2020-03-08 14:47:32 +01:00
|
|
|
<?php
|
2020-03-08 16:57:47 +01:00
|
|
|
%REQUIRE_LOGIN%
|
|
|
|
|
|
2021-09-05 07:30:22 +02:00
|
|
|
$title=$_POST['title'];
|
|
|
|
|
$content=$_POST['content'];
|
|
|
|
|
if ($title==="" || $content==="") {
|
2021-09-05 07:33:49 +02:00
|
|
|
echo "<section><center><h1>Please fill out both the title field and content box.</h1></center></section>";
|
2020-03-08 16:57:47 +01:00
|
|
|
}
|
2021-09-05 07:30:22 +02:00
|
|
|
else {
|
|
|
|
|
$error = false;
|
|
|
|
|
$error_message = "";
|
|
|
|
|
if (!$error) {
|
|
|
|
|
$statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
|
|
|
|
|
$result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$content, 'title'=>$title));
|
|
|
|
|
}
|
|
|
|
|
if (!$result) {
|
|
|
|
|
$error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
|
|
|
|
|
}
|
2020-03-08 17:15:05 +01:00
|
|
|
|
2021-09-05 07:30:22 +02:00
|
|
|
echo "<section><center><h1>Post submitted.</h1></center></section>";
|
|
|
|
|
}
|
2021-09-05 07:24:26 +02:00
|
|
|
?>
|
