threadr.lostcave.ddnss.de/threadr/board/index.php

73 lines
2.0 KiB
PHP
Raw Normal View History

2020-03-02 08:52:22 +01:00
<?php
session_start();
%SET_LOGIN_VARIABLE%
2020-03-02 08:52:22 +01:00
%NO_CHEAP_SESSION_STEALING%
%PLEAZE_NO_CACHE%
2020-03-08 16:07:27 +01:00
%REQUIRE_LOGIN%
2020-03-02 08:52:22 +01:00
$navbar="boards";
2020-03-06 10:27:57 +01:00
$id=$_GET['id'];
2020-03-02 08:52:22 +01:00
?>
<!DOCTYPE html>
<html>
2020-03-08 17:48:18 +01:00
<head>
<title>ThreadR - Boards</title>
%STYLESHEET%
<link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />
<?php
2020-03-08 17:50:38 +01:00
if(isset($_GET['action'])) {
if ($_GET['action']=='submit') {
2020-03-08 17:57:54 +01:00
echo "<meta http-equiv=\"refresh\" content=\"5;URL=%CONTENT_DIR%/board/?id=$id\">";
2020-03-08 17:50:38 +01:00
}
2020-03-08 17:48:18 +01:00
} else {
2020-03-08 17:57:54 +01:00
echo "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">";
2020-03-08 17:48:18 +01:00
}
?>
</head>
2020-03-08 18:15:32 +01:00
<body onLoad="window.scrollTo(0,document.body.scrollHeight)">
2020-03-08 17:48:18 +01:00
%NAVBAR%
<div class="container">
<div class="item-1">
<h1><center>
2020-03-08 03:41:05 +01:00
<?php
2020-03-08 17:48:18 +01:00
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$error = false;
$error_message = "";
if (!$error) {
$statement = $pdo->prepare("SELECT * FROM boards WHERE id=:id");
$statement->execute(array("id"=>$id));
$result = $statement->fetch();
echo $result['name'];
}
if (!$result) {
$error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
}
2020-03-08 03:41:05 +01:00
?>
2020-03-08 17:48:18 +01:00
</center></h1>
</div>
<div class="item-2">
<?php
include("./board.php");
?>
</div>
<div class="item-3">
<?php
if(isset($_GET['action'])) {
if($_GET['action']=='post') {
include("./post.php");
} elseif($_GET['action']=='submit') {
$user_id=$_SESSION[user_id];
$title=$_POST['title'];
$content=$_POST['content'];
include("./submit.php");
} elseif($_GET['action']=='edit') {
include("./edit.php");
}
} else {
include("./default.php");
}
?>
2020-03-02 08:52:22 +01:00
</div>
2020-03-08 17:48:18 +01:00
</div>
</body>
2020-03-02 08:52:22 +01:00
</html>