2 changed files with 13 additions and 17 deletions
--- a/threadr/board/index.php
+++ b/threadr/board/index.php
@ -55,6 +55,9 @@ $id=$_GET['id'];
            if($_GET['action']=='post') {
              include("./post.php");
            } elseif($_GET['action']=='submit') {
+              $user_id=$_SESSION[user_id];
+              $title=$_POST['title'];
+              $content=$_POST['content'];
              include("./submit.php");
            } elseif($_GET['action']=='edit') {
              include("./edit.php");
--- a/threadr/board/submit.php
+++ b/threadr/board/submit.php
@ -1,22 +1,15 @@
 <?php
 %REQUIRE_LOGIN%

-$title=$_POST['title'];
-$content=$_POST['content'];
-if ($title==="" || $content==="") {
-  echo "<section><center><h1>Please fill out both the title field and content box.</h1></center></section>";
+$error = false;
+$error_message = "";
+if (!$error) {
+  $statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
+  $result = $statement->execute(array('bid'=>$id, 'uid'=>$user_id, 'content'=>$content, 'title'=>$title));
+}
+if (!$result) {
+    $error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
 }
-else {
-  $error = false;
-  $error_message = "";
-  if (!$error) {
-    $statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
-    $result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$content, 'title'=>$title));
-  }
-  if (!$result) {
-      $error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
-  }

-  echo "<section><center><h1>Post submitted.</h1></center></section>";
-}
-?>
+echo "<section><center><h1>Submitting your post...</h1></center></section>";
+?>