Compare commits

..

No commits in common. "905b74a5a3b1b05d67051538a0754fd4dbb3fa70" and "99790ecb212d189cc737d40ddb1f2f377b5e2f95" have entirely different histories.

2 changed files with 6 additions and 15 deletions

View File

@ -1,8 +1,4 @@
<?php
%REQUIRE_LOGIN%
if (isset($_GET['reply_to']) {
echo "<section><form action='%CONTENT_DIR%/board/?id=$id&action=submit&reply_to=$_GET['reply_to']' method='post'><input type='text' name='title' maxlength='128' placeholder='Title'/><textarea name='content' maxlength='65535' placeholder='You can contribute to the conversation here. Tell us your story in up to 65535 characters...' rows='3'></textarea><input type='submit' value='Post'></form></section>"
} else {
echo "<section><form action='%CONTENT_DIR%/board/?id=$id&action=submit' method='post'><input type='text' name='title' maxlength='128' placeholder='Title'/><textarea name='content' maxlength='65535' placeholder='You can contribute to the conversation here. Tell us your story in up to 65535 characters...' rows='3'></textarea><input type='submit' value='Post'></form></section>"
}
echo "<section><form action='%CONTENT_DIR%/board/?id=$id&action=submit' method='post'><input type='text' name='title' maxlength='128' placeholder='Title'/><textarea name='content' maxlength='65535' placeholder='You can contribute to the conversation here. Tell us your story in up to 65535 characters...' rows='3'></textarea><input type='submit' value='Post'></form></section>"
?>

View File

@ -1,22 +1,17 @@
<?php
%REQUIRE_LOGIN%
if (isset($_GET['reply_to'])) {
$reply_to = $_GET['reply_to'];
} else {
$reply_to = -1;
}
if ($_POST['title']==="" || $_POST['content']==="") {
$title=$_POST['title'];
$content=$_POST['content'];
if ($title==="" || $content==="") {
echo "<section><center><h1>Please fill out both the title field and content box.</h1></center></section>";
}
else {
$error = false;
$error_message = "";
if (!$error) {
$statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title, reply_to) VALUES (:bid, :uid, :content, :title, :replyto)");
$result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$_POST['content'], 'title'=>$_POST['title'], 'replyto'=>$reply_to));
$statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
$result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$content, 'title'=>$title));
}
if (!$result) {
$error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";