-
Notifications
You must be signed in to change notification settings - Fork 0
/
insertComment.php
65 lines (54 loc) · 1.55 KB
/
insertComment.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?php
/**********************************************************
* File: insertComment.php
* Author: James Richter, Bro. Burton
*
* Description: Allows a user to enter a comment to add to
* the DB.
*
***********************************************************/
include 'loadPicDatabase.php';
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Inserting...</title>
</head>
<body>
<?php
// get the data from the POST
$text = $_POST['txtText'];
$userID = $_SESSION['userID'];
$picID = $_SESSION['picID'];
try
{
$link = "Location: dynamic_page.php?id=" . $picID;
// Create the PDO connection
$db = loadDatabase();
// this line makes PDO give us an exception when there are problems, and can be very helpful in debugging!
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
// First Add the Comment
$query = 'INSERT INTO comment(text, userID, pictureID) VALUES(:text, :userID, :picID)';
$statement = $db->prepare($query);
$statement->bindParam(':text', $text);
$statement->bindParam(':userID', $userID);
$statement->bindParam(':picID', $picID);
$statement->execute();
// get the new id
$pictureID = $db->lastInsertId();
}
catch (Exception $ex)
{
echo "Error with DB.";
die();
}
// finally, redirect them to a page that shows the same picture.
header($link);
die(); // we always include a die after redirects. In this case, there would be no
// harm if the user got the rest of the page, because there is nothing else
// but in general, there could be things after here that we don't want them
// to see.
?>
</body>
</html>