</form> <hr/> </div> <?php try { if (isset($_POST['submit_comment'])) { $date_time = gmdate('Y-m-d H:i:s'); if (isset($_SESSION['user_id'])) { //$user_id = $_SESSION['user_id']; if (!empty($_POST['comment'])) { $comment = $_POST['comment']; $query = "INSERT INTO whwp_Comment ( comment_advert, comment_author, comment_contents) " . "VALUES (:advert_id, :user_id, :comment)"; $conn->prepQuery($query); $conn->bindArrayValue(array('advert_id' => $advert_id, 'user_id' => $user_id, 'comment' => $comment)); //$prepared_statement3 -> bindValue(':date_time', $date_time); $conn->execute(); echo "Your comment was posted!"; header("refresh:3;url='showAdvert.php?advert_id={$advert_id}'"); } else { echo "Your comment cannot be empty!"; } } else { echo "Only those who have logged in can post comments!<br/>"; echo "<a href='login.php'>Click here to enter login page.</a>"; } } echo "<hr/><br/>"; $query = "SELECT ac.*, whwp_User.user_firstname FROM whwp_User, whwp_Comment AS ac WHERE ac.comment_advert = :advert_id " . "AND whwp_User.user_id = ac.comment_author"; $conn->prepQuery($query); $conn->bind('advert_id', $advert_id); $comment = $conn->resultset();
// { // echo "<a href='register.php'>Sign Up</a> "; // echo "<a href='login.php'>Log In</a>"; // } // if (isset($_REQUEST['username']) && isset($_REQUEST['password']) && isset($_REQUEST['email'])) { try { $database = new DBCommunication(); $username = $_REQUEST['username']; $password = $_REQUEST['password']; $email = $_REQUEST['email']; // Check if such username does not exist. $query = "SELECT * FROM whwp_User WHERE user_firstname = :username"; $database->prepQuery($query); $database->bind('username', $username); $database->execute(); if ($database->rowCount() > 0) { echo "Email already in use."; } else { $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Insert these values into a database. $query = "INSERT INTO whwp_User (user_firstname, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)"; $database->prepQuery($query); $database->bindArrayValue(array('username' => $username, 'hashed_password' => $hashed_password, 'email' => $email)); $database->execute(); if ($database->rowCount() > 0) { echo "Congratulations! You have registered on our website!"; } } } catch (PDOException $e) { echo "Something went wrong...";