prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)");
$upload->bindParam(':filename', $filename);
$upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
$upload->bindParam(':auteur', $_SESSION['display_name']);
if (isset($_POST['date']) && empty($_POST['date']) == false) {
$upload->bindParam(':date', htmlspecialchars($_POST['date']));
} else {
$upload->bindParam(':date', date());
}
if($upload->execute()) {
$status = "Uploaded";
} else {
$status = "SQL Error";
}
}
?>
