foreach ($_POST as $key => $value) { if (in_array($key, $int)) { $post_ad[$key] = trim((int) $value); } else { $post_ad[$key] = trim(htmlspecialchars($value)); } } switch ($submit) { // выбор режима добавления или редактирования объявления case 'Подать объявление': newAd($post_ad); break; case 'Сохранить изменения': $id = (int) $_GET['edit']; // номер редактируемого объявления updateAd($post_ad, $id); break; } header("Location: dz_9.php"); exit; } // Удаление объявления if (isset($_GET['delete'])) { $del_id = (int) $_GET['delete']; delAd($del_id); header("Location: dz_9.php"); exit; } // Вывод объявления if (isset($_GET['show'])) { $edit_id = (int) $_GET['show'];
function pageController() { require_once '../db/db_connect.php'; // Gets the current session and session id for logged in users. session_start(); $sessionId = session_id(); if (!isset($_SESSION['Loggedinuser'])) { header('location: auth.login.php'); die; } $loginstatus = $_SESSION['Loggedinuser'] . " is logged in!"; // This portion of code gets all the ads' categories in one array. // The categories, which are strings (sometimes with multiple categories in it), // are then put into the array by themselves. The array is imploded into a string and then exploded into an // array again. This allows us to split the strings with multiple categories in them. // The php array_unique removes duplicate category values and sort orders them by first letter. $arrayCategories = Ad::showJustCategories(); $justCategories = []; foreach ($arrayCategories as $key => $value) { array_push($justCategories, $value['categories']); } $justCategoriesString = implode(', ', $justCategories); $justCategoriesArray = explode(', ', $justCategoriesString); $justCategoriesArrayUnique = array_unique($justCategoriesArray); sort($justCategoriesArrayUnique); // Through $_SESSION, gets the logged in user. $username = Auth::user(); // Returns an object of the user's data. $user = User::finduserbyusername($username); // Using the user's id (a foreign key in the ads table), finds all ads by that user. $userAds = Ad::findAllAdsByUserId($user->id); // The first form "Select an Ad" sets 'ad_to_edit' in $_POST, which is the variable $adToEdit. $adToEdit = Input::has('ad_to_edit') ? (int) Input::get('ad_to_edit') : NULL; // Using $adToEdit, this returns an object of data about that ad. $adToEditObj = Ad::find($adToEdit); // Uses the second form of an edited ad to insert the new values into the table and database. function updateAd($dbc, $user) { // Now calls on the Input class's getString and getNumber methods with try catches. // Try catch create an array of errors for passing to the user in the HTML. $errorArray = []; try { $method = Input::getString('method', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errMethod'] = $error; } try { $title = Input::getString('title', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errTitle'] = $error; } try { $price = Input::getNumber('price', 0, 25000); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errPrice'] = $error; } try { $location = Input::getString('location', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errLoc'] = $error; } try { $description = Input::getString('description', 1, 500); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDes'] = $error; } try { $adid = Input::getNumber('adid', 1, 5000000); } catch (Exception $e) { $error = $e->getMessage(); } try { $categoriesArray = Input::get('categories', 1, 50); $categories = implode(', ', $categoriesArray); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errCats'] = $error; } // This portion allows for image uploads. // If the user does not upload an image, the value in the readonly input of image url is used instead. if (!isset($_FILES['image_upload'])) { $filename = Input::get('image_url'); } else { if ($_FILES['image_upload']['name'] != '') { $uploads_directory = 'img/uploads/'; $filename = $uploads_directory . basename($_FILES['image_upload']['name']); if (move_uploaded_file($_FILES['image_upload']['tmp_name'], $filename)) { // echo 'The file ' . basename($_FILES['image_upload']['name']) . ' has been uploaded.'; } else { $errorArray['errImage'] = 'Sorry, there was an error uploading your file.'; var_dump($_FILES); } } else { $filename = Input::get('image_url'); } } // If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings. if (!empty($errorArray)) { return $errorArray; } $stmt = $dbc->prepare('UPDATE ads SET user_id = :user_id, method = :method, image_url = :image_url, title = :title, price = :price, location = :location, description = :description, categories = :categories WHERE id = :id'); $stmt->bindValue(':id', $adid, PDO::PARAM_INT); $stmt->bindValue(':user_id', $user->id, PDO::PARAM_STR); $stmt->bindValue(':method', $method, PDO::PARAM_STR); $stmt->bindValue(':image_url', $filename, PDO::PARAM_STR); $stmt->bindValue(':title', $title, PDO::PARAM_STR); $stmt->bindValue(':price', $price, PDO::PARAM_INT); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->bindValue(':categories', $categories, PDO::PARAM_STR); $stmt->execute(); } // Sets each variable for future use in the following 'if else' logic tree. $errorArray = ['']; $formMethod = ''; $formImage = ''; $formTitle = ''; $formPrice = ''; $formLoc = ''; $formDes = ''; $formAdId = ''; $formCat = ['']; $yellow = false; // If an ad is selected for editing, then this will populate each input with the ad's data from the ads table. // If no ad is selected, such as landing on the page at first or trying to submit an empty form, the else on line 152 will display. if (isset($_POST['ad_to_edit'])) { $errorArray = ['Make your edits.']; $yellow = true; $formMethod = $adToEditObj->method; $formImage = $adToEditObj->image_url; $formTitle = $adToEditObj->title; $formPrice = $adToEditObj->price; $formLoc = $adToEditObj->location; $formDes = $adToEditObj->description; $formCat = explode(', ', $adToEditObj->categories); $formAdId = $adToEdit; } else { $errorArray = ['Please select an ad to edit.']; } // If none of these are set in the $_POST, then nothing happens. This is the outer most if. // If these are empty, then the else on line 173 is tripped. Inner if/else on lines 158 and 173. // If these have values, updateAd runs. Line 159. // If no errors are tripped then if on line 161 trips and the ad is edited. // If errors are tripped, then else on line 163 trips and the errors are displayed and the form is sticky. if (Input::has('method') && Input::has('image_url') && Input::has('title') && Input::has('price') && Input::has('location') && Input::has('description')) { if (Input::notEmpty('method') && Input::notEmpty('image_url') && Input::notEmpty('title') && Input::notEmpty('price') && Input::notEmpty('location') && Input::notEmpty('description') && Input::notEmpty('categories')) { $errorArray = updateAd($dbc, $user); if ($errorArray == []) { $errorArray = ['Ad Editted!']; } else { $formMethod = Input::get('method'); $formImage = Input::get('image_url'); $formTitle = Input::get('title'); $formPrice = Input::get('price'); $formLoc = Input::get('location'); $formDes = Input::get('description'); $formAdId = Input::get('adid'); $formCat = Input::get('categories'); } } else { $errorArray = ['Please submit values for each data field.']; $yellow = true; $formMethod = Input::get('method'); $formImage = Input::get('image_url'); $formTitle = Input::get('title'); $formPrice = Input::get('price'); $formLoc = Input::get('location'); $formDes = Input::get('description'); $formAdId = Input::get('adid'); $formCat = Input::get('categories'); } } return array('user' => $user, 'userAds' => $userAds, 'errorArray' => $errorArray, 'yellow' => $yellow, 'formMethod' => $formMethod, 'formImage' => $formImage, 'formTitle' => $formTitle, 'formPrice' => $formPrice, 'formLoc' => $formLoc, 'formDes' => $formDes, 'formAdId' => $formAdId, 'formCat' => $formCat, 'justCategoriesArrayUnique' => $justCategoriesArrayUnique, 'loginstatus' => $loginstatus); }
foreach ($_POST as $key => $value) { if (in_array($key, $int)) { $post_ad[$key] = trim((int) $value); } else { $post_ad[$key] = trim(htmlspecialchars($value)); } } switch ($submit) { // выбор режима добавления или редактирования объявления case 'Подать объявление': newAd($db, $post_ad); break; case 'Сохранить изменения': $id = (int) $_GET['edit']; // номер редактируемого объявления updateAd($db, $post_ad, $id); break; } header("Location: index.php"); exit; } // Удаление объявления if (isset($_GET['delete'])) { $del_id = (int) $_GET['delete']; delAd($db, $del_id); header("Location: index.php"); exit; } // Вывод объявления if (isset($_GET['show'])) { $edit_id = (int) $_GET['show'];
foreach ($_POST as $key => $value) { if (in_array($key, $int)) { $post_ad[$key] = trim((int) $value); } else { $post_ad[$key] = trim(htmlspecialchars($value)); } } switch ($submit) { // выбор режима добавления или редактирования объявления case 'Подать объявление': newAd($link, $post_ad); break; case 'Сохранить изменения': $id = (int) $_GET['edit']; // номер редактируемого объявления updateAd($link, $post_ad, $id); break; } header("Location: dz_9.php"); exit; } // Удаление объявления if (isset($_GET['delete'])) { $del_id = (int) $_GET['delete']; delAd($link, $del_id); header("Location: dz_9.php"); exit; } // Вывод объявления if (isset($_GET['show'])) { $edit_id = (int) $_GET['show'];