</div> <?php session_start(); if (isset($_GET["adTitle"])) { //clicked on ad $_SESSION["title"] = htmlspecialchars(trim($_GET["adTitle"])); unset($_GET["adTitle"]); } if (isset($_POST["searchKey"])) { $_SESSION["title"] = htmlspecialchars(trim($_POST["searchKey"])); unset($_POST["searchKey"]); } //assume sent by controller and session is not empty $title = $_SESSION["title"]; $modelMethods = new Model(); $exists = $modelMethods->titleExists($title); if ($exists === FALSE) { header("Location:error.php"); exit; } $overallInfo = $modelMethods->getOverallInfoFor($title); $overviewImageFileName = $overallInfo['imageFileName']; $director = $overallInfo['director']; $mpaaRating = $overallInfo['mpaaRating']; $score = $modelMethods->getScore($title); $year = $overallInfo['year']; $runtime = $overallInfo['runtime']; $boxOffice = $overallInfo['boxOffice']; if ($score >= 60) { $scoreImage = "images/freshlarge.png"; $scoreImageAlt = "FRESH";
} } $imageFileName = "uploads/" . $fileTitle . ".png"; $director = htmlspecialchars(trim($_POST['newDirector'])); $mpaa = htmlspecialchars(trim($_POST['newRating'])); $year = htmlspecialchars(trim($_POST['newYear'])); $runtime = htmlspecialchars(trim($_POST['newRuntime'])); $boxOffice = htmlspecialchars(trim($_POST['newBoxOffice'])); $boxOffice = number_format($boxOffice); //add commas to turn into a string with number format session_start(); if (!isset($_SESSION['user'])) { session_start(); $_SESSION['notLoggedInError'] = 'Only logged-in users can add new movies.'; header("Location: addNewMovie.php"); } elseif ($modelMethods->titleExists($title)) { session_start(); $_SESSION['addNewMovieError'] = 'The movie already exists in our database'; header("Location: addNewMovie.php"); } else { $modelMethods->addNewMovie($title, $imageFileName, $director, $mpaa, $year, $runtime, $boxOffice); session_start(); $_SESSION["title"] = $title; header("Location: review.php"); } } elseif (isset($_POST['reviewTitle'])) { $title = htmlspecialchars(trim($_POST['reviewTitle'])); $review = htmlspecialchars(trim($_POST['reviewReview'])); $rating = htmlspecialchars(trim($_POST['rating'])); session_start(); if (!isset($_SESSION['user'])) {