threadr.lostcave.ddnss.de/threadr/board/index.php

<?php
session_start();
%SET_LOGIN_VARIABLE%
%NO_CHEAP_SESSION_STEALING%
%PLEAZE_NO_CACHE%
$navbar="boards";
$id=$_GET['id'];
?>
<!DOCTYPE html>
<html>
  <head>
    <title>ThreadR - Boards</title>
    %STYLESHEET%
    <link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />
    <?php
    if(isset($_GET['action'])) {
      if ($_GET['action']=='submit') {
        echo "<meta http-equiv=\"refresh\" content=\"5;URL=%CONTENT_DIR%/board/?id=$id\">";
      } 
    } else {
      echo "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">";
    }
    ?>
  </head>
  <body onLoad="window.scrollTo(0,document.body.scrollHeight)">
    %NAVBAR%
    <div class="container">
      <div class="item-1">
        <h1><center>
          <?php
          $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
          $error = false;
          $error_message = "";
          if (!$error) {
            $statement = $pdo->prepare("SELECT * FROM boards WHERE id=:id");
            $statement->execute(array("id"=>$id));
            $result = $statement->fetch();
            echo $result['name'];
          }
          if (!$result) {
            $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
          }
          ?>
          </center></h1>
      </div>
      <div class="item-2">
        <?php
        include("./board.php");
        ?>
      </div>
      <div class="item-3">
        <?php
        if($login) {
          if(isset($_GET['action'])) {
            if($_GET['action']=='post') {
              include("./post.php");
            } elseif($_GET['action']=='submit') {
              include("./submit.php");
            } elseif($_GET['action']=='edit') {
              include("./edit.php");
            }
          } else {
            include("./default.php");
          }
        } else {
          echo "<div class='margin'><a href='%CONTENT_DIR%/login/'><button> Log in to post something </button></a></div>";
        }
        ?>
      </div>
    </div>
    %BANNER_COOKIES%
  </body>
</html>
added thread.php 2020-03-02 08:52:22 +01:00			`<?php`
			`session_start();`
moved to new login/logout enforcement system 2020-03-07 21:40:38 +01:00			`%SET_LOGIN_VARIABLE%`
added thread.php 2020-03-02 08:52:22 +01:00			`%NO_CHEAP_SESSION_STEALING%`
pls do no cache dis (Answer to my previous commit: Cause I was late and nobody was there.) 2020-03-02 14:26:25 +01:00			`%PLEAZE_NO_CACHE%`
added thread.php 2020-03-02 08:52:22 +01:00			`$navbar="boards";`
added button for posting 2020-03-06 10:27:57 +01:00			`$id=$_GET['id'];`
added thread.php 2020-03-02 08:52:22 +01:00			`?>`
			`<!DOCTYPE html>`
			`<html>`
redirect after submit 2020-03-08 17:48:18 +01:00			`<head>`
			`<title>ThreadR - Boards</title>`
			`%STYLESHEET%`
			`<link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />`
			`<?php`
fix 2020-03-08 17:50:38 +01:00			`if(isset($_GET['action'])) {`
			`if ($_GET['action']=='submit') {`
; 2020-03-08 17:57:54 +01:00			`echo "<meta http-equiv=\"refresh\" content=\"5;URL=%CONTENT_DIR%/board/?id=$id\">";`
fix 2020-03-08 17:50:38 +01:00			`}`
redirect after submit 2020-03-08 17:48:18 +01:00			`} else {`
; 2020-03-08 17:57:54 +01:00			`echo "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">";`
redirect after submit 2020-03-08 17:48:18 +01:00			`}`
			`?>`
			`</head>`
trying to scroll down on load 2020-03-08 18:15:32 +01:00			`<body onLoad="window.scrollTo(0,document.body.scrollHeight)">`
redirect after submit 2020-03-08 17:48:18 +01:00			`%NAVBAR%`
			`<div class="container">`
			`<div class="item-1">`
			`<h1><center>`
„threadr/board/index.php“ ändern 2020-03-08 03:41:05 +01:00			`<?php`
un-hard-coded db name and server 2021-09-02 17:01:28 +02:00			`$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');`
redirect after submit 2020-03-08 17:48:18 +01:00			`$error = false;`
			`$error_message = "";`
			`if (!$error) {`
			`$statement = $pdo->prepare("SELECT * FROM boards WHERE id=:id");`
			`$statement->execute(array("id"=>$id));`
			`$result = $statement->fetch();`
			`echo $result['name'];`
			`}`
			`if (!$result) {`
			`$error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];`
			`}`
„threadr/board/index.php“ ändern 2020-03-08 03:41:05 +01:00			`?>`
redirect after submit 2020-03-08 17:48:18 +01:00			`</center></h1>`
			`</div>`
			`<div class="item-2">`
			`<?php`
			`include("./board.php");`
			`?>`
			`</div>`
			`<div class="item-3">`
			`<?php`
board is visible to public, posting is only possible when logged in 2020-03-08 18:19:37 +01:00			`if($login) {`
			`if(isset($_GET['action'])) {`
			`if($_GET['action']=='post') {`
			`include("./post.php");`
			`} elseif($_GET['action']=='submit') {`
			`include("./submit.php");`
			`} elseif($_GET['action']=='edit') {`
			`include("./edit.php");`
			`}`
			`} else {`
			`include("./default.php");`
redirect after submit 2020-03-08 17:48:18 +01:00			`}`
syntax 2020-03-08 18:26:12 +01:00			`} else {`
added login button if not logged in 2020-03-08 18:24:48 +01:00			`echo "<div class='margin'><a href='%CONTENT_DIR%/login/'><button> Log in to post something </button></a></div>";`
redirect after submit 2020-03-08 17:48:18 +01:00			`}`
			`?>`
added thread.php 2020-03-02 08:52:22 +01:00			`</div>`
redirect after submit 2020-03-08 17:48:18 +01:00			`</div>`
%BANNER_COOKIES% 2020-03-09 12:22:30 +01:00			`%BANNER_COOKIES%`
redirect after submit 2020-03-08 17:48:18 +01:00			`</body>`
added thread.php 2020-03-02 08:52:22 +01:00			`</html>`