function updateData($dbc) { $errors = []; if (!empty($_POST)) { try { $userName = Input::getString('username'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $password = Input::getString('pwd'); $password = password_hash($password, PASSWORD_DEFAULT); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $firstName = Input::getString('firstname'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $lastName = Input::getString('lastname'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $email = Input::getString('email'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $zipCode = Input::getNumber('zipcode'); } catch (Exception $e) { $errors[] = $e->getMessage(); } if (Input::notEmpty('username') && Input::notEmpty('pwd') && Input::notEmpty('firstname') && Input::notEmpty('lastname') && Input::notEmpty('email') && Input::notEmpty('zipcode')) { // create new instance of user class $user = new User(); $user->first_name = $firstName; $user->last_name = $lastName; $user->user_name = $userName; $user->email = $email; $user->zipcode = $zipCode; $user->save(); $_SESSION['logInMessage'] = "Your profile has been updated.!!!"; header("Location:index.php"); die; } } return $errors; }
function pageController() { session_start(); if (!Auth::check()) { header('Location: /auth/login'); exit; } $username = Auth::user(); $user = User::findUserByUsername($username); $adid = Input::get('id'); $ad = Ad::find($adid); $item_name = $ad->attributes['item_name']; $price = $ad->attributes['price']; $description = $ad->attributes['description']; $image_path = $ad->attributes['image_path']; $contact = $ad->attributes['contact']; $errors = array(); if (!empty($_POST)) { if (Input::notEmpty('item_name')) { $item_name = ValidateAd::getItemName(); } if (Input::notEmpty('price')) { $price = ValidateAd::getPrice(); } if (Input::notEmpty('description')) { $description = ValidateAd::getDescription(); } if (Input::notEmpty('contact')) { $contact = ValidateAd::getContact(); } $errors = ValidateAd::getErrors(); if (empty($errors)) { $ad->attributes['item_name'] = $item_name; $ad->attributes['price'] = $price; $ad->attributes['description'] = $description; $ad->attributes['contact'] = $contact; $ad->attributes['image_path'] = $image_path; $ad->save(); } if (!Input::notEmpty('delete-id')) { //if the form has been submitted Ad::delete($ad->attributes['id']); header("Location: /ads"); die; //delete the specific ad - going to need to somehow tie in the ad id to the delete buttn for that specific id } } return array('ad' => $ad, 'username' => $username, 'item_name' => $item_name, 'price' => $price, 'description' => $description, 'image_path' => $image_path, 'contact' => $contact); }
function insertData($dbc) { $errors = []; if (!empty($_POST)) { try { $name = Input::getString('name'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $location = Input::getString('location'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $date = Input::getDate('date_established'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $area = Input::getNumber('area_in_acres'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $description = Input::getString('description'); } catch (Exception $e) { $errors[] = $e->getMessage(); } if (Input::notEmpty('name') && Input::notEmpty('location')) { $userData = 'INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)'; $userStmt = $dbc->prepare($userData); $userStmt->bindValue(':name', $name, PDO::PARAM_STR); $userStmt->bindValue(':location', $location, PDO::PARAM_STR); $userStmt->bindValue(':date_established', $date, PDO::PARAM_STR); $userStmt->bindValue(':area_in_acres', $area, PDO::PARAM_STR); $userStmt->bindValue(':description', $description, PDO::PARAM_STR); try { $userStmt->execute(); } catch (Exception $e) { $errors[] = $e->getMessage(); throw new Exception('Error: {$e->getMessage()}'); } } } return $errors; }
function pageController() { session_start(); $errors = array(); if (!empty($_POST)) { // this block checks to see if an error is going to be thrown $username = ValidateUser::getUsername(); $email = ValidateUser::getEmail(); $password = ValidateUser::getPassword(); $passwordmatch = ValidateUser::getPasswordMatch(); //makes sure that passwords match if (isset($password) && isset($passwordmatch)) { ValidateUser::getCheckMatch($password, $passwordmatch); } $errors = ValidateUser::getErrors(); // add inputed data into database if (Input::notEmpty('username') && Input::notEmpty('password') && Input::notEmpty('passwordmatch') && Input::notEmpty('email')) { ////does not save any user info yet if (empty($errors)) { // using models to save information $user = new User(); $user->username = $username; $user->email = $email; $user->password = $password; try { $user->save(); $log = new Log(); // if someone attempts to create a profile using a username and hypothetically the same password they cant get to the existing users profile if (Auth::attempt($username, $password)) { $log->info('User {$username} logged in.'); header('Location: /users'); exit; } else { $log->error('User {$username} failed to log in!'); $message = 'Please input the proper username and password.'; } } catch (Exception $e) { $error = $e->getMessage(); array_push($errors, $error); } if (empty($errors)) { $errors = array(); } } } } return array('errors' => $errors); }
function pageController($dbc) { $errors = array(); try { $item_name = Input::getString('item_name'); } catch (Exception $e) { $error = $e->getMessage(); array_push($errors, $error); } try { $price = Input::getString('price'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $image = Input::getString('image'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } try { $description = Input::getString('description'); } catch (Exception $e) { array_push($errors, $e->getMessage()); } if (!empty($_POST)) { // add inputed data into datebase if (Input::notEmpty('item_name') && Input::notEmpty('price') && Input::notEmpty('image') && Input::notEmpty('description')) { // if no errors were thrown runs insert park if (empty($errors)) { insertListing($dbc, $item_name, $price, $image, $description); } // elseif (Input::notEmpty('deleted_item_name')) { // $deleteListing($dbc); // } // else { // echo "Please make a valid entry."; // } } } }
function pageController() { session_start(); if (!Auth::check()) { header('Location: /auth/login'); exit; } $username = Auth::user(); $user = User::findUserByUsername($username); $email = $user->attributes['email']; $password = $user->attributes['password']; $errors = array(); if (!empty($_POST)) { if (Input::notEmpty('email')) { $email = ValidateUser::getEmail(); } if (Input::notEmpty('password')) { $password = ValidateUser::getPassword(); } if (Input::notEmpty('passwordmatch')) { $passwordmatch = ValidateUser::getPasswordMatch(); } if (Input::notEmpty('passwordmatch') && Input::notEmpty('password')) { ValidateUser::getCheckMatch($password, $passwordmatch); } $errors = ValidateUser::getErrors(); if (empty($errors)) { $user->attributes['username'] = $username; $user->attributes['email'] = $email; $user->attributes['password'] = $password; $user->save(); header('Location: /users'); exit; } } return array('username' => $username, 'email' => $email, 'password' => $password); }
function pageController() { require_once '../db/db_connect.php'; // Gets the current session and session id for logged in users. session_start(); $sessionId = session_id(); if (!isset($_SESSION['Loggedinuser'])) { header('location: auth.login.php'); die; } $loginstatus = $_SESSION['Loggedinuser'] . " is logged in!"; // This portion of code gets all the ads' categories in one array. // The categories, which are strings (sometimes with multiple categories in it), // are then put into the array by themselves. The array is imploded into a string and then exploded into an // array again. This allows us to split the strings with multiple categories in them. // The php array_unique removes duplicate category values and sort orders them by first letter. $arrayCategories = Ad::showJustCategories(); $justCategories = []; foreach ($arrayCategories as $key => $value) { array_push($justCategories, $value['categories']); } $justCategoriesString = implode(', ', $justCategories); $justCategoriesArray = explode(', ', $justCategoriesString); $justCategoriesArrayUnique = array_unique($justCategoriesArray); sort($justCategoriesArrayUnique); // Through $_SESSION, gets the logged in user. $username = Auth::user(); // Returns an object of the user's data. $user = User::finduserbyusername($username); // Uses the 'Create an Ad' form to insert the new values to the table and database. function insertAd($dbc, $user) { // Now calls on the Input class's getString and getDate methods with try catches. // Try catch create an array of errors for passing to the user in the HTML. $errorArray = []; try { $method = Input::getString('method', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errMethod'] = $error; } try { $title = Input::getString('title', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errTitle'] = $error; } try { $price = Input::getNumber('price', 0, 25000); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errPrice'] = $error; } try { $location = Input::getString('location', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errLoc'] = $error; } try { $description = Input::getString('description', 1, 500); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDes'] = $error; } try { $categoriesArray = Input::get('categories', 1, 50); $categories = implode(', ', $categoriesArray); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errCats'] = $error; } // This portion allows for image uploads. if (Input::has('title')) { if ($_FILES) { $uploads_directory = 'img/uploads/'; $filename = $uploads_directory . basename($_FILES['image_url']['name']); if (move_uploaded_file($_FILES['image_url']['tmp_name'], $filename)) { // echo 'The file ' . basename($_FILES['image_url']['name']) . ' has been uploaded.'; } else { $errorArray['errImage'] = 'Sorry, there was an error uploading your file.'; } } } // If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings. if (!empty($errorArray)) { return $errorArray; } $stmt = $dbc->prepare('INSERT INTO ads (user_id, method, image_url, title, price, location, description, categories) VALUES (:user_id, :method, :image_url, :title, :price, :location, :description, :categories)'); $stmt->bindValue(':user_id', $user->id, PDO::PARAM_STR); $stmt->bindValue(':method', $method, PDO::PARAM_STR); $stmt->bindValue(':image_url', $filename, PDO::PARAM_STR); $stmt->bindValue(':title', $title, PDO::PARAM_STR); $stmt->bindValue(':price', $price, PDO::PARAM_INT); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->bindValue(':categories', $categories, PDO::PARAM_STR); $stmt->execute(); } // Sets each variable for future use in the following 'if else' logic tree. $errorArray = ['']; $formMethod = ''; $formTitle = ''; $formPrice = ''; $formLoc = ''; $formDes = ''; $formCat = ['']; $yellow = false; // If none of these are set in the $_POST, then nothing happens. This is the outer most if. // If these are empty, then the else on line 143 is tripped. Inner if/else on lines 130 and 143. // If these have values, updateAd runs. Line 131. // If no errors are tripped then if on line 132 trips and the ad is edited. // If errors are tripped, then else on line 134 trips and the errors are displayed and the form is sticky. if (!empty($_POST)) { if (Input::notEmpty('method') && Input::notEmpty('title') && Input::notEmpty('price') && Input::notEmpty('location') && Input::notEmpty('description') && Input::notEmpty('categories')) { $errorArray = insertAd($dbc, $user); if ($errorArray == []) { $errorArray = ['Ad Submitted!']; } else { $formMethod = Input::get('method'); $formTitle = Input::get('title'); $formPrice = Input::get('price'); $formLoc = Input::get('location'); $formDes = Input::get('description'); $formCat = Input::get('categories'); } } else { $errorArray = ['Please submit values for each data field.']; $yellow = true; $formMethod = Input::get('method'); $formTitle = Input::get('title'); $formPrice = Input::get('price'); $formLoc = Input::get('location'); $formDes = Input::get('description'); $formCat = Input::has('categories') ? Input::get('categories') : ['']; } } return array('user' => $user, 'errorArray' => $errorArray, 'yellow' => $yellow, 'formMethod' => $formMethod, 'formTitle' => $formTitle, 'formPrice' => $formPrice, 'formLoc' => $formLoc, 'formDes' => $formDes, 'formCat' => $formCat, 'justCategoriesArrayUnique' => $justCategoriesArrayUnique, 'loginstatus' => $loginstatus); }
function checkValues() { return Input::notEmpty('park') && Input::notEmpty('location') && Input::notEmpty('date_established') && Input::notEmpty('area_in_acres') && Input::notEmpty('description'); }
function checkValues() { return Input::notEmpty('username') && Input::notEmpty('password') && Input::notEmpty('email') && Input::notEmpty('first_name') && Input::notEmpty('last_name') && Input::notEmpty('phone_number'); }
$delete_park = Input::getNumber('delete_park'); } catch (Exception $e) { $error = $e->getMessage(); array_push($errorsArray, $error); } $query = "DELETE FROM national_parks WHERE id = :delete_park"; $query = $dbc->prepare($query); $query->bindValue(':delete_park', $delete_park, PDO::PARAM_INT); $query->execute(); return $errorsArray; } var_dump($_POST); if (Input::notEmpty('name') && Input::notEmpty('location') && Input::notEmpty('date_established') && Input::notEmpty('area') && Input::notEmpty('visitors') && Input::notEmpty('description')) { var_dump($errorsArray); $errorsArray = insertPark($dbc, $parks); } elseif (Input::notEmpty('delete_park')) { $errorsArray = deletePark($dbc); } var_dump($errorsArray); var_dump($parks); ?> <script type="text/javascript"> $(document).ready(function() { "use strict"; $(".deletePark").click(function(a) { var parkName = $(this).data('name'); var parkId = $(this).data('id'); if(confirm("Are you sure you want to delete "+parkName+"?")){
function pageController() { // Login information for db_connect.php. require '../park_login.php'; // How we call to connect to the db via an outside file. require '../db_connect.php'; // Calling file of functions for Input aka $_GET. require '../Input.php'; // "&& is_numeric" prevents letter inputs into browser query string. // "round(abs())" prevents decimals and negative numbers as input to browser query string. $page = Input::has('page') && is_numeric(Input::get('page')) ? round(abs(Input::get('page'))) : 1; // Prevents page numbers less than 1. 0 causes problems by making a negative $offset. if ($page < 1) { $page = 1; } // Prevents changes to browser query string for limit value. 'newlimit' is tied to the Change Rows button. $limit = Input::has('newlimit') && is_numeric(Input::get('newlimit')) ? abs(intval(Input::get('newlimit'))) : 3; $offset = $page * $limit - $limit; // Gets the total number of rows of data. function getNumRows($dbc) { $stmt = $dbc->prepare('SELECT * FROM national_parks'); $stmt->execute(); $rowTotal = $stmt->rowCount(); return $rowTotal; } $rowTotal = getNumRows($dbc); // Dividing $rowTotal by $limit gives us the number of pages to hold the data. $numOfPages = ceil($rowTotal / $limit); // Prevents page numbers more than the total number of pages. if ($page > $numOfPages) { $page = $numOfPages; $offset = $page * $limit - $limit; } // Uses variables of $limit and $offset to run the SELECT query in a scalable way. function getAllParks($dbc, $limit, $offset) { $stmt = $dbc->prepare('SELECT * FROM national_parks ORDER BY name LIMIT :limit OFFSET :offset'); $stmt->bindValue(':limit', $limit, PDO::PARAM_INT); $stmt->bindValue(':offset', $offset, PDO::PARAM_INT); $stmt->execute(); $parksArray = $stmt->fetchAll(PDO::FETCH_ASSOC); return $parksArray; } function getAllAllParks($dbc) { $stmt = $dbc->prepare('SELECT * FROM national_parks ORDER BY name'); $stmt->execute(); $parksAllArray = $stmt->fetchAll(PDO::FETCH_ASSOC); return $parksAllArray; } $parksArray = getAllParks($dbc, $limit, $offset); $parksAllArray = getAllAllParks($dbc); // Uses the 'Submit A National Park' form to insert new values to the table and database. function insertParks($dbc) { // Now calls on the Input class's getString and getDate methods with try catches. // Try catch create an array of errors for passing to the user in the HTML. $errorArray = []; try { $name = Input::getString('name', 0, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errName'] = $error; } try { $location = Input::getString('location', 0, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errLoc'] = $error; } try { $date_established = Input::getDate('date_established', '1776-07-04', 'next month'); $date_established = $date_established->format('Y-m-d'); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDate'] = $error; } try { $area_in_acres = Input::getNumber('area_in_acres', 0, 375000000); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errArea'] = $error; } try { $description = Input::getString('description', 0, 500); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDes'] = $error; } // If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings. if (!empty($errorArray)) { return $errorArray; } $stmt = $dbc->prepare('INSERT INTO national_parks (name, location, date_established, area_in_acres, description) VALUES (:name, :location, :date_established, :area_in_acres, :description)'); $stmt->bindValue(':name', $name, PDO::PARAM_STR); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':date_established', $date_established, PDO::PARAM_STR); $stmt->bindValue(':area_in_acres', $area_in_acres, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->execute(); } // Uses the 'Delete A Park' form to delete a row of data from the table and database. function deletePark($dbc) { $park_to_delete = Input::get('park_to_delete'); $stmt = $dbc->prepare('DELETE FROM national_parks WHERE id = :park_to_delete'); $stmt->bindValue(':park_to_delete', $park_to_delete, PDO::PARAM_INT); $stmt->execute(); } // Logic that checks for $_POST values and empty string before running the functions to insert or delete. // Additionally, saves a different $noteToUser variable and $errorArray to show the user in the HTML. $noteToUser = ''; $errorArray = ['']; $formName = ''; $formLoc = ''; $formDate = ''; $formArea = ''; $formDes = ''; if (!empty($_POST)) { if (Input::notEmpty('name') && Input::notEmpty('location') && Input::notEmpty('date_established') && Input::notEmpty('area_in_acres') && Input::notEmpty('description')) { // If insertsParks() throws exceptions, it returns an array of strings. If no exceptions thrown, null. $errorArray = insertParks($dbc); $parksArray = getAllParks($dbc, $limit, $offset); $parksAllArray = getAllAllParks($dbc); $rowTotal = getNumRows($dbc); // This if checks the $errorArray, if empty insertParks() did not throw exception and it worked. if ($errorArray == []) { $noteToUser = '******'; $errorArray = ['']; } else { $formName = Input::get('name'); $formLoc = Input::get('location'); $formDate = Input::get('date_established'); $formArea = Input::get('area_in_acres'); $formDes = Input::get('description'); } } elseif (Input::notEmpty('park_to_delete')) { deletePark($dbc); $parksArray = getAllParks($dbc, $limit, $offset); $parksAllArray = getAllAllParks($dbc); $rowTotal = getNumRows($dbc); $noteToUser = '******'; } else { $noteToUser = '******'; } } return array('parksArray' => $parksArray, 'parksAllArray' => $parksAllArray, 'page' => $page, 'limit' => $limit, 'offset' => $offset, 'rowTotal' => $rowTotal, 'numOfPages' => $numOfPages, 'noteToUser' => $noteToUser, 'errorArray' => $errorArray, 'formName' => $formName, 'formLoc' => $formLoc, 'formDate' => $formDate, 'formArea' => $formArea, 'formDes' => $formDes); }
function pageController() { session_start(); if (!Auth::check()) { header('Location: /auth/login'); exit; } $username = Auth::user(); $user = User::findUserByUsername($username); $errors = array(); if (!empty($_POST)) { $item_name = ValidateAd::getItemName(); $price = ValidateAd::getPrice(); $description = ValidateAd::getDescription(); $contact = ValidateAd::getContact(); $errors = ValidateAd::getErrors(); $finfo = new finfo(FILEINFO_MIME_TYPE); try { $ext = array_search($finfo->file($_FILES['image']['tmp_name']), array('jpg' => 'image/jpeg', 'png' => 'image/png', 'gif' => 'image/gif'), true); if (false === $ext) { throw new RuntimeException('Invalid file format.'); } } catch (RunTimeException $e) { $error = $e->getMessage(); array_push($errors, $error); } $target = "public/upload_images"; if (Input::notEmpty('item_name') && Input::notEmpty('price') && Input::notEmpty('description') && Input::notEmpty('contact')) { if (empty($errors)) { if (array_key_exists('image', $_FILES)) { if ($_FILES["image"]["error"] == UPLOAD_ERR_OK) { $tmp_name = $_FILES["image"]["tmp_name"]; $name = $_FILES["image"]["name"]; try { if ($name != "jpg" && $name != "png" && $name != "jpeg" && $name != "gif") { throw new RuntimeException('Invalid file format.'); } } catch (RunTimeException $e) { $error = $e->getMessage(); array_push($errors, $error); } move_uploaded_file($tmp_name, "{$target}/{$name}"); } } else { } $ad = new Ad(); $ad->item_name = $item_name; $ad->price = $price; $ad->description = $description; $ad->contact = $contact; $ad->user_id = $user->attributes['id']; $ad->image_path = "{$target}/{$name}"; $ad->save(); // redirect from add to the users profile so they can see what they added header('Location: /users'); exit; } } } return array('username' => $username, 'errors' => $errors); }
function pageController() { require_once '../db/db_connect.php'; // Gets the current session and session id for logged in users. session_start(); $sessionId = session_id(); if (!isset($_SESSION['Loggedinuser'])) { header('location: auth.login.php'); die; } $loginstatus = $_SESSION['Loggedinuser'] . " is logged in!"; // This portion of code gets all the ads' categories in one array. // The categories, which are strings (sometimes with multiple categories in it), // are then put into the array by themselves. The array is imploded into a string and then exploded into an // array again. This allows us to split the strings with multiple categories in them. // The php array_unique removes duplicate category values and sort orders them by first letter. $arrayCategories = Ad::showJustCategories(); $justCategories = []; foreach ($arrayCategories as $key => $value) { array_push($justCategories, $value['categories']); } $justCategoriesString = implode(', ', $justCategories); $justCategoriesArray = explode(', ', $justCategoriesString); $justCategoriesArrayUnique = array_unique($justCategoriesArray); sort($justCategoriesArrayUnique); // Through $_SESSION, gets the logged in user. $username = Auth::user(); // Returns an object of the user's data. $user = User::finduserbyusername($username); // Using the user's id (a foreign key in the ads table), finds all ads by that user. $userAds = Ad::findAllAdsByUserId($user->id); // The first form "Select an Ad" sets 'ad_to_edit' in $_POST, which is the variable $adToEdit. $adToEdit = Input::has('ad_to_edit') ? (int) Input::get('ad_to_edit') : NULL; // Using $adToEdit, this returns an object of data about that ad. $adToEditObj = Ad::find($adToEdit); // Uses the second form of an edited ad to insert the new values into the table and database. function updateAd($dbc, $user) { // Now calls on the Input class's getString and getNumber methods with try catches. // Try catch create an array of errors for passing to the user in the HTML. $errorArray = []; try { $method = Input::getString('method', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errMethod'] = $error; } try { $title = Input::getString('title', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errTitle'] = $error; } try { $price = Input::getNumber('price', 0, 25000); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errPrice'] = $error; } try { $location = Input::getString('location', 1, 50); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errLoc'] = $error; } try { $description = Input::getString('description', 1, 500); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errDes'] = $error; } try { $adid = Input::getNumber('adid', 1, 5000000); } catch (Exception $e) { $error = $e->getMessage(); } try { $categoriesArray = Input::get('categories', 1, 50); $categories = implode(', ', $categoriesArray); } catch (Exception $e) { $error = $e->getMessage(); $errorArray['errCats'] = $error; } // This portion allows for image uploads. // If the user does not upload an image, the value in the readonly input of image url is used instead. if (!isset($_FILES['image_upload'])) { $filename = Input::get('image_url'); } else { if ($_FILES['image_upload']['name'] != '') { $uploads_directory = 'img/uploads/'; $filename = $uploads_directory . basename($_FILES['image_upload']['name']); if (move_uploaded_file($_FILES['image_upload']['tmp_name'], $filename)) { // echo 'The file ' . basename($_FILES['image_upload']['name']) . ' has been uploaded.'; } else { $errorArray['errImage'] = 'Sorry, there was an error uploading your file.'; var_dump($_FILES); } } else { $filename = Input::get('image_url'); } } // If the $errorArray is not empty, this will return out of the method before binding values and executing below. The $errorArray returns with an array of strings. if (!empty($errorArray)) { return $errorArray; } $stmt = $dbc->prepare('UPDATE ads SET user_id = :user_id, method = :method, image_url = :image_url, title = :title, price = :price, location = :location, description = :description, categories = :categories WHERE id = :id'); $stmt->bindValue(':id', $adid, PDO::PARAM_INT); $stmt->bindValue(':user_id', $user->id, PDO::PARAM_STR); $stmt->bindValue(':method', $method, PDO::PARAM_STR); $stmt->bindValue(':image_url', $filename, PDO::PARAM_STR); $stmt->bindValue(':title', $title, PDO::PARAM_STR); $stmt->bindValue(':price', $price, PDO::PARAM_INT); $stmt->bindValue(':location', $location, PDO::PARAM_STR); $stmt->bindValue(':description', $description, PDO::PARAM_STR); $stmt->bindValue(':categories', $categories, PDO::PARAM_STR); $stmt->execute(); } // Sets each variable for future use in the following 'if else' logic tree. $errorArray = ['']; $formMethod = ''; $formImage = ''; $formTitle = ''; $formPrice = ''; $formLoc = ''; $formDes = ''; $formAdId = ''; $formCat = ['']; $yellow = false; // If an ad is selected for editing, then this will populate each input with the ad's data from the ads table. // If no ad is selected, such as landing on the page at first or trying to submit an empty form, the else on line 152 will display. if (isset($_POST['ad_to_edit'])) { $errorArray = ['Make your edits.']; $yellow = true; $formMethod = $adToEditObj->method; $formImage = $adToEditObj->image_url; $formTitle = $adToEditObj->title; $formPrice = $adToEditObj->price; $formLoc = $adToEditObj->location; $formDes = $adToEditObj->description; $formCat = explode(', ', $adToEditObj->categories); $formAdId = $adToEdit; } else { $errorArray = ['Please select an ad to edit.']; } // If none of these are set in the $_POST, then nothing happens. This is the outer most if. // If these are empty, then the else on line 173 is tripped. Inner if/else on lines 158 and 173. // If these have values, updateAd runs. Line 159. // If no errors are tripped then if on line 161 trips and the ad is edited. // If errors are tripped, then else on line 163 trips and the errors are displayed and the form is sticky. if (Input::has('method') && Input::has('image_url') && Input::has('title') && Input::has('price') && Input::has('location') && Input::has('description')) { if (Input::notEmpty('method') && Input::notEmpty('image_url') && Input::notEmpty('title') && Input::notEmpty('price') && Input::notEmpty('location') && Input::notEmpty('description') && Input::notEmpty('categories')) { $errorArray = updateAd($dbc, $user); if ($errorArray == []) { $errorArray = ['Ad Editted!']; } else { $formMethod = Input::get('method'); $formImage = Input::get('image_url'); $formTitle = Input::get('title'); $formPrice = Input::get('price'); $formLoc = Input::get('location'); $formDes = Input::get('description'); $formAdId = Input::get('adid'); $formCat = Input::get('categories'); } } else { $errorArray = ['Please submit values for each data field.']; $yellow = true; $formMethod = Input::get('method'); $formImage = Input::get('image_url'); $formTitle = Input::get('title'); $formPrice = Input::get('price'); $formLoc = Input::get('location'); $formDes = Input::get('description'); $formAdId = Input::get('adid'); $formCat = Input::get('categories'); } } return array('user' => $user, 'userAds' => $userAds, 'errorArray' => $errorArray, 'yellow' => $yellow, 'formMethod' => $formMethod, 'formImage' => $formImage, 'formTitle' => $formTitle, 'formPrice' => $formPrice, 'formLoc' => $formLoc, 'formDes' => $formDes, 'formAdId' => $formAdId, 'formCat' => $formCat, 'justCategoriesArrayUnique' => $justCategoriesArrayUnique, 'loginstatus' => $loginstatus); }
function insertData($dbc) { $errors = []; if (!empty($_POST)) { try { $userName = Input::getString('username'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $password = Input::getString('pwd'); $password = password_hash($password, PASSWORD_DEFAULT); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $firstName = Input::getString('firstname'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $lastName = Input::getString('lastname'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $email = Input::getString('email'); } catch (Exception $e) { $errors[] = $e->getMessage(); } try { $zipCode = Input::getNumber('zipcode'); } catch (Exception $e) { $errors[] = $e->getMessage(); } if (Input::notEmpty('username') && Input::notEmpty('pwd') && Input::notEmpty('firstname') && Input::notEmpty('lastname') && Input::notEmpty('email') && Input::notEmpty('zipcode')) { // create new instance of user class $user = new User(); $user->first_name = $firstName; $user->last_name = $lastName; $user->user_name = $userName; $user->password = $password; $user->email = $email; $user->zipcode = $zipCode; $user->save(); $_SESSION['logInMessage'] = "Thanks for signing up. Please sign in to access your profile!!!"; header("Location:index.php"); die; // $userData = 'INSERT INTO user_account (first_name, last_name, user_name, password, email, zipcode) // VALUES (:first_name, :last_name, :user_name, :password, :email, :zipcode)'; // $userStmt = $dbc->prepare($userData); // $userStmt->bindValue(':first_name', $firstName, PDO::PARAM_STR); // $userStmt->bindValue(':last_name', $lastName, PDO::PARAM_STR); // $userStmt->bindValue(':user_name', $userName, PDO::PARAM_STR); // $userStmt->bindValue(':password', password_hash($password, PASSWORD_DEFAULT), PDO::PARAM_STR); // $userStmt->bindValue(':email', $email, PDO::PARAM_STR); // $userStmt->bindValue(':zipcode', $zipCode, PDO::PARAM_INT); // try { // $userStmt->execute(); // } catch (Exception $e) { // $errors[] = $e->getMessage(); // } } } return $errors; }