40 lines
911 B
PHP
40 lines
911 B
PHP
|
<?php
|
||
|
|
// /inc/php/save_email.php
|
||
|
|
session_start();
|
||
|
|
require_once($_SERVER['DOCUMENT_ROOT'] . '/inc/php/auth.php');
|
||
|
|
requireLogin(); // block guests
|
||
|
|
|
||
|
|
require_once($_SERVER['DOCUMENT_ROOT'] . '/db.php');
|
||
|
|
$conn = getConnection();
|
||
|
|
|
||
|
|
$user_id = $_SESSION['user_id'] ?? null;
|
||
|
|
if (!$user_id) {
|
||
|
|
die("Unauthorized. Please log in.");
|
||
|
|
}
|
||
|
|
|
||
|
|
// Get and sanitize inputs
|
||
|
|
$subject = trim($_POST['subject'] ?? '');
|
||
|
|
$email_body = trim($_POST['email_body'] ?? '');
|
||
|
|
|
||
|
|
if (empty($email_body)) {
|
||
|
|
die("No email content provided.");
|
||
|
|
}
|
||
|
|
|
||
|
|
$stmt = $conn->prepare("
|
||
|
|
INSERT INTO saved_emails (user_id, subject, body, created_at)
|
||
|
|
VALUES (:user_id, :subject, :body, NOW())
|
||
|
|
");
|
||
|
|
|
||
|
|
if ($stmt->execute([
|
||
|
|
':user_id' => $user_id,
|
||
|
|
':subject' => $subject,
|
||
|
|
':body' => $email_body
|
||
|
|
])) {
|
||
|
|
header("Location: /home.php?success=1");
|
||
|
|
exit;
|
||
|
|
} else {
|
||
|
|
$error = $stmt->errorInfo();
|
||
|
|
echo "Error saving email: " . $error[2];
|
||
|
|
}
|
||
|
|
|