From d4122f116c937e0ec509d8cefe540146ec27a0cd Mon Sep 17 00:00:00 2001
From: "David T. Sadler" <davidtsadler@googlemail.com>
Date: Wed, 20 Oct 2021 20:59:55 +0100
Subject: Validate fields

---
 public/store/index.php | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

(limited to 'public/store/index.php')

diff --git a/public/store/index.php b/public/store/index.php
index 45765d5..5279e69 100644
--- a/public/store/index.php
+++ b/public/store/index.php
@@ -5,6 +5,8 @@ declare(strict_types=1);
 use DTS\Bookmark;
 use DTS\BookmarkRepository;
 use DTS\Session;
+use DTS\Validator;
+
 use function DTS\Functions\redirectAndExit;
 use function DTS\Functions\respondAndExit;
 
@@ -18,14 +20,24 @@ if (filter_input(INPUT_SERVER, 'REQUEST_METHOD') !== 'POST') {
     respondAndExit(405, 'Method Not Allowed');
 }
 
+$validator = new Validator($_REQUEST);
+
+if ($validator->errors->count()) {
+    $session->set('errors', $validator->errors);
+
+    redirectAndExit('/create');
+}
+
+$validated = $validator->validated;
+
 $bookmarks = new BookmarkRepository($config['path_to_repository']);
 
 $bookmark = new Bookmark();
 
 $bookmark->id = bin2hex(random_bytes(32));
-$bookmark->url = $_POST['url'];
-$bookmark->title = $_POST['title'];
-$bookmark->tag = $_POST['tag'];
+$bookmark->url = $validated->url;
+$bookmark->title = $validated->title;
+$bookmark->tag = $validated->tag;
 $bookmark->addedAt = date('Y-m-d H:i:s');
 $bookmark->unread = true;
 
-- 
cgit v1.2.3-13-gbd6f