public function postTweetComment()
{
checkUnauthorizedAccess();
$id = getIdFromURL();
checkIntValueOfId($id);
if (post('comment')) {
$tweetid = $id;
$username = $_SESSION['username'];
$userid = UserRepository::getIdByUsername($username);
$content = htmlentities(trim(post('comment')));
$comment = new TweetComment();
$comment->setTweetid($tweetid);
$comment->setUserid($userid);
$comment->setContent($content);
try {
TweetCommentRepository::postComment($comment);
echo json_encode(['comment' => parseText($comment->getContent()), 'user' => $username]);
} catch (\PDOException $e) {
$e->getMessage();
}
}
}
public static function postComment(TweetComment $comment)
{
$db = Database::getInstance();
$query = $db->prepare('INSERT INTO tweetcomments (tweetid,userid,content) VALUES (?, ?, ?)');
$query->execute([$comment->getTweetid(), $comment->getUserid(), $comment->getContent()]);
}