prevent posting empty posts

threadr/board/index.php

@@ -55,9 +55,6 @@ $id=$_GET['id'];
             if($_GET['action']=='post') {
               include("./post.php");
             } elseif($_GET['action']=='submit') {
-              $user_id=$_SESSION[user_id];
-              $title=$_POST['title'];
-              $content=$_POST['content'];
               include("./submit.php");
             } elseif($_GET['action']=='edit') {
               include("./edit.php");

threadr/board/submit.php

@@ -1,15 +1,21 @@
 <?php
 %REQUIRE_LOGIN%
 
+$title=$_POST['title'];
+$content=$_POST['content'];
+if ($title==="" || $content==="") {
+}
+else {
   $error = false;
   $error_message = "";
   if (!$error) {
     $statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
-  $result = $statement->execute(array('bid'=>$id, 'uid'=>$user_id, 'content'=>$content, 'title'=>$title));
+    $result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$content, 'title'=>$title));
   }
   if (!$result) {
       $error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
   }
 
   echo "<section><center><h1>Post submitted.</h1></center></section>";
+}
 ?>