diff --git a/b1-bak/session2/blog/admin.php b/b1-bak/session2/blog/admin.php
index 51463df..d5e8893 100644
--- a/b1-bak/session2/blog/admin.php
+++ b/b1-bak/session2/blog/admin.php
@@ -42,15 +42,22 @@
                 echo "<div class='error'>Il manque quelque chose ! </div>";
             }
             elseif(!empty($titre_de_article)) {
-                $resultat = $mysqli->query("
-                    INSERT INTO `article` (`id_article`, `titre`, `contenu`, `date`) 
-                    VALUES (NULL, '".$titre_de_article."', '".$contenu_de_article." ', NOW()); 
-                ");
+                $sql = "INSERT INTO `article` (`id_article`, `titre`, `contenu`, `date`) 
+                VALUES (NULL, ?, ?, NOW()); ";
+                $requete = $mysqli->prepare($sql);
+                //https://www.php.net/manual/en/mysqli-stmt.bind-param.php
+                $requete->bind_param('ss',$titre_de_article,$contenu_de_article);
+                $resultat = $requete->execute();
+
                 if($resultat) {
                     echo "<div class='success'>Article enregistré !</div>";
                     $titre_de_article = "";
                     $contenu_de_article = "";                    
                 }
+                else {
+                    echo  "Error description: " . $mysqli -> error;
+                    echo $sql;
+                }
             }
         ?>
         <form action="" method="post">
diff --git a/b1-bak/session2/blog/commentaire.sql b/b1-bak/session2/blog/commentaire.sql
new file mode 100644
index 0000000..4225059
--- /dev/null
+++ b/b1-bak/session2/blog/commentaire.sql
@@ -0,0 +1,61 @@
+-- phpMyAdmin SQL Dump
+-- version 5.1.1
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Feb 02, 2022 at 11:14 AM
+-- Server version: 10.4.22-MariaDB
+-- PHP Version: 7.4.27
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `b1bak`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `commentaire`
+--
+
+CREATE TABLE `commentaire` (
+  `id_comentaire` int(11) NOT NULL,
+  `article_id` int(11) NOT NULL,
+  `pseudo` varchar(255) NOT NULL,
+  `mail` varchar(255) NOT NULL,
+  `commentaire` text NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `commentaire`
+--
+ALTER TABLE `commentaire`
+  ADD PRIMARY KEY (`id_comentaire`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `commentaire`
+--
+ALTER TABLE `commentaire`
+  MODIFY `id_comentaire` int(11) NOT NULL AUTO_INCREMENT;
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;