<?php
/**
* Created by PhpStorm.
* User: martinmatak
* Date: 16/03/16
* Time: 11:33
*/
require_once 'Autoloader.php';
session_start();
// not logged in or id of photo not set
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
}
$user = new \models\Korisnik();
$user->load($_SESSION['user_id']);
if (!empty($_POST['submitted'])) {
if (isset($_POST['btnDelete'])) {
$user->delete();
unset($_SESSION['user_id']);
DAO::getConnection()->header('Location: registration.php');
exit;
}
$rules = array();
$rules['name'] = 'length[40]';
$rules['surname'] = 'length[40]';
$rules['email'] = 'required|email|length[50]';
$rules['password'] = '******';
$rules['confirm_password'] = '******';
$validation = new \validation_library\FormValidation();
$validation->set_rules($rules);
*/
require_once 'Autoloader.php';
session_start();
// id of photo not set
if (!isset($_GET['id'])) {
header('Location: index.php');
}
if (!empty($_POST['submitted'])) {
$rules = array();
$rules['comment_data'] = 'required|length[500]';
$validation = new \validation_library\FormValidation();
$validation->set_rules($rules);
$allGood = $validation->validate();
if ($allGood) {
$query = \db\DAO::getInstance()->prepare("INSERT INTO Comments(image_id, user_id,\n username, comment_data) VALUES (?,?,?,?)");
$user = new \models\Korisnik();
$user->load($_SESSION['user_id']);
if ($query->execute([$_GET['id'], $_SESSION['user_id'], $user->__get('username'), htmlentities($_POST['comment_data'])])) {
$page = 'aboutPicture.php?id=' . $_GET['id'];
header('Location: ' . $page);
exit;
} else {
echo "Username must be unique";
}
// exit;
} else {
echo "Comment cannot be empty.";
}
}
\db\DAO::getConnection()->addVisit($_GET['id']);
//page rendering