// Connect to the database $conn = new DBCommunication(); $conn->beginTransaction(); // Get user, who is logged in and posting ad, id $query = "SELECT user_id FROM whwp_User WHERE user_username = :username"; $conn->prepQuery($query); $conn->bind('username', $username); $resultset = $conn->single(); $user_id = $resultset->user_id; // Insert some data to the database. $query = "INSERT INTO whwp_Advert (advert_owner, advert_price, advert_bookname, advert_date, advert_description, advert_category) " . "VALUES (:user_id, :price, :title, :date, :description, :category)"; $conn->prepQuery($query); $conn->bindArrayValue(array('user_id' => $user_id, 'price' => $price, 'title' => $title, 'date' => gmdate('Y-m-d'), 'description' => $description, 'category' => $category_id)); $conn->execute(); // Get the auto generated advert_id. $advert_id = $conn->lastInsertId(); if (isset($_POST['condition'])) { $query = "UPDATE whwp_Advert SET advert_condition=:condition WHERE advert_id = :advert_id"; $conn->prepQuery($query); $conn->bindArrayValue(array('condition' => $_POST['condition'], 'advert_id' => $advert_id)); $conn->execute(); } if (isset($_POST['author'])) { $query = "UPDATE whwp_Advert SET advert_bookauthor=:advert_author WHERE advert_id = :advert_id"; $conn->prepQuery($query); $conn->bindArrayValue(array('advert_author' => $_POST['author'], 'advert_id' => $advert_id)); $conn->execute(); } if (isset($image)) { // Insert image data into table $query = "INSERT INTO whwp_Image (image_location) " . "VALUES (:image)";
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { array_push($response_array['error_code'], 5); } if (strlen($password) < 6) { array_push($response_array['error_code'], 6); } if (strlen($password)) { if (empty($response_array['error_code'])) { $email = encrypt($email); $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Insert these values into a database. $query = "INSERT INTO whwp_User (user_username, user_email, user_password, user_ismoderator) VALUES (:username,:email, :hashed_password, 0)"; $database->prepQuery($query); $database->bindArrayValue(array('username' => $username, 'hashed_password' => $hashed_password, 'email' => $email)); $database->execute(); $user_id = $database->lastInsertId(); if ($database->rowCount() > 0) { $response_array['success'] = true; $_SESSION['user_id'] = $user_id; $_SESSION['username'] = $username; } } } } catch (PDOException $e) { array_push($response_array['error_code'], 3); $response_array['message'] = $e->getMessage(); } } else { array_push($response_array['error_code'], 4); } echo json_encode($response_array);