function processForm($postImage) { $errors = []; $errors['count'] = 0; $today = date("Y-m-d"); //pass this to be inserted into the database //form was submitted when $_POST is not empty if (!empty($_POST)) { try { $category = Input::getString('category'); } catch (Exception $e) { $errors['category'] = 'Category: ' . $e->getMessage(); $errors['count']++; } try { $postingTitle = Input::getString('title'); } catch (Exception $e) { $errors['title'] = 'Posting Title: ' . $e->getMessage(); $errors['count']++; } try { $price = Input::getNumber('price'); } catch (Exception $e) { $errors['price'] = 'Price: ' . $e->getMessage(); $errors['count']++; } try { $description = Input::getString('description'); } catch (Exception $e) { $errors['description'] = 'Description: ' . $e->getMessage(); $errors['count']++; } try { $date_posted = Input::getDate('date_posted'); } catch (Exception $e) { $errors['date_posted'] = 'Date Posted: ' . $e->getMessage(); $errors['count']++; } if ($errors['count'] == 0) { $adObject = new AdModel(); $adObject->category = $category; $adObject->title = $postingTitle; $adObject->price = $price; $adObject->description = $description; var_dump($postImage); $adObject->image = $postImage; $adObject->date_posted = $today; // hardcoded: $adObject->user_id = $_SESSION['user_id']; $adObject->users_id = 1; $adObject->save(); //unset the $_SESSION['image'] - will be using the one in the database unset($_SESSION['image']); header("Location: /ads.show.php?id=" . $adObject->id); //this will be the $_GET for the ads.show.php die; } } return $errors; }
public static function getPrice() { try { return Input::getNumber('price'); } catch (Exception $e) { self::addError($e->getMessage()); } }
function deletepark($dbc) { $deleteid = Input::getNumber('id'); $deletequery = $dbc->prepare('DELETE FROM national_parks WHERE id = :id'); $deletequery->bindValue(':id', $deleteid, PDO::PARAM_INT); $deletequery->execute(); header("location: national_parks.php"); die; }
function processForm($adObject, $postImage) { $errors = []; $errors['count'] = 0; //form was submitted when $_POST is not empty if (!empty($_POST)) { try { $postingTitle = Input::getString('title'); } catch (Exception $e) { $errors['title'] = 'Posting Title: ' . $e->getMessage(); $errors['count']++; } try { $price = Input::getNumber('price'); } catch (Exception $e) { $errors['price'] = 'Price: ' . $e->getMessage(); $errors['count']++; } try { $description = Input::getString('description'); } catch (Exception $e) { $errors['description'] = 'Description: ' . $e->getMessage(); $errors['count']++; } if ($errors['count'] == 0) { //update the database // $adObject = new AdModel(); $adObject->title = $postingTitle; $adObject->price = $price; $adObject->description = $description; $adObject->id = $_GET['id']; if ($postImage == "Database Image") { //no image was uploaded - use the database image $adObject->image = $adObject->image; } else { //new image uploaded - use new image $adObject->image = $postImage; } var_dump("adObject image: " . $adObject->image . "!"); $adObject->date_posted = $adObject->date_posted; $adObject->category = $adObject->category; // hardcoded: $adObject->user_id = $_SESSION['user_id']; $adObject->users_id = $_SESSION['user_id']; //this is hardcoded for now $adObject->save(); unset($_SESSION['image']); header("Location: /ads.show.php?id=" . $adObject->id); //this will be the $_GET for the ads.show.php die; } } return $errors; }
function updateData($dbc) { $errors = []; if (!empty($_POST)) { try { $userName = Input::getString('username'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $password = Input::getString('pwd'); $password = password_hash($password, PASSWORD_DEFAULT); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $firstName = Input::getString('firstname'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $lastName = Input::getString('lastname'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $email = Input::getString('email'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $zipCode = Input::getNumber('zipcode'); } catch (Exception $e) { $errors[] = $e->getMessage(); } if (Input::notEmpty('username') && Input::notEmpty('pwd') && Input::notEmpty('firstname') && Input::notEmpty('lastname') && Input::notEmpty('email') && Input::notEmpty('zipcode')) { // create new instance of user class $user = new User(); $user->first_name = $firstName; $user->last_name = $lastName; $user->user_name = $userName; $user->email = $email; $user->zipcode = $zipCode; $user->save(); $_SESSION['logInMessage'] = "Your profile has been updated.!!!"; header("Location:index.php"); die; } } return $errors; }
function insertPark($dbc) { $errors = []; try { $date = Input::getDate('date_established'); $d = $date->format('Y-m-d'); } catch (Exception $e) { $error = "An error occured: " . $e->getMessage() . PHP_EOL; array_push($errors['date_established'], $e->getMessage()); } try { $name = Input::getString('name'); } catch (Exception $e) { $error = "An error occured: " . $e->getMessage() . PHP_EOL; array_push($errors['name'], $e->getMessage()); } try { $location = Input::getString('location'); } catch (Exception $e) { $error = "An error occured: " . $e->getMessage() . PHP_EOL; array_push($errors['location'], $e->getMessage()); } try { $area_in_acres = Input::getNumber('area_in_acres'); } catch (Exception $e) { $error = "An error occured: " . $e->getMessage() . PHP_EOL; array_push($errors['area_in_acres'], $e->getMessage()); } try { $description = Input::getString('description'); } catch (Exception $e) { $error = "An error occured: " . $e->getMessage() . PHP_EOL; array_push($errors['description'], $e->getMessage()); } if ($error) { echo $error; print_r($errors); } else { $insert = "INSERT INTO national_parks (name, location, date_established, area_in_acres, description)\n\tVALUES (:name, :location, :date_established, :area_in_acres, :description)"; $stmt = $dbc->prepare($insert); $stmt->bindValue(':name', $name, PDO::PARAM_STR); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':date_established', $d, PDO::PARAM_STR); $stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->execute(); } }
function insertData($dbc) { $errors = []; if (!empty($_POST)) { try { $name = Input::getString('name'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $location = Input::getString('location'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $date = Input::getDate('date_established'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $area = Input::getNumber('area_in_acres'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $description = Input::getString('description'); } catch (Exception $e) { $errors[] = $e->getMessage(); } if (Input::notEmpty('name') && Input::notEmpty('location')) { $userData = 'INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)'; $userStmt = $dbc->prepare($userData); $userStmt->bindValue(':name', $name, PDO::PARAM_STR); $userStmt->bindValue(':location', $location, PDO::PARAM_STR); $userStmt->bindValue(':date_established', $date, PDO::PARAM_STR); $userStmt->bindValue(':area_in_acres', $area, PDO::PARAM_STR); $userStmt->bindValue(':description', $description, PDO::PARAM_STR); try { $userStmt->execute(); } catch (Exception $e) { $errors[] = $e->getMessage(); throw new Exception('Error: {$e->getMessage()}'); } } } return $errors; }
function insertParks($dbc) { // Now calls on the Input class's getString and getDate methods with try catches. // Try catch create an array of errors for passing to the user in the HTML. $errorArray = []; try { $name = Input::getString('name', 0, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errName'] = $error; } try { $location = Input::getString('location', 0, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errLoc'] = $error; } try { $date_established = Input::getDate('date_established', '1776-07-04', 'next month'); $date_established = $date_established->format('Y-m-d'); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDate'] = $error; } try { $area_in_acres = Input::getNumber('area_in_acres', 0, 375000000); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errArea'] = $error; } try { $description = Input::getString('description', 0, 500); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDes'] = $error; } // If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings. if (!empty($errorArray)) { return $errorArray; } $stmt = $dbc->prepare('INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)'); $stmt->bindValue(':name', $name, PDO::PARAM_STR); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':date_established', $date_established, PDO::PARAM_STR); $stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->execute(); }
function insertPark($dbc) { $errors = []; try { $username = Input::getString('username'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $password = Input::getString('password'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $email = Input::getString('email'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $first_name = Input::getNumber('first_name'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $last_name = Input::getString('last_name'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $phone = Input::getString('phone_number'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } if (!empty($errors)) { return $errors; } $userInput = $dbc->prepare('INSERT INTO users (username, password, email, first_name, last_name, phone) VALUES (:username, :password, :email, :first_name, :last_name, :phone)'); $userInput->bindValue(':username', $username, PDO::PARAM_STR); $userInput->bindValue(':password', $password, PDO::PARAM_STR); $userInput->bindValue(':email', $email, PDO::PARAM_STR); $userInput->bindValue(':first_name', ucfirst($first_name), PDO::PARAM_STR); $userInput->bindValue(':last_name', ucfirst($last_name), PDO::PARAM_STR); $userInput->bindValue(':phone', $phone, PDO::PARAM_STR); $userInput->execute(); return $errors; }
function insertPark($dbc) { $errors = []; try { $park = Input::has('park') ? Input::getString('park') : null; } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $location = Input::has('location') ? Input::getString('location') : null; } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $date_established = Input::has('date_established') ? Input::getDate('date_established') : null; $date_established = $date_established->format('Y-m-d'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $area_in_acres = Input::has('area_in_acres') ? Input::getNumber('area_in_acres') : null; } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $description = Input::has('description') ? Input::getString('description') : null; } catch (Exception $e) { array_push($errors, $e->getMessage()); } if (!empty($errors)) { return $errors; } $query = "INSERT INTO national_parks (park, location, date_established, area_in_acres, description) VALUES (:park, :location, :date_established, :area_in_acres, :description)"; $stmt = $dbc->prepare($query); $stmt->bindValue(':park', $park, PDO::PARAM_STR); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':date_established', $date_established, PDO::PARAM_STR); $stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->execute(); return $errors; }
function deletePark($dbc) { $errorsArray = []; try { $delete_park = Input::getNumber('delete_park'); } catch (Exception $e) { $error = $e->getMessage(); array_push($errorsArray, $error); } $query = "DELETE FROM national_parks WHERE id = :delete_park"; $query = $dbc->prepare($query); $query->bindValue(':delete_park', $delete_park, PDO::PARAM_INT); $query->execute(); return $errorsArray; }
<?php require_once '../default_pw.php'; require_once '../db_connect.php'; require_once '../Input.php'; // defining global variables $page = Input::has('page_num') ? Input::getNumber('page_num') : 1; $limit = Input::has('input') ? Input::getNumber('input') : 4; $offset = $page * $limit - $limit; // connecting to the database $parks = $dbc->prepare('SELECT * FROM national_parks LIMIT :limit OFFSET :offset'); $parks->bindValue(':limit', $limit, PDO::PARAM_INT); $parks->bindValue(':offset', $offset, PDO::PARAM_INT); $parks->execute(); $parks = $parks->fetchAll(PDO::FETCH_ASSOC); $no_of_records = $dbc->query("SELECT count(id) FROM national_parks"); $count = $no_of_records->fetchColumn(); require 'np_inputModal.php'; ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>U.S. National Parks</title> <link rel="stylesheet" href="/css/natty_park.css"> <link href='https://fonts.googleapis.com/css?family=Delius+Swash+Caps|Amaranth:400,700italic|Work+Sans:300,500,800' rel='stylesheet' type='text/css'> </head> <body> <header> <div class='header'>
$errors = []; // date_time_set('America/Chicago'); if (!empty($_POST)) { //prepare database to run query try { // Create a person $item = Input::getString('item'); } catch (LengthException $e) { // Report any errors $errors[] = "Item - " . $e->getMessage(); } catch (InvalidArgumentException $e) { $errors[] = "Item - " . $e->getMessage(); } try { // Create a person $price = Input::getNumber('price'); } catch (OutOfRangeException $e) { // Report any errors $errors[] = "Price - " . $e->getMessage(); } catch (InvalidArgumentException $e) { $errors[] = "Price - " . $e->getMessage(); } try { // Create a person $description = Input::getString('description'); } catch (LengthException $e) { // Report any errors $errors[] = "Description - " . $e->getMessage(); } catch (InvalidArgumentException $e) { $errors[] = "Description - " . $e->getMessage(); }
} catch (InvalidArgumentException $e) { $errors[] = $e->getMessage(); } catch (LengthException $e) { $errors[] = $e->getMessage(); } try { $parkDate = DateRangeException::getDate('date_established'); } catch (OutOfRangeException $e) { $erros = $e->getMessage(); } catch (DateRangeException $e) { $errors = $e->getMessage(); } catch (DateRangeException $e) { $errors = $e->getMessage(); } try { $parkAreaAcres = Input::getNumber('area_in_acres'); } catch (InvalidArgumentException $e) { $errors = $e->getMessage(); } catch (OutOfRangeException $e) { $errors = $e->getMessage(); } catch (DomainException $e) { $errors = $e->getMessage(); } catch (RangeException $e) { $errors = $e->getMessage(); } try { $parkDescription = Input::getString('description'); } catch (InvalidArgumentException $e) { $errors = $e->getMessage(); } catch (OutOfRangeException $e) { $errors = $e->getMessage();
$errors = []; if(Input::has('name') && Input::has('description') && Input::has('area_in_acres') && Input::has('date_established') && Input::has('location')) { $park = new Park(); try { $park->name = Input::getString('name'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $park->area_in_acres = Input::getNumber('area_in_acres'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $park->date_established = Input::getDate('date_established'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $park->description = Input::getString('description'); } catch (Exception $e) { $errors[] = $e->getMessage(); }
$limit = 4; $pageID = Input::has('page') ? Input::get('page') : 1; $offset = $limit * $pageID - $limit; $stmt = $dbc->prepare("SELECT * FROM national_parks LIMIT :limit OFFSET :offset"); $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); $stmt->bindValue(':limit', $limit, PDO::PARAM_INT); $stmt->execute(); $count = $dbc->query('SELECT COUNT(*) FROM national_parks;')->fetchColumn(); $parks = $stmt->fetchAll(PDO::FETCH_ASSOC); $numPages = ceil($count / $limit); $next = $pageID + 1; $previous = $pageID - 1; $newPark = []; $errorMessage = "Add a Park!"; if (!empty($_POST)) { if (Input::getString('name') && Input::getString('url') && Input::getString('location') && Input::getDate('date_established') && Input::getNumber('area_in_acres') && Input::getString('description')) { $newPark = $dbc->prepare("INSERT INTO national_parks(name, url, location, date_established, area_in_acres, description) \n\t\tVALUES(:name, :url, :location, :date_established, :area_in_acres, :description)"); $newPark->bindValue(':name', Input::get('name'), PDO::PARAM_STR); $newPark->bindValue(':url', Input::get('url'), PDO::PARAM_STR); $newPark->bindValue(':location', Input::get('location'), PDO::PARAM_STR); $newPark->bindValue(':date_established', Input::get('date_established'), PDO::PARAM_STR); $newPark->bindValue(':area_in_acres', Input::get('area_in_acres'), PDO::PARAM_STR); $newPark->bindValue(':description', Input::get('description'), PDO::PARAM_STR); $newPark->execute(); } else { $errorMessage = 'To add a park please input all fields!'; } } $del = "DELETE FROM `national_parks` WHERE `id` = :id_to_delete"; ?>
$newPost = $dbc->prepare("INSERT INTO ads(title, description, image_url, price, category, posting_user) \n VALUES(:title, :description, :image_url, :price, :category, :posting_user)"); $newPost->bindValue(':title', Input::getString('title'), PDO::PARAM_STR); $newPost->bindValue(':description', Input::getString('description'), PDO::PARAM_STR); $newPost->bindValue(':image_url', $filename, PDO::PARAM_STR); $newPost->bindValue(':price', Input::getNumber('price'), PDO::PARAM_STR); $newPost->bindValue(':category', Input::getString('category'), PDO::PARAM_STR); $newPost->bindValue(':posting_user', $_SESSION['LOGGED_IN_USER'], PDO::PARAM_STR); $newPost->execute(); sleep(3); header('Location: index.php'); exit; } else { $newPost = $dbc->prepare("INSERT INTO ads(title, description, price, category, posting_user) \n VALUES(:title, :description, :price, :category, :posting_user)"); $newPost->bindValue(':title', Input::getString('title'), PDO::PARAM_STR); $newPost->bindValue(':description', Input::getString('description'), PDO::PARAM_STR); $newPost->bindValue(':price', Input::getNumber('price'), PDO::PARAM_STR); $newPost->bindValue(':category', Input::getString('category'), PDO::PARAM_STR); $newPost->bindValue(':posting_user', $_SESSION['LOGGED_IN_USER'], PDO::PARAM_STR); $newPost->execute(); sleep(3); header('Location: index.php'); exit; } } $category = array('Accounting and Finance', 'Admin and Office', 'Appliances', 'Art/Media/Design', 'Arts and Crafts', 'Auto Parts', 'Automotive', 'Baby and kid', 'Biotech and Science', 'Books', 'Business/Mgmt', 'Cars and Trucks', 'Computer and Technology', 'Computers and Electronics', 'Customer Service', 'Education', 'Event', 'Furniture', 'Human Resources', 'Internet Engineers', 'Legal', 'Legal/Peralegal', 'Lessons', 'Medical/Health', 'Music', 'Pet', 'Real Estate', 'Realator', 'Salon/Spa/Fitness', 'Security', 'Software/QA/DBA', 'Sports and Outdoors', 'Technical Support', 'Tools', 'Transport', 'Video Gaming', 'Writing/Editing'); ?> <html> <head> <title>Add Post</title>
$name = Input::getString('name', 0, 500); } catch (Exception $e) { $errors['name'] = $e->getMessage(); } try { $title = Input::getString('title', 0, 100); } catch (Exception $e) { $errors['title'] = $e->getMessage(); } try { $price = Input::getNumber('price', 0, 15); } catch (Exception $e) { $errors['price'] = $e->getMessage(); } try { $zip = Input::getNumber('zip', 5, 5); } catch (Exception $e) { $errors['zip'] = $e->getMessage(); } try { $description = Input::getString('description', 0, 500); } catch (Exception $e) { $errors['description'] = $e->getMessage(); } /* * Further verification */ if (!Input::has('call_poster') && !Input::has('text_poster') && !Input::has('email_poster')) { $errors['contact_poster'] = "You did not select a form of contact"; } try {
$limit = Input::has('limit') ? Input::get('limit') : 4; $offset = $limit * ($page - 1); // Prepare statement for national parks $stmt = $dbc->prepare("SELECT * FROM national_parks LIMIT :limit OFFSET :offset"); // Bind values for security $stmt->bindValue(':limit', $limit, PDO::PARAM_INT); $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); $stmt->execute(); $parks = $stmt->fetchAll(PDO::FETCH_ASSOC); // Process POST request if ($_POST) { // Assign POST variables $newParkName = Input::has('park_name') && Input::get('park_name') != '' ? Input::getString('park_name') : ''; $newParkLoc = Input::has('park_loc') && Input::get('park_loc') != '' ? Input::getString('park_loc') : ''; $newParkDate = Input::has('date_est') && Input::get('date_est') != '' ? Input::getDate('date_est') : ''; $newParkArea = Input::has('park_area') && Input::get('park_area') != '' ? Input::getNumber('park_area') : ''; $newParkDesc = Input::has('park_desc') && Input::get('park_desc') != '' ? Input::getString('park_desc') : ''; // Insert new park into DB $insert = $dbc->prepare('INSERT INTO national_parks (park_name, park_loc, date_est, area_in_acres, about_park) VALUES (:name, :location, :date, :area, :description)'); $insert->bindValue(':name', $newParkName, PDO::PARAM_STR); $insert->bindValue(':location', $newParkLoc, PDO::PARAM_STR); $insert->bindValue(':date', date_format($newParkDate, 'Y-m-d'), PDO::PARAM_STR); $insert->bindValue(':area', $newParkArea, PDO::PARAM_STR); $insert->bindValue(':description', $newParkDesc, PDO::PARAM_STR); $insert->execute(); } ?> <!DOCTYPE html> <html>
$parks = $stmt->fetchAll(PDO::FETCH_ASSOC); $errors = []; $maxDate = date('Y-m-d'); if (!empty($_POST)) { try { $name = Input::getString('name'); } catch (Exception $e) { $errors['name'] = $e->getMessage(); } try { $location = Input::getString('location'); } catch (Exception $e) { $errors['location'] = $e->getMessage(); } try { $area = Input::getNumber('area'); } catch (Exception $e) { $errors['area'] = $e->getMessage(); } try { $dateTimeObject = Input::getDate('date_established', new DateTime('1700-01-01'), new DateTime()); } catch (Exception $e) { $errors['date_established'] = $e->getMessage(); } if (empty($errors)) { $formattedDate = $dateTimeObject->format('Y-m-d'); $query = 'INSERT INTO national_parks (name,location, date_established, area_in_acres) VALUES (:name,:location,:date_established,:area )'; $stmt = $dbc->prepare($query); $stmt->bindValue(':name', $name, PDO::PARAM_STR); $stmt->bindValue(':location', $location, PDO::PARAM_STR);
function pageController($dbc) { $errors = []; $keywords = []; $categoryResults = Ad::getAllCategories(); foreach ($categoryResults as $category) { $categories[] = $category['category']; } if (Input::has('ad-id')) { $oneAd = Ad::adWithAllFields(Input::getNumber('ad-id')); } else { header("Location: ads.index.php"); die; } $ad = $oneAd->getAttributes(); $keyword = array_values($ad); var_dump('$_POST'); var_dump($_POST); if (isset($_POST)) { try { $title = Input::getString('title'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $description = Input::getString('description'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $price = Input::getNumber('price'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $keyword_1 = Input::getString('keyword_1'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $keyword_2 = Input::getString('keyword_2'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $keyword_3 = Input::getString('keyword_3'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } } if (isset($_POST['keyword_1'])) { $keywords[0] = $_POST['keyword_1']; } else { if (isset($keyword[7][1])) { $keywords[0] = $keyword[7][1]; } else { $keywords[0] = ''; } } if (isset($_POST['keyword_2'])) { $keywords[1] = $_POST['keyword_2']; } else { if (isset($keyword[7][2])) { $keywords[1] = $keyword[7][2]; } else { $keywords[1] = ''; } } if (isset($_POST['keyword_3'])) { $keywords[2] = $_POST['keyword_3']; } else { if (isset($keyword[7][3])) { $keywords[2] = $keyword[7][3]; } else { $keywords[2] = ''; } } var_dump('$ad'); var_dump($ad); var_dump('$errors'); var_dump($errors); if (empty($errors)) { try { Ad::updateAds(Input::getNumber('ad-id'), $title, $description, $price); Keyword::updateKeywords(Input::getNumber('ad-id'), $keywords[0], $keywords[1], $keywords[2]); var_dump($keywords); } catch (Exception $e) { echo 'Error'; // $_SESSION } } return array('ad' => $ad, 'categories' => $categories, 'keywords' => $keywords, 'errors' => $errors); }
<?php // These should be defined in a configuration directory, not in a file // within the public directory define('DB_HOST', '127.0.0.1'); define('DB_NAME', 'parks_db'); define('DB_USER', 'parks_user'); define('DB_PASS', 'parks_user'); require '../db_connect.php'; require '../Input.php'; if (Input::getString('name') != '' && Input::getString('location') != '' && Input::getString('date_established') != '' && Input::getNumber('area_in_acres') != '' && Input::getString('description') != '') { $stmt = $dbc->prepare('INSERT INTO nation_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)'); $stmt->bindValue(':name', Input::getString('name'), PDO::PARAM_STR); $stmt->bindValue(':location', Input::getString('location'), PDO::PARAM_STR); $stmt->bindValue(':date_established', Input::getString('date_established'), PDO::PARAM_STR); $stmt->bindValue(':area_in_acres', Input::getNumber('area_in_acres'), PDO::PARAM_STR); $stmt->bindValue(':description', Input::getString('description'), PDO::PARAM_STR); $stmt->execute(); } $offset = 0; if (Input::has('page')) { $page = intval(Input::get('page')); $offset = ($page - 1) * 4; } else { $page = 1; } $stmt = $dbc->prepare("select *\n\tfrom nation_parks\n\tlimit 4\n\toffset :offset"); $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); $stmt->execute(); $parks = $stmt->fetchAll(PDO::FETCH_ASSOC); ?>
require_once 'db_connect.php'; require_once 'Input.php'; if (isset($_GET['page'])) { $page = $_GET['page']; if ($page < 1) { $page = 1; } } else { $page = 1; } $limit = 4; $offset = ($page - 1) * 4; //prepare statements for user submissions //A NOTE FROM THURSDAY: right now, the specific getDate/String/Number methods from Input class are only being applied at the user submission level. to update this, (remove these?? maybe not) add these to your PDO, or whatever it is called) //note FROM THURSDAY CATCH LESSON: Push your errors onto an $errors[] array. if (Input::has('nameSubmit') && Input::getString('nameSubmit') != "" && Input::has('acreageSubmit') && Input::getNumber('acreageSubmit') != "" && Input::getString('stateSubmit') && Input::has('stateSubmit') != "" && Input::getDate('date_estSubmit') && Input::has('date_estSubmit') != "" && Input::getString('descriptionSubmit') && Input::has('descriptionSubmit') != "") { echo "THANK YOU FOR YOUR INPUT." . PHP_EOL; $nameSubmit = $_POST['nameSubmit']; $stateSubmit = $_POST['stateSubmit']; $date_estSubmit = $_POST['date_estSubmit']; $acreageSubmit = $_POST['acreageSubmit']; $descriptionSubmit = $_POST['descriptionSubmit']; $stmt = $connection->prepare("INSERT INTO national_parks (name, location, date_est, acreage, description) VALUES (:nameSubmit, :stateSubmit, :date_estSubmit, :acreageSubmit, :descriptionSubmit)"); $stmt->bindValue(':nameSubmit', $nameSubmit, PDO::PARAM_STR); $stmt->bindValue(':stateSubmit', $stateSubmit, PDO::PARAM_STR); $stmt->bindValue(':date_estSubmit', $date_estSubmit, PDO::PARAM_STR); $stmt->bindValue(':acreageSubmit', $acreageSubmit, PDO::PARAM_STR); $stmt->bindValue(':descriptionSubmit', $descriptionSubmit, PDO::PARAM_STR); $stmt->execute(); } //to convert a query statement to a prepare statement, change query to prepare and change $variable to :variable
define('DB_PASS', 'parks'); require "../db_connect.php"; //put handling of insert here $errorMessage = ""; $errors = []; $inputName = ""; $inputLocation = ""; $dateResult = ""; $inputArea = ""; $inputDescription = ""; if (isset($_REQUEST['submit'])) { try { $inputName = Input::getString('name', 1, 50); $inputLocation = Input::getString('location', 1, 50); $inputDate = Input::getDate('date_established', '1776-07-04'); $inputArea = Input::getNumber('area_in_acres', 1, 5000000); $inputDescription = Input::getString('description', 1, 255); $dateResult = $inputDate->format('Y-m-d H:i:s'); $dataArray = array($inputName, $inputLocation, $dateResult, $inputArea, $inputDescription); $insert = 'INSERT INTO national_parks (name,location,date_established, area_in_acres, description) VALUES (?,?,?,?,?)'; $stmt = $dbc->prepare($insert); $stmt->execute($dataArray); if ($stmt->rowCount() != 1) { $errorMessage = "There was an error inserting the new row."; } else { $errorMessage = "Your entry has been submitted successfully."; $inputName = ""; $inputLocation = ""; $dateResult = ""; $inputArea = ""; $inputDescription = "";
$username = Input::getString('username', 1, 30); } catch (Exception $e) { $errors['username'] = $e->getMessage(); } try { $age = Input::getNumber('age', 1, 10); } catch (Exception $e) { $errors['age'] = $e->getMessage(); } try { $zip = Input::getNumber('zipcode', 5, 10); } catch (Exception $e) { $errors['zipcode'] = $e->getMessage(); } try { $phone = Input::getNumber('phone', 10, 20); } catch (Exception $e) { $errors['phone'] = $e->getMessage(); } if ($email !== $verify_email) { $errors['emailsCheck'] = "Emails do not match."; } if ($password !== $verify_password) { $errors['passwordCheck'] = "Passwords do not match"; } if (!Input::has('call_poster') && !Input::has('text_poster') && !Input::has('email_poster')) { $errors['contact_poster'] = "You did not select preferred method(s) of contact"; } try { if (!isset($errors['zip'])) { $query = "\n\t\t\t\tSELECT `locId` \n\t\t\t\tFROM `location`\n\t\t\t\tWHERE `postalCode` = :postalCode\n\t\t\t\tLIMIT 1\n\t\t\t";
$stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':date_established', $date_established, PDO::PARAM_STR); $stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->execute(); echo 'park saved'; } else { if ($_SERVER[$_REQUEST == $_POST]) { $errors[] = 'All values are requires...'; } } } else { echo 'No Empty Fields!'; } // Pagination for listing parks four at at time; $page = Input::has('page') ? Input::getNumber('page') : 1; $limit = 4; $offset = $page * $limit - $limit; $stmt = $dbc->prepare("SELECT * FROM national_parks LIMIT :limit OFFSET :offset"); $stmt->bindValue(':limit', $limit, PDO::PARAM_INT); $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); $stmt->execute(); $parks = $stmt->fetchAll(PDO::FETCH_ASSOC); // Query to get how many pages to control next page and prev page; $stmt = $dbc->query("SELECT COUNT(*) FROM national_parks"); $totalParks = $stmt->fetchColumn(); $lastPage = ceil($totalParks / $limit); ?> <!doctype html> <html lang="en">
function insertAd($dbc, $user) { // Now calls on the Input class's getString and getDate methods with try catches. // Try catch create an array of errors for passing to the user in the HTML. $errorArray = []; try { $method = Input::getString('method', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errMethod'] = $error; } try { $title = Input::getString('title', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errTitle'] = $error; } try { $price = Input::getNumber('price', 0, 25000); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errPrice'] = $error; } try { $location = Input::getString('location', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errLoc'] = $error; } try { $description = Input::getString('description', 1, 500); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDes'] = $error; } try { $categoriesArray = Input::get('categories', 1, 50); $categories = implode(', ', $categoriesArray); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errCats'] = $error; } // This portion allows for image uploads. if (Input::has('title')) { if ($_FILES) { $uploads_directory = 'img/uploads/'; $filename = $uploads_directory . basename($_FILES['image_url']['name']); if (move_uploaded_file($_FILES['image_url']['tmp_name'], $filename)) { // echo 'The file ' . basename($_FILES['image_url']['name']) . ' has been uploaded.'; } else { $errorArray['errImage'] = 'Sorry, there was an error uploading your file.'; } } } // If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings. if (!empty($errorArray)) { return $errorArray; } $stmt = $dbc->prepare('INSERT INTO ads (user_id, method, image_url, title, price, location, description, categories) VALUES (:user_id, :method, :image_url, :title, :price, :location, :description, :categories)'); $stmt->bindValue(':user_id', $user->id, PDO::PARAM_STR); $stmt->bindValue(':method', $method, PDO::PARAM_STR); $stmt->bindValue(':image_url', $filename, PDO::PARAM_STR); $stmt->bindValue(':title', $title, PDO::PARAM_STR); $stmt->bindValue(':price', $price, PDO::PARAM_INT); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->bindValue(':categories', $categories, PDO::PARAM_STR); $stmt->execute(); }
} catch (Exception $e) { array_push($errorMessages, $e->getMessage()); // echo 'An error occurred: ' . $e->getMessage() . PHP_EOL; } try { $parklocation = Input::getString('location'); } catch (Exception $e) { array_push($errorMessages, $e->getMessage()); } try { $parkdate = Input::getDate('date_established'); } catch (Exception $e) { array_push($errorMessages, $e->getMessage()); } try { $parksize = Input::getNumber('area_in_acres'); } catch (Exception $e) { array_push($errorMessages, $e->getMessage()); } try { $parkdescr = Input::getString('description'); } catch (Exception $e) { array_push($errorMessages, $e->getMessage()); } if (empty($errorMessages)) { $checkrow = 'SELECT id FROM national_parks WHERE name = :name'; $stmt = $dbc->prepare($checkrow); $stmt->bindValue(':name', $parkname, PDO::PARAM_STR); $stmt->execute(); $checkedID = $stmt->fetchColumn(); if ($checkedID == null) {
$ad->category = Input::getNumber('category', 4, 8); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $ad->style = Input::getNumber('style', 1, 25); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $ad->origin = Input::getNumber('origin', 1, 25); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $ad->vintage = Input::getNumber('vintage', 1, 25); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $ad->price = Input::getString('price', 1, 1000); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $ad->description = Input::getString('description', 1, 1000); } catch (Exception $e) { $errors[] = $e->getMessage(); } $ad->post_date = date('Y-m-d h:i'); $ad->save();
function insertPark($dbc) { $errors = []; try { $name = Input::getString('name'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $location = Input::getString('location'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $date_established = Input::getDate('date_established'); $date_established = $date_established->format("Y-m-d"); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $area_in_acres = Input::getNumber('area_in_acres'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $url = Input::getString('url'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $description = Input::getString('description'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } if (!empty($errors)) { return $errors; } $userInput = $dbc->prepare('INSERT INTO national_parks (name, location, date_established, area_in_acres, url, description) VALUES (:name, :location, :date_established, :area_in_acres, :url, :description)'); $userInput->bindValue(':name', ucfirst($name), PDO::PARAM_STR); $userInput->bindValue(':location', ucfirst($location), PDO::PARAM_STR); $userInput->bindValue(':date_established', $date_established, PDO::PARAM_STR); $userInput->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR); $userInput->bindValue(':url', $url, PDO::PARAM_STR); $userInput->bindValue(':description', ucfirst($description), PDO::PARAM_STR); $userInput->execute(); return $errors; }