';
require('header.php');
do {
if (!empty($_POST['post'])) {
$patterns = array(
'title' => '/^.+$/',
'category' => '/^\d*$/',
'description' => '/^.+$/',
'pay' => '/^(\d+|\d+\.\d+|\.\d+)$/',
'time' => '/^\d{4}\-\d{2}\-\d{2}T\d{2}:\d{2}$/',
'location' => '/^.+$/',
);
foreach ($patterns as $pkey => $pattern) {
if (!preg_match($pattern, $_POST[$pkey])) {
$err = 'One or more fields have been omitted. All fields are required in order to post an ad.';
break;
}
}
$stmt = $db->prepare('INSERT INTO ads (uid, title, cat, pay, time, location, description) VALUES (?, ?, ?, ?, ?, ?, ?)') or dash_fatal($db->error);
$stmt->bind_param('isidiss', $b_user['id'], $_POST['title'], $_POST['cat'], $_POST['pay'], strtotime($_POST['time']), $_POST['location'], $_POST['description']);
$stmt->execute();
if ($stmt->affected_rows < 1) dash_fatal('Your ad was unable to be posted.');
dash_fatal('Your ad has been posted.', $b_config['base_url'].'dash/ads.php?id='.$stmt->insert_id);
}
} while (false);
$result = $db->query('SELECT id, cat_name FROM categories') or dash_fatal($db->error);
?>