public function add()
{
// Sanitize POST
$post = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
if ($post['submit']) {
if ($post['title'] == '' || $post['body'] == '' || $post['link'] == '') {
Messages::setMsg('Please Fill in All Fields', 'error');
return;
}
// Insert into MySQL Database
$this->query('INSERT INTO Shares (title, body, link, user_id)
VALUES(:title, :body, :link, :user_id)');
$this->bind(':title', $post['title']);
$this->bind(':body', $post['body']);
$this->bind(':link', $post['link']);
$this->bind(':user_id', $_SESSION['user_data']['id']);
$this->execute();
// Verify Query
if ($this->lastInsertId()) {
// Redirect
header('Location: ' . ROOT_URL . 'shares');
}
}
return;
}
public function login()
{
// Sanitize POST
$post = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
$password = md5($post['password']);
if ($post['submit']) {
// Check Login
$this->query('SELECT * FROM Users where email = :email
AND password = :password');
$this->bind(':email', $post['email']);
$this->bind(':password', $password);
$row = $this->single();
if ($row) {
$_SESSION['is_logged_in'] = true;
$_SESSION['user_data'] = array('id' => $row['id'], 'name' => $row['name'], 'email' => $row['email']);
header('Location: ' . ROOT_URL . 'shares');
} else {
Messages::setMsg('Incorrect Login', 'error');
}
}
return;
}
