0){ // category already exists, show error echo "Category already exists!"; }else{ // category does not exist, add the new category to database $query = "INSERT INTO categories (category_name) VALUES ('$category_name')"; $result = mysqli_query($conn, $query); if($result){ // category added successfully, show success message echo "Category added successfully!"; }else{ // error adding category, show error message echo "Error adding category!"; } } // close database connection mysqli_close($conn); ?>
prepare("INSERT INTO categories (category_name) VALUES (?)"); $stmt->bind_param("s", $category_name); if($stmt->execute()){ // category added successfully, show success message echo "Category added successfully!"; }else{ // error adding category, show error message echo "Error adding category!"; } // close database connection $stmt->close(); $conn->close(); ?>In both examples, the user inputs a category name through a form, which is then checked if it already exists in the database. If it doesn't exist, the new category is added to the database with either a standard MySQL query (Example 1) or a prepared statement (Example 2) to prevent SQL injection. The user is then shown a success or error message depending on the outcome of the query.