39 lines
1.4 KiB
PHP
39 lines
1.4 KiB
PHP
<?php
|
|
// add_lead.php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
// Basic server-side validation
|
|
$lead_name = trim($_POST['lead_name'] ?? '');
|
|
$status = trim($_POST['status'] ?? '');
|
|
$category = trim($_POST['category'] ?? '');
|
|
$contact_email = trim($_POST['contact_email'] ?? '');
|
|
$owner = trim($_POST['owner'] ?? '');
|
|
|
|
if (empty($lead_name) || empty($status) || empty($category) || !filter_var($contact_email, FILTER_VALIDATE_EMAIL) || empty($owner)) {
|
|
$_SESSION['message'] = ['type' => 'danger', 'text' => 'Invalid input. Please fill all fields correctly.'];
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
|
|
$pdo = db();
|
|
if ($pdo) {
|
|
try {
|
|
$stmt = $pdo->prepare(
|
|
"INSERT INTO leads (lead_name, status, category, contact_email, owner) VALUES (?, ?, ?, ?, ?)"
|
|
);
|
|
$stmt->execute([$lead_name, $status, $category, $contact_email, $owner]);
|
|
$_SESSION['message'] = ['type' => 'success', 'text' => 'Lead added successfully!'];
|
|
} catch (PDOException $e) {
|
|
error_log('Add Lead Error: ' . $e->getMessage());
|
|
$_SESSION['message'] = ['type' => 'danger', 'text' => 'A database error occurred.'];
|
|
}
|
|
} else {
|
|
$_SESSION['message'] = ['type' => 'danger', 'text' => 'Could not connect to the database.'];
|
|
}
|
|
}
|
|
|
|
header('Location: index.php');
|
|
exit;
|
|
?>
|