$year = htmlspecialchars(trim($_POST['newYear'])); $runtime = htmlspecialchars(trim($_POST['newRuntime'])); $boxOffice = htmlspecialchars(trim($_POST['newBoxOffice'])); $boxOffice = number_format($boxOffice); //add commas to turn into a string with number format session_start(); if (!isset($_SESSION['user'])) { session_start(); $_SESSION['notLoggedInError'] = 'Only logged-in users can add new movies.'; header("Location: addNewMovie.php"); } elseif ($modelMethods->titleExists($title)) { session_start(); $_SESSION['addNewMovieError'] = 'The movie already exists in our database'; header("Location: addNewMovie.php"); } else { $modelMethods->addNewMovie($title, $imageFileName, $director, $mpaa, $year, $runtime, $boxOffice); session_start(); $_SESSION["title"] = $title; header("Location: review.php"); } } elseif (isset($_POST['reviewTitle'])) { $title = htmlspecialchars(trim($_POST['reviewTitle'])); $review = htmlspecialchars(trim($_POST['reviewReview'])); $rating = htmlspecialchars(trim($_POST['rating'])); session_start(); if (!isset($_SESSION['user'])) { session_start(); $_SESSION['notLoggedInError'] = 'Only logged-in users can add reviews.'; header("Location: addReview.php"); } else { $modelMethods->addReview($title, $_SESSION["user"], $review, $rating);