function pageController()
{
if (Auth::isLoggedIn()) {
header("Location: index.php");
exit;
}
try {
$email = Input::getString('email');
} catch (Exception $e) {
$email = '';
}
try {
$password = Input::getString('password');
} catch (Exception $e) {
$password = '';
}
$user = UserModel::findByEmail($email);
// if(empty($user))
// {
// header("Location: users.create.php");
// exit();
// }
if (Auth::attempt($user, $password)) {
Auth::setSessionVariables($user);
header("Location: index.php");
exit;
}
return array('email' => $email, 'loggedIn' => Auth::isLoggedIn());
}
function pageController()
{
$errors = [];
if (!Auth::isLoggedIn()) {
header('Location: users.create.php');
exit;
}
$userObject = UserModel::find($_SESSION['user_id']);
if (!empty($_POST)) {
try {
$userObject->first_name = Input::getString('firstName');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$userObject->last_name = Input::getString('lastName');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
if (Input::get('password1') == Input::get('password2')) {
try {
$userObject->password = Input::getPassword('password1', $userObject->first_name, $userObject->last_name, $userObject->email);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
}
$userObject->save();
}
return ['user' => $userObject, 'errors' => $errors];
}
function processForm($postImage)
{
$errors = [];
$errors['count'] = 0;
$today = date("Y-m-d");
//pass this to be inserted into the database
//form was submitted when $_POST is not empty
if (!empty($_POST)) {
try {
$category = Input::getString('category');
} catch (Exception $e) {
$errors['category'] = 'Category: ' . $e->getMessage();
$errors['count']++;
}
try {
$postingTitle = Input::getString('title');
} catch (Exception $e) {
$errors['title'] = 'Posting Title: ' . $e->getMessage();
$errors['count']++;
}
try {
$price = Input::getNumber('price');
} catch (Exception $e) {
$errors['price'] = 'Price: ' . $e->getMessage();
$errors['count']++;
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
$errors['description'] = 'Description: ' . $e->getMessage();
$errors['count']++;
}
try {
$date_posted = Input::getDate('date_posted');
} catch (Exception $e) {
$errors['date_posted'] = 'Date Posted: ' . $e->getMessage();
$errors['count']++;
}
if ($errors['count'] == 0) {
$adObject = new AdModel();
$adObject->category = $category;
$adObject->title = $postingTitle;
$adObject->price = $price;
$adObject->description = $description;
var_dump($postImage);
$adObject->image = $postImage;
$adObject->date_posted = $today;
// hardcoded: $adObject->user_id = $_SESSION['user_id'];
$adObject->users_id = 1;
$adObject->save();
//unset the $_SESSION['image'] - will be using the one in the database
unset($_SESSION['image']);
header("Location: /ads.show.php?id=" . $adObject->id);
//this will be the $_GET for the ads.show.php
die;
}
}
return $errors;
}
function insertPost($dbc)
{
//Setting username (currently hard coded, will use SESSION variable later)
$username = "******";
$user = User::findUserByUsername($username);
var_dump($user);
$userid = $user->userid;
$errors = [];
try {
$title = Input::getString('title');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$location = Input::getString('location');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$email = Input::getString('email');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$price = Input::getString('price');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
if (Input::has('title')) {
if ($_FILES) {
// Create variable for the uploads direc for images in our server
$uploads_directory = 'img/uploads/';
$filename = $uploads_directory . basename($_FILES['image']['name']);
if (move_uploaded_file($_FILES['image']['tmp_name'], $filename)) {
// echo '<p>The file '. basename( $_FILES['image']['name']). ' has been uploaded.</p>';
} else {
//alert("Sorry, there was an error uploading your file.");
}
}
}
$date = date('Y-m-d');
$insert_table = "INSERT INTO posts (userid, post_date, title, price, description, email, location, image) VALUES (:userid, :post_date, :title, :price, :description, :email, :location, :image)";
$stmt = $dbc->prepare($insert_table);
$stmt->bindValue(':userid', $userid, PDO::PARAM_STR);
$stmt->bindValue(':post_date', $date, PDO::PARAM_STR);
$stmt->bindValue(':title', $title, PDO::PARAM_STR);
$stmt->bindValue(':price', $price, PDO::PARAM_STR);
$stmt->bindValue(':description', $description, PDO::PARAM_STR);
$stmt->bindValue(':email', $email, PDO::PARAM_STR);
$stmt->bindValue(':location', $location, PDO::PARAM_STR);
$stmt->bindValue(':image', $filename, PDO::PARAM_STR);
$stmt->execute();
return $errors;
}
public static function getPasswordMatch()
{
try {
return Input::getString('passwordmatch', 0, 50);
} catch (Exception $e) {
self::addError($e->getMessage());
}
}
public static function getContact()
{
try {
return Input::getString('contact', 0, 50);
} catch (Exception $e) {
self::addError($e->getMessage());
}
}
function insertPark($dbc, $park)
{
$errorsArray = [];
try {
$name = Input::getString('name');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errorsArray, $error);
}
try {
$location = Input::getString('location');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errorsArray, $error);
}
try {
$date_established = Input::getDate('date_established');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errorsArray, $error);
}
try {
$area = Input::getNumber('area');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errorsArray, $error);
}
try {
$visitors = Input::getString('visitors');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errorsArray, $error);
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errorsArray, $error);
}
if (!empty($errorsArray)) {
return $errorsArray;
}
$query = "INSERT INTO national_parks (name, location, date_established, area, visitors, description)\n\t\t\t\tVALUES (:name, :location, :date_established, :area, :visitors, :description)";
$query = $dbc->prepare($query);
$query->bindValue(':name', $name, PDO::PARAM_STR);
$query->bindValue(':location', $location, PDO::PARAM_STR);
$query->bindValue(':date_established', $date_established, PDO::PARAM_STR);
$query->bindValue(':area', $area, PDO::PARAM_STR);
$query->bindValue(':visitors', $visitors, PDO::PARAM_STR);
$query->bindValue(':description', $description, PDO::PARAM_STR);
// $query->fetchAll(PDO::FETCH_ASSOC);
$query->execute();
}
function processForm($adObject, $postImage)
{
$errors = [];
$errors['count'] = 0;
//form was submitted when $_POST is not empty
if (!empty($_POST)) {
try {
$postingTitle = Input::getString('title');
} catch (Exception $e) {
$errors['title'] = 'Posting Title: ' . $e->getMessage();
$errors['count']++;
}
try {
$price = Input::getNumber('price');
} catch (Exception $e) {
$errors['price'] = 'Price: ' . $e->getMessage();
$errors['count']++;
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
$errors['description'] = 'Description: ' . $e->getMessage();
$errors['count']++;
}
if ($errors['count'] == 0) {
//update the database
// $adObject = new AdModel();
$adObject->title = $postingTitle;
$adObject->price = $price;
$adObject->description = $description;
$adObject->id = $_GET['id'];
if ($postImage == "Database Image") {
//no image was uploaded - use the database image
$adObject->image = $adObject->image;
} else {
//new image uploaded - use new image
$adObject->image = $postImage;
}
var_dump("adObject image: " . $adObject->image . "!");
$adObject->date_posted = $adObject->date_posted;
$adObject->category = $adObject->category;
// hardcoded: $adObject->user_id = $_SESSION['user_id'];
$adObject->users_id = $_SESSION['user_id'];
//this is hardcoded for now
$adObject->save();
unset($_SESSION['image']);
header("Location: /ads.show.php?id=" . $adObject->id);
//this will be the $_GET for the ads.show.php
die;
}
}
return $errors;
}
function updateData($dbc)
{
$errors = [];
if (!empty($_POST)) {
try {
$userName = Input::getString('username');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$password = Input::getString('pwd');
$password = password_hash($password, PASSWORD_DEFAULT);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$firstName = Input::getString('firstname');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$lastName = Input::getString('lastname');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$email = Input::getString('email');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$zipCode = Input::getNumber('zipcode');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
if (Input::notEmpty('username') && Input::notEmpty('pwd') && Input::notEmpty('firstname') && Input::notEmpty('lastname') && Input::notEmpty('email') && Input::notEmpty('zipcode')) {
// create new instance of user class
$user = new User();
$user->first_name = $firstName;
$user->last_name = $lastName;
$user->user_name = $userName;
$user->email = $email;
$user->zipcode = $zipCode;
$user->save();
$_SESSION['logInMessage'] = "Your profile has been updated.!!!";
header("Location:index.php");
die;
}
}
return $errors;
}
function processForm()
{
$errors = [];
$errors['count'] = 0;
//form was submitted when $_POST is not empty
if (!empty($_POST)) {
try {
$firstName = Input::getString('first_name');
} catch (Exception $e) {
$errors['first_name'] = 'First Name: ' . $e->getMessage();
$errors['count']++;
}
try {
$lastName = Input::getString('last_name');
} catch (Exception $e) {
$errors['last_name'] = 'Last Name: ' . $e->getMessage();
$errors['count']++;
}
try {
$email = Input::getString('email');
} catch (Exception $e) {
$errors['email'] = 'Email Address: ' . $e->getMessage();
$errors['count']++;
}
try {
if ($_POST['password1'] != $_POST['password2']) {
throw new UnexpectedValueException("Do Not Match!");
}
$passwordOneHashed = Input::getPassword('password1', $firstName, $lastName, $email);
} catch (Exception $e) {
$errors['password1'] = 'Password: '******'count']++;
}
if ($errors['count'] == 0) {
//no errors - add to the database
$userObject = new UserModel();
$userObject->first_name = $firstName;
$userObject->last_name = $lastName;
$userObject->email = $email;
$userObject->password = $passwordOneHashed;
$userObject->save();
header("Location: /users.show.php?id=" . $userObject->id);
//this will be the $_GET for the users.show.php
die;
}
}
return $errors;
}
function insertPark($dbc)
{
$errors = [];
try {
$date = Input::getDate('date_established');
$d = $date->format('Y-m-d');
} catch (Exception $e) {
$error = "An error occured: " . $e->getMessage() . PHP_EOL;
array_push($errors['date_established'], $e->getMessage());
}
try {
$name = Input::getString('name');
} catch (Exception $e) {
$error = "An error occured: " . $e->getMessage() . PHP_EOL;
array_push($errors['name'], $e->getMessage());
}
try {
$location = Input::getString('location');
} catch (Exception $e) {
$error = "An error occured: " . $e->getMessage() . PHP_EOL;
array_push($errors['location'], $e->getMessage());
}
try {
$area_in_acres = Input::getNumber('area_in_acres');
} catch (Exception $e) {
$error = "An error occured: " . $e->getMessage() . PHP_EOL;
array_push($errors['area_in_acres'], $e->getMessage());
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
$error = "An error occured: " . $e->getMessage() . PHP_EOL;
array_push($errors['description'], $e->getMessage());
}
if ($error) {
echo $error;
print_r($errors);
} else {
$insert = "INSERT INTO national_parks (name, location, date_established, area_in_acres, description)\n\tVALUES (:name, :location, :date_established, :area_in_acres, :description)";
$stmt = $dbc->prepare($insert);
$stmt->bindValue(':name', $name, PDO::PARAM_STR);
$stmt->bindValue(':location', $location, PDO::PARAM_STR);
$stmt->bindValue(':date_established', $d, PDO::PARAM_STR);
$stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR);
$stmt->bindValue(':description', $description, PDO::PARAM_STR);
$stmt->execute();
}
}
function insertData($dbc)
{
$errors = [];
if (!empty($_POST)) {
try {
$name = Input::getString('name');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$location = Input::getString('location');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$date = Input::getDate('date_established');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$area = Input::getNumber('area_in_acres');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
if (Input::notEmpty('name') && Input::notEmpty('location')) {
$userData = 'INSERT INTO national_parks (name, location, date_established, area_in_acres, description)
VALUES (:name, :location, :date_established, :area_in_acres, :description)';
$userStmt = $dbc->prepare($userData);
$userStmt->bindValue(':name', $name, PDO::PARAM_STR);
$userStmt->bindValue(':location', $location, PDO::PARAM_STR);
$userStmt->bindValue(':date_established', $date, PDO::PARAM_STR);
$userStmt->bindValue(':area_in_acres', $area, PDO::PARAM_STR);
$userStmt->bindValue(':description', $description, PDO::PARAM_STR);
try {
$userStmt->execute();
} catch (Exception $e) {
$errors[] = $e->getMessage();
throw new Exception('Error: {$e->getMessage()}');
}
}
}
return $errors;
}
function insertpark($dbc)
{
$name = Input::getString('parkname', 2, 100);
$location = Input::getString('parklocation', 2, 100);
$date = Input::getDate('date', '1776-07-04', '9999-01-01');
$area = Input::getNumber('area', 0, 1000000000000);
$description = Input::getString('parkdescription', 2, 10000);
$inner = 'INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)';
$query = $dbc->prepare($inner);
$query->bindValue(':name', $name, PDO::PARAM_STR);
$query->bindValue(':location', $location, PDO::PARAM_STR);
$query->bindValue(':date_established', $date, PDO::PARAM_INT);
$query->bindValue(':area_in_acres', $area, PDO::PARAM_INT);
$query->bindValue(':description', $description, PDO::PARAM_STR);
$query->fetchAll(PDO::FETCH_ASSOC);
$query->execute();
}
function insertPark($dbc)
{
$errors = [];
try {
$username = Input::getString('username');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$password = Input::getString('password');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$email = Input::getString('email');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$first_name = Input::getNumber('first_name');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$last_name = Input::getString('last_name');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$phone = Input::getString('phone_number');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
if (!empty($errors)) {
return $errors;
}
$userInput = $dbc->prepare('INSERT INTO users (username, password, email, first_name, last_name, phone) VALUES (:username, :password, :email, :first_name, :last_name, :phone)');
$userInput->bindValue(':username', $username, PDO::PARAM_STR);
$userInput->bindValue(':password', $password, PDO::PARAM_STR);
$userInput->bindValue(':email', $email, PDO::PARAM_STR);
$userInput->bindValue(':first_name', ucfirst($first_name), PDO::PARAM_STR);
$userInput->bindValue(':last_name', ucfirst($last_name), PDO::PARAM_STR);
$userInput->bindValue(':phone', $phone, PDO::PARAM_STR);
$userInput->execute();
return $errors;
}
function insertPark($dbc)
{
$errors = [];
try {
$park = Input::has('park') ? Input::getString('park') : null;
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$location = Input::has('location') ? Input::getString('location') : null;
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$date_established = Input::has('date_established') ? Input::getDate('date_established') : null;
$date_established = $date_established->format('Y-m-d');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$area_in_acres = Input::has('area_in_acres') ? Input::getNumber('area_in_acres') : null;
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$description = Input::has('description') ? Input::getString('description') : null;
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
if (!empty($errors)) {
return $errors;
}
$query = "INSERT INTO national_parks (park, location, date_established, area_in_acres, description) VALUES (:park, :location, :date_established, :area_in_acres, :description)";
$stmt = $dbc->prepare($query);
$stmt->bindValue(':park', $park, PDO::PARAM_STR);
$stmt->bindValue(':location', $location, PDO::PARAM_STR);
$stmt->bindValue(':date_established', $date_established, PDO::PARAM_STR);
$stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR);
$stmt->bindValue(':description', $description, PDO::PARAM_STR);
$stmt->execute();
return $errors;
}
function pageController()
{
$data = array();
session_start();
if (Auth::check()) {
header("Location: index.php");
}
$username = Input::has('username') ? Input::getString('username') : '';
$password = Input::has('password') ? Input::getString('password') : '';
$errorMessage = "";
if ($username == '' && $password == '') {
} elseif (Auth::attempt($username, $password)) {
header("Location: index.php");
exit;
} else {
$errorMessage = "Login Failed. Please try again.";
}
$data['errorMessage'] = $errorMessage;
return $data;
}
function pageController($dbc)
{
$errors = array();
try {
$item_name = Input::getString('item_name');
} catch (Exception $e) {
$error = $e->getMessage();
array_push($errors, $error);
}
try {
$price = Input::getString('price');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$image = Input::getString('image');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
try {
$description = Input::getString('description');
} catch (Exception $e) {
array_push($errors, $e->getMessage());
}
if (!empty($_POST)) {
// add inputed data into datebase
if (Input::notEmpty('item_name') && Input::notEmpty('price') && Input::notEmpty('image') && Input::notEmpty('description')) {
// if no errors were thrown runs insert park
if (empty($errors)) {
insertListing($dbc, $item_name, $price, $image, $description);
}
// elseif (Input::notEmpty('deleted_item_name')) {
// $deleteListing($dbc);
// }
// else {
// echo "Please make a valid entry.";
// }
}
}
}
function pageController()
{
try {
$query = Input::getString('query');
} catch (Exception $e) {
$query = '';
}
$ads = AdModel::search($query);
$ads = array_map(function ($ad) {
$truncateAt = 15;
if (strlen($ad['description']) > $truncateAt) {
$ad['description'] = substr($ad['description'], 0, $truncateAt) . '...';
}
return $ad;
}, $ads);
$ads = array_map(function ($ad) {
$date = strtotime($ad['date_posted']);
$ad['date_posted'] = date("F d, Y", $date);
return $ad;
}, $ads);
return ['ads' => $ads];
}
}
try {
$park->date_established = Input::getDate('date_established');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$park->description = Input::getString('description');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$park->location = Input::getString('location');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
if(empty($errors)) {
$park->save();
}
unset($_POST);
}
$parks = Park::all();
?>
function insertAd($dbc, $user)
{
// Now calls on the Input class's getString and getDate methods with try catches.
// Try catch create an array of errors for passing to the user in the HTML.
$errorArray = [];
try {
$method = Input::getString('method', 1, 50);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errMethod'] = $error;
}
try {
$title = Input::getString('title', 1, 50);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errTitle'] = $error;
}
try {
$price = Input::getNumber('price', 0, 25000);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errPrice'] = $error;
}
try {
$location = Input::getString('location', 1, 50);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errLoc'] = $error;
}
try {
$description = Input::getString('description', 1, 500);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errDes'] = $error;
}
try {
$categoriesArray = Input::get('categories', 1, 50);
$categories = implode(', ', $categoriesArray);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errCats'] = $error;
}
// This portion allows for image uploads.
if (Input::has('title')) {
if ($_FILES) {
$uploads_directory = 'img/uploads/';
$filename = $uploads_directory . basename($_FILES['image_url']['name']);
if (move_uploaded_file($_FILES['image_url']['tmp_name'], $filename)) {
// echo 'The file ' . basename($_FILES['image_url']['name']) . ' has been uploaded.';
} else {
$errorArray['errImage'] = 'Sorry, there was an error uploading your file.';
}
}
}
// If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings.
if (!empty($errorArray)) {
return $errorArray;
}
$stmt = $dbc->prepare('INSERT INTO ads (user_id, method, image_url, title, price, location, description, categories) VALUES (:user_id, :method, :image_url, :title, :price, :location, :description, :categories)');
$stmt->bindValue(':user_id', $user->id, PDO::PARAM_STR);
$stmt->bindValue(':method', $method, PDO::PARAM_STR);
$stmt->bindValue(':image_url', $filename, PDO::PARAM_STR);
$stmt->bindValue(':title', $title, PDO::PARAM_STR);
$stmt->bindValue(':price', $price, PDO::PARAM_INT);
$stmt->bindValue(':location', $location, PDO::PARAM_STR);
$stmt->bindValue(':description', $description, PDO::PARAM_STR);
$stmt->bindValue(':categories', $categories, PDO::PARAM_STR);
$stmt->execute();
}
$offset = $limit * ($page - 1);
// Prepare statement for national parks
$stmt = $dbc->prepare("SELECT * FROM national_parks LIMIT :limit OFFSET :offset");
// Bind values for security
$stmt->bindValue(':limit', $limit, PDO::PARAM_INT);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->execute();
$parks = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Process POST request
if ($_POST) {
// Assign POST variables
$newParkName = Input::has('park_name') && Input::get('park_name') != '' ? Input::getString('park_name') : '';
$newParkLoc = Input::has('park_loc') && Input::get('park_loc') != '' ? Input::getString('park_loc') : '';
$newParkDate = Input::has('date_est') && Input::get('date_est') != '' ? Input::getDate('date_est') : '';
$newParkArea = Input::has('park_area') && Input::get('park_area') != '' ? Input::getNumber('park_area') : '';
$newParkDesc = Input::has('park_desc') && Input::get('park_desc') != '' ? Input::getString('park_desc') : '';
// Insert new park into DB
$insert = $dbc->prepare('INSERT INTO national_parks (park_name, park_loc, date_est, area_in_acres, about_park)
VALUES (:name, :location, :date, :area, :description)');
$insert->bindValue(':name', $newParkName, PDO::PARAM_STR);
$insert->bindValue(':location', $newParkLoc, PDO::PARAM_STR);
$insert->bindValue(':date', date_format($newParkDate, 'Y-m-d'), PDO::PARAM_STR);
$insert->bindValue(':area', $newParkArea, PDO::PARAM_STR);
$insert->bindValue(':description', $newParkDesc, PDO::PARAM_STR);
$insert->execute();
}
?>
<!DOCTYPE html>
<html>
<head>
$user->phone = $phone;
} catch (Exception $e) {
$errors['phone'] = "An error occurred: " . $e->getMessage();
}
} else {
$phone = str_replace(str_split('() -'), "", Input::getString('phone'));
var_dump($phone);
try {
$user->phone = $phone;
} catch (Exception $e) {
$errors['phone'] = "An error occurred: " . $e->getMessage();
}
}
if ($pass1 == $pass2) {
try {
$passToHash = Input::getString('password');
$user->password = password_hash($passToHash, PASSWORD_DEFAULT);
} catch (Exception $e) {
$errors['password'] = "******" . $e->getMessage();
}
} else {
$errors['password'] = "******";
}
if (empty($errors)) {
$user->save();
}
} else {
$errors['allFields'] = "Please complete ALL FIELDS!";
}
}
//this is for existing user login
$newPost->bindValue(':title', Input::getString('title'), PDO::PARAM_STR);
$newPost->bindValue(':description', Input::getString('description'), PDO::PARAM_STR);
$newPost->bindValue(':image_url', $filename, PDO::PARAM_STR);
$newPost->bindValue(':price', Input::getNumber('price'), PDO::PARAM_STR);
$newPost->bindValue(':category', Input::getString('category'), PDO::PARAM_STR);
$newPost->bindValue(':posting_user', $_SESSION['LOGGED_IN_USER'], PDO::PARAM_STR);
$newPost->execute();
sleep(3);
header('Location: index.php');
exit;
} else {
$newPost = $dbc->prepare("INSERT INTO ads(title, description, price, category, posting_user) \n VALUES(:title, :description, :price, :category, :posting_user)");
$newPost->bindValue(':title', Input::getString('title'), PDO::PARAM_STR);
$newPost->bindValue(':description', Input::getString('description'), PDO::PARAM_STR);
$newPost->bindValue(':price', Input::getNumber('price'), PDO::PARAM_STR);
$newPost->bindValue(':category', Input::getString('category'), PDO::PARAM_STR);
$newPost->bindValue(':posting_user', $_SESSION['LOGGED_IN_USER'], PDO::PARAM_STR);
$newPost->execute();
sleep(3);
header('Location: index.php');
exit;
}
}
$category = array('Accounting and Finance', 'Admin and Office', 'Appliances', 'Art/Media/Design', 'Arts and Crafts', 'Auto Parts', 'Automotive', 'Baby and kid', 'Biotech and Science', 'Books', 'Business/Mgmt', 'Cars and Trucks', 'Computer and Technology', 'Computers and Electronics', 'Customer Service', 'Education', 'Event', 'Furniture', 'Human Resources', 'Internet Engineers', 'Legal', 'Legal/Peralegal', 'Lessons', 'Medical/Health', 'Music', 'Pet', 'Real Estate', 'Realator', 'Salon/Spa/Fitness', 'Security', 'Software/QA/DBA', 'Sports and Outdoors', 'Technical Support', 'Tools', 'Transport', 'Video Gaming', 'Writing/Editing');
?>
<html>
<head>
<title>Add Post</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
require_once 'db_connect.php';
require_once 'Input.php';
if (isset($_GET['page'])) {
$page = $_GET['page'];
if ($page < 1) {
$page = 1;
}
} else {
$page = 1;
}
$limit = 4;
$offset = ($page - 1) * 4;
//prepare statements for user submissions
//A NOTE FROM THURSDAY: right now, the specific getDate/String/Number methods from Input class are only being applied at the user submission level. to update this, (remove these?? maybe not) add these to your PDO, or whatever it is called)
//note FROM THURSDAY CATCH LESSON: Push your errors onto an $errors[] array.
if (Input::has('nameSubmit') && Input::getString('nameSubmit') != "" && Input::has('acreageSubmit') && Input::getNumber('acreageSubmit') != "" && Input::getString('stateSubmit') && Input::has('stateSubmit') != "" && Input::getDate('date_estSubmit') && Input::has('date_estSubmit') != "" && Input::getString('descriptionSubmit') && Input::has('descriptionSubmit') != "") {
echo "THANK YOU FOR YOUR INPUT." . PHP_EOL;
$nameSubmit = $_POST['nameSubmit'];
$stateSubmit = $_POST['stateSubmit'];
$date_estSubmit = $_POST['date_estSubmit'];
$acreageSubmit = $_POST['acreageSubmit'];
$descriptionSubmit = $_POST['descriptionSubmit'];
$stmt = $connection->prepare("INSERT INTO national_parks (name, location, date_est, acreage, description) VALUES (:nameSubmit, :stateSubmit, :date_estSubmit, :acreageSubmit, :descriptionSubmit)");
$stmt->bindValue(':nameSubmit', $nameSubmit, PDO::PARAM_STR);
$stmt->bindValue(':stateSubmit', $stateSubmit, PDO::PARAM_STR);
$stmt->bindValue(':date_estSubmit', $date_estSubmit, PDO::PARAM_STR);
$stmt->bindValue(':acreageSubmit', $acreageSubmit, PDO::PARAM_STR);
$stmt->bindValue(':descriptionSubmit', $descriptionSubmit, PDO::PARAM_STR);
$stmt->execute();
}
//to convert a query statement to a prepare statement, change query to prepare and change $variable to :variable
$title = Input::getString('title', 0, 100);
} catch (Exception $e) {
$errors['title'] = $e->getMessage();
}
try {
$price = Input::getNumber('price', 0, 15);
} catch (Exception $e) {
$errors['price'] = $e->getMessage();
}
try {
$zip = Input::getNumber('zip', 5, 5);
} catch (Exception $e) {
$errors['zip'] = $e->getMessage();
}
try {
$description = Input::getString('description', 0, 500);
} catch (Exception $e) {
$errors['description'] = $e->getMessage();
}
/*
* Further verification
*/
if (!Input::has('call_poster') && !Input::has('text_poster') && !Input::has('email_poster')) {
$errors['contact_poster'] = "You did not select a form of contact";
}
try {
if (!isset($errors['zip'])) {
$query = "\n\t\t\t\tSELECT `locId` \n\t\t\t\tFROM `location`\n\t\t\t\tWHERE `postalCode` = :postalCode\n\t\t\t\tLIMIT 1\n\t\t\t";
$stmtZip = $dbc->prepare($query);
$stmtZip->bindValue(':postalCode', $zip, PDO::PARAM_INT);
$stmtZip->execute();
function insertParks($dbc)
{
// Now calls on the Input class's getString and getDate methods with try catches.
// Try catch create an array of errors for passing to the user in the HTML.
$errorArray = [];
try {
$name = Input::getString('name', 0, 50);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errName'] = $error;
}
try {
$location = Input::getString('location', 0, 50);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errLoc'] = $error;
}
try {
$date_established = Input::getDate('date_established', '1776-07-04', 'next month');
$date_established = $date_established->format('Y-m-d');
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errDate'] = $error;
}
try {
$area_in_acres = Input::getNumber('area_in_acres', 0, 375000000);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errArea'] = $error;
}
try {
$description = Input::getString('description', 0, 500);
} catch (Exception $e) {
$error = $e->getMessage();
$errorArray['errDes'] = $error;
}
// If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings.
if (!empty($errorArray)) {
return $errorArray;
}
$stmt = $dbc->prepare('INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)');
$stmt->bindValue(':name', $name, PDO::PARAM_STR);
$stmt->bindValue(':location', $location, PDO::PARAM_STR);
$stmt->bindValue(':date_established', $date_established, PDO::PARAM_STR);
$stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR);
$stmt->bindValue(':description', $description, PDO::PARAM_STR);
$stmt->execute();
}
$errors[] = "Item - " . $e->getMessage();
} catch (InvalidArgumentException $e) {
$errors[] = "Item - " . $e->getMessage();
}
try {
// Create a person
$price = Input::getNumber('price');
} catch (OutOfRangeException $e) {
// Report any errors
$errors[] = "Price - " . $e->getMessage();
} catch (InvalidArgumentException $e) {
$errors[] = "Price - " . $e->getMessage();
}
try {
// Create a person
$description = Input::getString('description');
} catch (LengthException $e) {
// Report any errors
$errors[] = "Description - " . $e->getMessage();
} catch (InvalidArgumentException $e) {
$errors[] = "Description - " . $e->getMessage();
}
if ($_FILES) {
$uploads_directory = 'img/uploads/';
$filename = $uploads_directory . basename($_FILES['somefile']['name']);
if (move_uploaded_file($_FILES['somefile']['tmp_name'], $filename)) {
echo '<p>The file ' . basename($_FILES['somefile']['name']) . ' has been uploaded.</p>';
} else {
echo "Sorry, there was an error uploading your file.";
}
}
$pageID = $_GET['page'];
}
if ($_GET['page'] > $numPages) {
header("Location: ?page={$numPages}");
exit;
}
$query = "SELECT * FROM bat_user LIMIT :limit OFFSET :offset";
$stmt = $dbc->prepare($query);
//bind
$stmt->bindValue(':limit', $limit, PDO::PARAM_INT);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->execute();
$items = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (Input::has('user_name') && Input::has('password') && Input::has('email')) {
$user_name = Input::getString('user_name');
$password = Input::getString('password');
$email = Input::get('email');
$formatDate = date("Y-m-d", strtotime($email));
$insertQuery = "INSERT INTO bat_user (user_name, password, email)\n VALUES (:user_name, :password, :email)";
$stmt = $dbc->prepare($insertQuery);
$stmt->bindValue(':user_name', $user_name, PDO::PARAM_STR);
$stmt->bindValue(':password', $password, PDO::PARAM_STR);
$stmt->bindValue(':email', $formatDate, PDO::PARAM_STR);
$stmt->execute();
} else {
$errorMessage = "Please fill out all fields to add a park.";
$exceptionError = "input user_name";
}
?>
<!DOCTYPE html>
<html>
$ad->origin = Input::getNumber('origin', 1, 25);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$ad->vintage = Input::getNumber('vintage', 1, 25);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$ad->price = Input::getString('price', 1, 1000);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
try {
$ad->description = Input::getString('description', 1, 1000);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
$ad->post_date = date('Y-m-d h:i');
$ad->save();
/*model then handles the save on object*/
}
var_dump($_REQUEST);
?>
<html>
<head>
<title>Edit an Existing Wineseller Ad</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
$parklocation = Input::getString('location');
} catch (Exception $e) {
array_push($errorMessages, $e->getMessage());
}
try {
$parkdate = Input::getDate('date_established');
} catch (Exception $e) {
array_push($errorMessages, $e->getMessage());
}
try {
$parksize = Input::getNumber('area_in_acres');
} catch (Exception $e) {
array_push($errorMessages, $e->getMessage());
}
try {
$parkdescr = Input::getString('description');
} catch (Exception $e) {
array_push($errorMessages, $e->getMessage());
}
if (empty($errorMessages)) {
$checkrow = 'SELECT id FROM national_parks WHERE name = :name';
$stmt = $dbc->prepare($checkrow);
$stmt->bindValue(':name', $parkname, PDO::PARAM_STR);
$stmt->execute();
$checkedID = $stmt->fetchColumn();
if ($checkedID == null) {
$insert = "INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)";
$stmt = $dbc->prepare($insert);
$stmt->bindValue(':name', $parkname, PDO::PARAM_STR);
$stmt->bindValue(':location', $parklocation, PDO::PARAM_STR);
$stmt->bindValue(':date_established', $parkdate->format('Y-m-d'), PDO::PARAM_STR);
