threadr.lostcave.ddnss.de/threadr/board/submit.php

32 lines
955 B
PHP
Raw Normal View History

2020-03-08 14:47:32 +01:00
<?php
2020-03-08 16:57:47 +01:00
%REQUIRE_LOGIN%
2021-09-05 08:12:42 +02:00
if (isset($_GET['reply_to'])) {
$reply_to = $_GET['reply_to'];
} else {
$reply_to = -1;
}
2021-09-07 05:53:04 +02:00
echo "<section onLoad=\"window.scrollTo(0,document.body.scrollHeight)\" >";
2021-09-05 08:12:42 +02:00
if ($_POST['title']==="" || $_POST['content']==="") {
2021-09-07 05:53:04 +02:00
echo "<center><h1>Please fill out both the title field and content box.</h1></center>";
2020-03-08 16:57:47 +01:00
}
2021-09-05 08:12:42 +02:00
2021-09-05 07:30:22 +02:00
else {
$error = false;
$error_message = "";
if (!$error) {
2021-09-05 08:12:42 +02:00
$statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title, reply_to) VALUES (:bid, :uid, :content, :title, :replyto)");
$result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$_POST['content'], 'title'=>$_POST['title'], 'replyto'=>$reply_to));
2021-09-05 07:30:22 +02:00
}
if (!$result) {
$error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
}
2020-03-08 17:15:05 +01:00
2021-09-07 05:53:04 +02:00
echo "<center><h1>Post submitted.</h1></center>";
2021-09-05 07:30:22 +02:00
}
2021-09-07 05:53:04 +02:00
echo "</section>";
?>