prepare($sql); $stmt->execute([$name, $description, $price]); header("Location: items.php?success=1"); exit(); } catch (PDOException $e) { header("Location: items.php?error=" . urlencode($e->getMessage())); exit(); } } else { header("Location: items.php?error=invalid_input"); exit(); } } ?>