT INTO ddd_db.scores (Name, Score, Mode, Bosses) VALUES ('$name', $score, '$mode', '$bossNames')";
+// Prepare an SQL statement
+$stmt = $conn->prepare("INSERT INTO ddd_db.scores (Name, Score, Mode, Bosses) VALUES (?, ?, ?, ?)");
+$stmt->bind_param("siss", $name, $score, $mode, $bossNames);
-if (mysqli_query($conn, $sql)) {
- echo "New record created successfully";
+// Execute the statement
+if ($stmt->execute()) {
+ echo "New record created successfully";
} else {
- echo "Error: " . $sql . "
" . mysqli_error($conn);
+ echo "Error: " . $stmt->error;
}
-mysqli_close($conn);
+$stmt->close();
+$conn->close();
?>
Back