public function add() { // Sanitize POST $post = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING); if ($post['submit']) { if ($post['title'] == '' || $post['body'] == '' || $post['link'] == '') { Messages::setMsg('Please Fill in All Fields', 'error'); return; } // Insert into MySQL Database $this->query('INSERT INTO Shares (title, body, link, user_id) VALUES(:title, :body, :link, :user_id)'); $this->bind(':title', $post['title']); $this->bind(':body', $post['body']); $this->bind(':link', $post['link']); $this->bind(':user_id', $_SESSION['user_data']['id']); $this->execute(); // Verify Query if ($this->lastInsertId()) { // Redirect header('Location: ' . ROOT_URL . 'shares'); } } return; }
public function login() { // Sanitize POST $post = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING); $password = md5($post['password']); if ($post['submit']) { // Check Login $this->query('SELECT * FROM Users where email = :email AND password = :password'); $this->bind(':email', $post['email']); $this->bind(':password', $password); $row = $this->single(); if ($row) { $_SESSION['is_logged_in'] = true; $_SESSION['user_data'] = array('id' => $row['id'], 'name' => $row['name'], 'email' => $row['email']); header('Location: ' . ROOT_URL . 'shares'); } else { Messages::setMsg('Incorrect Login', 'error'); } } return; }