Part on Escaping Chars finished

controllers/note-create.php

@@ -1,6 +1,11 @@
 <?php
 $heading = 'Create Note';
+$username = 'appUser';
+$password = 'password';
+$config = require('config.php');
+$db = new Database($config['database'], $username, $password);
+
 if($_SERVER['REQUEST_METHOD'] === 'POST'){
-    dd($_POST);
+    $db->query("INSERT INTO notes (body, user_id) VALUES (:body, :user_id)", ['body' => $_POST['body'], 'user_id' => 1]);
 }
 require 'views/note-create.view.php';

views/note.view.php

@@ -6,7 +6,7 @@
       <p class="mb-6">
         <a href="/notes" class="text-blue-500 hover:underline">go back</a>
       </p>
-      <p><?= $note['body'] ?></p>
+      <p><?= htmlspecialchars($note['body']) ?></p>
     </div>
   </main>
 <?php require ('partials/footer.php') ?>

views/notes.view.php

@@ -7,7 +7,7 @@
       <?php foreach ($notes as $note) : ?>
         <li>
           <a href="/note?id=<?= $note['id'] ?>" class="text-blue-500 hover:underline">
-            <?= $note['body'] ?>
+            <?= htmlspecialchars($note['body']) ?>
           </a>
         </li>
       <?php endforeach; ?>