58 lines
1.4 KiB
PHP
58 lines
1.4 KiB
PHP
<?php
|
|
|
|
use Nickyeoman\Validation;
|
|
|
|
$v = new Nickyeoman\Validation\Validate();
|
|
|
|
$url_success = '/novaconium/messages';
|
|
$url_error = '/novaconium/messages/edit/' . $post->get('id'); // Redirect back to the message edit form on error
|
|
|
|
// Check if logged in
|
|
if (empty($session->get('username'))) {
|
|
$messages->error('You are not logged in');
|
|
$redirect->url('/novaconium/login');
|
|
makeitso();
|
|
}
|
|
|
|
// Check CSRF token
|
|
if ($session->get('token') != $post->get('token')) {
|
|
$messages->error('Invalid token');
|
|
$redirect->url($url_success);
|
|
makeitso();
|
|
}
|
|
|
|
// Get POST data
|
|
$id = $post->get('id');
|
|
$name = $post->get('name');
|
|
$email = $post->get('email');
|
|
$message = $post->get('message');
|
|
$unread = !empty($post->get('unread')) ? 1 : 0;
|
|
|
|
// Validate required fields
|
|
if (empty($id) || empty($message) || empty($email)) {
|
|
$messages->error('One of the required fields was empty.');
|
|
$redirect->url($url_error);
|
|
makeitso();
|
|
}
|
|
|
|
try {
|
|
// Prepare update query
|
|
$query = "UPDATE `contactForm`
|
|
SET `name` = ?, `email` = ?, `message` = ?, `unread` = ?
|
|
WHERE `id` = ?";
|
|
|
|
$params = [$name, $email, $message, $unread, $id];
|
|
|
|
$db->query($query, $params);
|
|
|
|
$messages->notice('Message updated successfully');
|
|
|
|
} catch (Exception $e) {
|
|
$messages->error('Error updating message: ' . $e->getMessage());
|
|
$redirect->url($url_error);
|
|
makeitso();
|
|
}
|
|
|
|
// Redirect to success page
|
|
$redirect->url($url_success);
|