public function create() { if (!$this->auth->check()) { $this->app->flash("info", "You must be logged on to create a post"); $this->app->redirect("/login"); } else { if ($_POST['csrf_token'] !== $_SESSION['csrf_token']) { $this->app->flash("info", "Something went wrong. Please reload the page and try again."); $this->app->redirect("/posts/new"); } $request = $this->app->request; $title = $request->post('title'); $content = $request->post('content'); $author = $_SESSION['user']; $date = date("dmY"); $validation = new PostValidation($author, $title, $content); if ($validation->isGoodToGo()) { $currentUser = $this->auth->user(); if ($this->userRepository->getIsPaying($author) == 1) { //Pay $3 for doctorvisibility $this->userRepository->saveSpendings($currentUser, 3); } $post = new Post(); $post->setAuthor($author); $post->setTitle($title); $post->setContent($content); $post->setDate($date); $post->setDoctor(0); $savedPost = $this->postRepository->save($post); $this->app->redirect('/posts/' . $savedPost . '?msg=Post successfully posted'); } else { $this->app->flashNow('error', join('<br>', $validation->getValidationErrors())); $this->app->render('createpost.twig'); } } }