PHP Tutorial
In this tutorial we will create a simple twitter copycat. In step 11 we will enable our users to tweet.
Step 11
1. Let’s start by adding a form to our list.tpl. This form should only be available if the user is logged in. Before the message divs, add:
{if isset($USERNAME)}
<section id="tweet_form">
<form action="{$BASE_URL}actions/tweets/tweet.php" method="post">
<textarea name="tweet" placeholder="Say something"></textarea>
<input type="submit" value="Tweet">
</form>
</section>
{/if}
2. Let’s add some style to this form:
#tweet_form {
background-color: #E8F4FB;
padding: 5px;
}
#tweet_form form {
width: 100%;
display: flex;
}
#tweet_form textarea{
border: none;
flex-grow: 1;
margin: 1em;
padding: 1em;
}
#tweet_form input {
background-color: #1DA1F2;
color: white;
border: none;
margin: 1em;
padding: 1em;
border-radius: 1em;
}
3. The actions/tweets/tweet.php file should start by verifying if the user is logged in and the tweet has any data:
<?php
include_once('../../config/init.php');
include_once($BASE_DIR .'database/tweets.php');
if (!$_SESSION['username']) {
$_SESSION['error_messages'][] = 'Not allowed!';
header("Location: $BASE_URL");
exit;
}
if (!$_POST['tweet']) {
$_SESSION['error_messages'][] = 'You didn\'t say anything';
header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
}
$username = $_SESSION['username'];
$tweet = $_POST['tweet'];
4. We should then try to create the tweet and veryfing if any error ocurred:
try {
createTweet($username, $tweet);
} catch (PDOException $e) {
$_SESSION['error_messages'][] = 'Error creating tweet';
$_SESSION['form_values'] = $_POST;
header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
}
$_SESSION['success_messages'][] = 'Tweet sent';
header("Location: " . $_SERVER['HTTP_REFERER']);
?>
Don’t forget to sanitize the tweet:
createTweet($username, strip_tags($tweet));
5. The createTweet function, in database/tweets.php, should look like this:
function createTweet($username, $tweet) {
global $conn;
$stmt = $conn->prepare("INSERT INTO tweets
VALUES (DEFAULT, CURRENT_TIMESTAMP, ?, ?)");
$stmt->execute(array($username, $tweet));
}
You can find the complete code after step 11 here . In step 12 we will add jQuery magic to our site.