if (isset($_POST['messages'])) {
//$_SESSION['pagetitle'] = 'newarticle';
if (filter_var($_POST['fname'], FILTER_SANITIZE_STRING)) {
$_SESSION['error'] = "sorry! the fname is not valid";
} else {
if (filter_var($_POST['phoneno'], FILTER_VALIDATE_INT)) {
$_SESSION['error'] = "sorry! the phone no is not valid";
} else {
$fname = filter_var($_POST['fname'], FILTER_SANITIZE_STRING);
$phoneno = filter_var($_POST['phoneno'], FILTER_SANITIZE_NUMBER_INT);
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING);
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
$sql = "INSERT INTO messages (username,email,phoneno,subject,messages)\n VALUES ('{$fname}','{$email}','{$email}','{$phoneno}','{$subject}','{$message}')";
$article = new Article();
$result = $article->message($sql);
if (!empty($result)) {
header('Location: index.php?action=newpost');
$_SESSION['success'] = "the message has been sent";
} else {
$_SESSION['error'] = "There was an error while sending the message";
}
}
}
}
}
}
}
}
}
}
